www.secureworks.com Open in urlscan Pro
162.159.140.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Submission: On June 11 via manual (June 11th 2024, 9:22:43 pm UTC) from CA — Scanned from CA

Summary HTTP 148 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 48 IPs in 2 countries across 36 domains to perform 148 HTTP transactions. The main IP is 162.159.140.25, located in and belongs to CLOUDFLARENET, US. The main domain is www.secureworks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2023. Valid for: a year.

This is the only time www.secureworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	162.159.140.25 162.159.140.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.222.94 172.217.222.94	15169 (GOOGLE) (GOOGLE)
1	99.84.108.117 99.84.108.117	16509 (AMAZON-02) (AMAZON-02)
3	104.105.36.121 104.105.36.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4	209.85.144.97 209.85.144.97	15169 (GOOGLE) (GOOGLE)
11	104.19.177.52 104.19.177.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.32.137 104.18.32.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	23.205.106.73 23.205.106.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	104.19.147.8 104.19.147.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	172.64.151.60 172.64.151.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.18.33 18.160.18.33	16509 (AMAZON-02) (AMAZON-02)
1	23.218.218.155 23.218.218.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	152.199.2.76 152.199.2.76	15133 (EDGECAST) (EDGECAST)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
3	23.50.125.47 23.50.125.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.160.10.26 18.160.10.26	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
3	173.194.204.154 173.194.204.154	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	209.85.232.138 209.85.232.138	15169 (GOOGLE) (GOOGLE)
1	209.85.201.156 209.85.201.156	15169 (GOOGLE) (GOOGLE)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	18.67.60.119 18.67.60.119	16509 (AMAZON-02) (AMAZON-02)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.160.18.4 18.160.18.4	16509 (AMAZON-02) (AMAZON-02)
1	23.212.249.132 23.212.249.132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.217.222.105 172.217.222.105	15169 (GOOGLE) (GOOGLE)
1	35.244.142.80 35.244.142.80	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.160.10.40 18.160.10.40	16509 (AMAZON-02) (AMAZON-02)
6	192.28.155.3 192.28.155.3	15224 (OMNITURE) (OMNITURE)
1	3.162.103.73 3.162.103.73	16509 (AMAZON-02) (AMAZON-02)
1	18.67.65.42 18.67.65.42	16509 (AMAZON-02) (AMAZON-02)
1 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	23.62.169.133 23.62.169.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
1	3.132.177.74 3.132.177.74	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1	99.84.191.65 99.84.191.65	16509 (AMAZON-02) (AMAZON-02)
1	13.249.39.126 13.249.39.126	16509 (AMAZON-02) (AMAZON-02)
4	104.105.40.89 104.105.40.89	16625 (AKAMAI-AS) (AKAMAI-AS)
148	48

28 162.159.140.25 (None, )

ASN13335 (CLOUDFLARENET, US)

www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.108.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-117.iad79.r.cloudfront.net

dam.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.105.36.121 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-36-121.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

725-smc-563.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.85.144.97 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.177.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.32.137 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.205.106.73 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-73.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.60 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-33.iad12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.218.155 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-155.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.2.76 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.50.125.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-47.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.76 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-26.iad12.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.204.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f138.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.60.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-60-119.iad89.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.18.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-4.iad12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.249.132 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-249-132.deploy.static.akamaitechnologies.com

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-40.iad12.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.28.155.3 (United States)

ASN15224 (OMNITURE, US)

abrtp2-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abrtp2.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.103.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-73.iad61.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.65.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-42.iad89.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.62.169.133 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-169-133.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.132.177.74 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-177-74.us-east-2.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-65.iad89.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-126.iad89.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.105.40.89 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-40-89.deploy.static.akamaitechnologies.com

rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	secureworks.com www.secureworks.com pages.secureworks.com dam.secureworks.com	1 MB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5930 c.6sc.co — Cisco Umbrella Rank: 8413 ipv6.6sc.co — Cisco Umbrella Rank: 6075 b.6sc.co — Cisco Umbrella Rank: 3843	22 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	176 KB
10	marketo.com abrtp2-cdn.marketo.com — Cisco Umbrella Rank: 71465 rtp-static.marketo.com — Cisco Umbrella Rank: 23193 abrtp2.marketo.com — Cisco Umbrella Rank: 68956	322 KB
9	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 3003 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 6741 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6587 tracking.crazyegg.com — Cisco Umbrella Rank: 5463	95 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558	3 KB
5	teads.tv p.teads.tv — Cisco Umbrella Rank: 6044 cm.teads.tv — Cisco Umbrella Rank: 5110 t.teads.tv — Cisco Umbrella Rank: 3351	8 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 171 www.google.com — Cisco Umbrella Rank: 5	449 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 stats.g.doubleclick.net — Cisco Umbrella Rank: 132	5 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8814	26 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	383 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1561 segments.company-target.com — Cisco Umbrella Rank: 1794 api.company-target.com — Cisco Umbrella Rank: 4480	862 B
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1419 insight.adsrvr.org — Cisco Umbrella Rank: 1061 match.adsrvr.org — Cisco Umbrella Rank: 415	6 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 522	3 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 7352	62 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 30012 ibc-flow.techtarget.com — Cisco Umbrella Rank: 26488	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	14 KB
3	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 4509	6 KB
3	gstatic.com fonts.gstatic.com	46 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 892	772 B
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10109	716 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 4401	122 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2067 alb.reddit.com — Cisco Umbrella Rank: 1388	761 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1179	13 KB
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 6161	22 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 4251	18 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 15566	181 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 938	392 B
1	t.co t.co — Cisco Umbrella Rank: 711	375 B
1	ml-api.io attr.ml-api.io — Cisco Umbrella Rank: 19193	281 B
1	ml-attr.com 1 redirects s.ml-attr.com — Cisco Umbrella Rank: 17070	284 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 881	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	306 B
1	mktoresp.com 725-smc-563.mktoresp.com	318 B
0	google.ca Failed www.google.ca Failed
148	36

	Domain	Requested by
28	www.secureworks.com	www.secureworks.com www.googletagmanager.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
8	b.6sc.co
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
6	pages.secureworks.com	www.secureworks.com pages.secureworks.com
5	abrtp2.marketo.com	abrtp2-cdn.marketo.com cdn.bizible.com
5	px.ads.linkedin.com	2 redirects snap.licdn.com cdn.bizible.com
4	rtp-static.marketo.com	abrtp2-cdn.marketo.com
4	cdn.bizible.com	www.googletagmanager.com cdn.bizible.com
4	www.googletagmanager.com	www.secureworks.com www.googletagmanager.com
3	www.google.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	secure.adnxs.com	2 redirects cdn.bizible.com
3	js.driftt.com	www.secureworks.com js.driftt.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	munchkin.marketo.net	www.secureworks.com munchkin.marketo.net
3	fonts.gstatic.com	www.secureworks.com
2	id.rlcdn.com	2 redirects
2	epsilon.6sense.com	cdn.bizible.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	t.teads.tv	p.teads.tv
2	cm.teads.tv	p.teads.tv
2	ibc-flow.techtarget.com	trk.techtarget.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
1	api.company-target.com	cdn.bizible.com
1	segments.company-target.com
1	s.company-target.com	tag.demandbase.com
1	tracking.crazyegg.com	script.crazyegg.com
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	abrtp2-cdn.marketo.com	www.secureworks.com
1	tag.demandbase.com	www.secureworks.com
1	cdn.pdst.fm	www.secureworks.com
1	ipv6.6sc.co	cdn.bizible.com
1	c.6sc.co	cdn.bizible.com
1	cdn.bizibly.com
1	www.linkedin.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	analytics.twitter.com
1	t.co
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	alb.reddit.com
1	pixel-config.reddit.com	www.redditstatic.com
1	attr.ml-api.io
1	s.ml-attr.com	1 redirects
1	p.teads.tv	www.googletagmanager.com
1	static.ads-twitter.com	www.secureworks.com
1	snap.licdn.com	www.secureworks.com
1	trk.techtarget.com	www.secureworks.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	725-smc-563.mktoresp.com	munchkin.marketo.net
1	dam.secureworks.com	www.secureworks.com
0	www.google.ca Failed
148	57

This site contains links to these domains. Also see Links.

Domain
github.com
researchcenter.paloaltonetworks.com
www.clearskysec.com
www.cylance.com
support.office.com
www.dni.gov
policies.google.com
www.linkedin.com
twitter.com
www.facebook.com
investors.secureworks.com
portal.secureworks.com
pages.secureworks.com
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-11` - `2024-08-09`	a year	crt.sh
pages.secureworks.com Cloudflare Inc ECC CA-3	`2023-09-09` - `2024-09-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
secureworks.bynder.com Amazon RSA 2048 M02	`2024-01-23` - `2025-02-20`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
trk.techtarget.com GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
cdn.pdst.fm WR3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.marketo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-08-27`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
misc.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-04-23` - `2025-05-22`	a year	crt.sh
*.company-target.com R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Frame ID: 625761563AC5931EF40DE1449F13BD1F
Requests: 135 HTTP requests in this frame

Frame: https://pages.secureworks.com/index.php/form/XDFrame
Frame ID: 92836F6396736DCAFC9B4133E0D1F934
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=0329d581-9f3f-49be-8f6a-15e62e9960ba&sessionStarted=1718140956.323&campaignRefreshToken=f393f8e1-175c-456c-950a-0c785eb92f53&hideController=false&pageLoadStartTime=1718140954886&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
Frame ID: 678E599BE2661948EB59F4C95C7F7DFC
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718140954886
Frame ID: E6C85592BF860EA9F19FCA76BA0A62A8
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0097/6279/sampling/www.secureworks.com.json?t=477261
Frame ID: 2212BF712B9E343D76EBA4BF7EEF4D3B
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
Frame ID: 9A72688611641DAED401BAB53E4A0A36
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 4CEE6553410D68BE94BB5A1ECFD086AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iranian PupyRAT Bites Middle Eastern Organizations | Secureworks

Detected technologies

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

148
Requests

93 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

48
IPs

2
Countries

2471 kB
Transfer

7153 kB
Size

66
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/n1nj4sec/pupy
Title: PupyRAT

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2016/05/the-oilrig-campaign-attacks-on-saudi-arabian-organizations-deliver-helminth-backdoor/
Title: financial

Search URL Search Domain Scan URL

URL: http://www.clearskysec.com/oilrig/
Title: technology

Search URL Search Domain Scan URL

URL: https://www.cylance.com/operation-cleaver-cylance
Title: job-themed lures

Search URL Search Domain Scan URL

URL: https://support.office.com/en-us/article/Enable-or-disable-macros-in-Office-documents-7B4FDD2E-174F-47E2-9611-9EFE4F860B12
Title: disable macros

Search URL Search Domain Scan URL

URL: http://www.dni.gov/files/documents/Newsroom/Press%20Releases/2007%20Press%20Releases/20071203_release.pdf
Title: published

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/secureworks

Search URL Search Domain Scan URL

URL: https://twitter.com/secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secureworks

Search URL Search Domain Scan URL

URL: https://github.com/secureworks

Search URL Search Domain Scan URL

URL: https://investors.secureworks.com/overview/default.aspx
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://portal.secureworks.com/portal/loginIDP
Title: Login

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/UnsubscribePage.html?mkt_unsubscribe=1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=www.secureworks.com&pId=181334244840384264

Request Chain 86

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1718140956290%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%252Fblog%252Firanian-pupyrat-bites-middle-eastern-organizations%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSync=true

Request Chain 115

https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0

Request Chain 125

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCJ2Ao7MGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12971MzLR200gXs690opUF6whOmKuoB4D_BhATo05KsUERE

148 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request iranian-pupyrat-bites-middle-eastern-organizations Show response
www.secureworks.com/blog/ 501 KB
87 KB 788ms
743ms Document
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3093e33793c47765367d205c29aae6b87fa7f33b66c285fa1f155ef864faf5dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-MjE0MGE5ZGMtNmQzNC00YzZjLThhZWEtMzg4MzgzMzRlMTNi' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com .gartner.com .gtnr.io .marketo.com https://play.vidyard.com .youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com .secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8924a8434df2ac94-YYZ
content-encoding: gzip
content-security-policy: script-src 'self' *.secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-MjE0MGE5ZGMtNmQzNC00YzZjLThhZWEtMzg4MzgzMzRlMTNi' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com *.gartner.com *.gtnr.io *.marketo.com https://play.vidyard.com *.youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com *.vidyard.com cdn.jsdelivr.net cm.teads.tv https://*.teads.tv https://*.jsdelivr.net https://*.vimeo.com https://*.vimeocdn.com *.vumbnail.com vumbnail.com content.secureworks.com *.secureworks.com id.rlcdn.com *.googletagmanager.com cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com *.google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com *.secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com *.secureworks.com; worker-src 'self' blob: data:;
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:22:34 GMT
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-forwarded-for: 149.88.98.152, 172.69.130.149:16926,::ffff:10.241.0.5
x-frame-options: DENY
x-mss-script-nonce: MjE0MGE5ZGMtNmQzNC00YzZjLThhZWEtMzg4MzgzMzRlMTNi
x-sc-rewrite: /_site_swxp-rendering/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-test-worker: true
x-xss-protection: 1; mode=block

GET
H2 200 initMunchkin.js Show response
www.secureworks.com/assets/js/ 565 B
747 B 125ms
124ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/initMunchkin.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-forwarded-for: 149.88.98.152, 172.69.214.175:11850,::ffff:10.241.0.4
x-mss-script-nonce: ZThlNTFjMGQtNGNiMC00OWIwLWI1MzMtNWFjYzhlMjFhMjIw
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"235-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a847fad3ac94-YYZ
expires: Wed, 12 Jun 2024 01:22:34 GMT

GET
H2 200 forms2.min.js Show response
pages.secureworks.com/js/forms2/js/ 199 KB
67 KB 80ms
39ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/js/forms2.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 5925
etag: "12a0c18-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8924a8483c48ac72-YYZ
expires: Wed, 12 Jun 2024 01:22:34 GMT

GET
H2 200 reCaptchaClientSidev1-1-3.js Show response
www.secureworks.com/assets/js/ 3 KB
1 KB 127ms
122ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/reCaptchaClientSidev1-1-3.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.98.152, 172.69.130.45:18012,::ffff:10.241.0.4
x-mss-script-nonce: NDVmYmIyNDAtMWM4My00ZDQ2LWEzNzYtOThlZTZkM2UwMDUw
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"b7d-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a8481af3ac94-YYZ
expires: Wed, 12 Jun 2024 01:22:34 GMT

GET
H2 200 marketo-form-custom.js Show response
www.secureworks.com/assets/js/ 22 KB
5 KB 298ms
294ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/marketo-form-custom.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19265c09939675d4a3511ba7fbc7f2a3d59ca6a1ff253645e221270868ae73d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.98.152, 172.69.130.31:26132,::ffff:10.241.0.5
x-mss-script-nonce: Mzg0ZDVhODEtYWI2YS00MDhiLThlNzUtNjYwNjlhMDZhYzRi
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"58dc-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a8481af4ac94-YYZ
expires: Wed, 12 Jun 2024 01:22:35 GMT

GET
H2 200 webpack-9395620247e36af4.js Show response
www.secureworks.com/_next/static/chunks/ 4 KB
2 KB 40ms
36ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/webpack-9395620247e36af4.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 02:34:28 GMT
server: cloudflare
age: 3809103
etag: W/"fd1-18eac1b842e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481af6ac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 framework-0365125e11538b64.js Show response
www.secureworks.com/_next/static/chunks/ 206 KB
65 KB 52ms
48ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/framework-0365125e11538b64.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 01:54:07 GMT
server: cloudflare
age: 3825866
etag: W/"3373d-18eabf695d7"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481af7ac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 main-2679873e9bfb727f.js Show response
www.secureworks.com/_next/static/chunks/ 146 KB
40 KB 47ms
44ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 02:34:28 GMT
server: cloudflare
age: 3857883
etag: W/"246b8-18eac1b842e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481af8ac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 _app-83d0942c2f4e9a8f.js Show response
www.secureworks.com/_next/static/chunks/pages/ 94 KB
28 KB 92ms
89ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/pages/_app-83d0942c2f4e9a8f.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d57401850d7f4db0efa67f17e4ccb839ba545f3c377c078a03e9c12b943318

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:50:19 GMT
server: cloudflare
age: 1638299
etag: W/"17854-18fa76efb9f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481af9ac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 358-2b80955b03b485cb.js Show response
www.secureworks.com/_next/static/chunks/ 13 KB
5 KB 41ms
38ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/358-2b80955b03b485cb.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b76291b70139d9c203708f0afdbab2d98c39a24e6152e9cb99837e714df8845

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 02:35:07 GMT
server: cloudflare
age: 3825867
etag: W/"35e6-18eac1c1ebe"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481afaac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 609-4c71be8046992d46.js Show response
www.secureworks.com/_next/static/chunks/ 826 KB
240 KB 56ms
53ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/609-4c71be8046992d46.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f511c11798733b533de36c1a0ee8c04033a68f7eb2f11730f5bd528391ed4b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:50:08 GMT
server: cloudflare
age: 1638299
etag: W/"ce6f8-18fa76ecfcc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481afbac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 121-5c9b198d678a7a9d.js Show response
www.secureworks.com/_next/static/chunks/ 23 KB
9 KB 70ms
68ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/121-5c9b198d678a7a9d.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:51:46 GMT
server: cloudflare
age: 1638299
etag: W/"5b1a-18fa77050cf"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481afcac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 %5B%5B...path%5D%5D-3943b2d689311f58.js Show response
www.secureworks.com/_next/static/chunks/pages/ 499 KB
108 KB 64ms
62ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/pages/%5B%5B...path%5D%5D-3943b2d689311f58.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0273094766fde820e821a416732ccc2f6ffe5d046fb4028b6d00f9dec3af92d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:50:08 GMT
server: cloudflare
age: 1638299
etag: W/"7cdaf-18fa76ecfcc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8481afdac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 _buildManifest.js Show response
www.secureworks.com/_next/static/vQCGRQCG3NIM0tiRfE5Bf/ 1 KB
581 B 92ms
90ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/vQCGRQCG3NIM0tiRfE5Bf/_buildManifest.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f4e5c3ed95b7f90a4c8c465a34c82dd9068e6887e8e2e4aa67c024bb73c9e56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 May 2024 00:16:40 GMT
server: cloudflare
age: 744626
etag: W/"41b-18fa7f4f835"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8482b12ac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 _ssgManifest.js Show response
www.secureworks.com/_next/static/vQCGRQCG3NIM0tiRfE5Bf/ 77 B
157 B 101ms
99ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/vQCGRQCG3NIM0tiRfE5Bf/_ssgManifest.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 May 2024 00:16:40 GMT
server: cloudflare
age: 744703
etag: W/"4d-18fa7f4f835"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a8482b13ac94-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:22:34 GMT

GET
H2 200 blog-pupyrat_img1.jpg
www.secureworks.com/-/media/images/insights/blog/pupyrat/ 123 KB
123 KB 87ms
87ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/images/insights/blog/pupyrat/blog-pupyrat_img1.jpg
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c728ef0a0548ee709c3cc0c7d06665596a35176c42067c85c892b24415cc1c4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 15:56:43 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
age: 171
etag: 5d2fbb8443d04da28bcad18301788055
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="blog-PupyRAT_img1.jpg"
accept-ranges: bytes
cf-ray: 8924a8482b14ac94-YYZ
content-length: 125469
expires: Tue, 18 Jun 2024 21:22:34 GMT

GET
H2 200 blog-pupyrat_img2.jpg
www.secureworks.com/-/media/images/insights/blog/pupyrat/ 80 KB
80 KB 66ms
66ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/images/insights/blog/pupyrat/blog-pupyrat_img2.jpg
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca050b8f34554c0a517f6270316c5ab6a2682491b4cf8f4150cd8c466ab0e437

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 15:56:44 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
age: 171
etag: 552ca8cf70974132bf2faf8d304d7cac
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="blog-PupyRAT_img2.jpg"
accept-ranges: bytes
cf-ray: 8924a8482b15ac94-YYZ
content-length: 82031
expires: Tue, 18 Jun 2024 21:22:34 GMT

GET
H2 200 hero.jpg
www.secureworks.com/-/media/branches/services-page-a/ 192 KB
193 KB 68ms
67ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/branches/services-page-a/hero.jpg?h=574&iar=0&w=1600&hash=9D9C3B0974B2306F52C52224EB07AE44
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf27a8a97c021bd420b0e25d707b39df0289a37d6a0e9857daf1550330880e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 15:27:26 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
age: 119554
etag: 363b31d76ccb4e358fc03c6aa99fd69a
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="Hero.jpg"
accept-ranges: bytes
cf-ray: 8924a8482b16ac94-YYZ
content-length: 196999
expires: Tue, 18 Jun 2024 21:22:34 GMT

GET
H2 200 author-placeholder.svg
www.secureworks.com/assets/background-image/ 1 KB
981 B 124ms
123ms Image
image/svg+xml 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/assets/background-image/author-placeholder.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6b554534f7428b64fbc3de1c22bc0402b9acf4d3d955d917495a558e96204c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.98.152, 172.69.130.153:26932,::ffff:10.241.0.6
x-mss-script-nonce: OGIxYTQ3ZGQtYTU2MC00ZTJkLTkzYTUtYzY0MGRlYmU2Nzhh
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"57f-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a8482b18ac94-YYZ
expires: Wed, 12 Jun 2024 01:22:35 GMT

GET
H2 200 arrow-right.svg
www.secureworks.com/assets/background-image/ 243 B
376 B 125ms
125ms Image
image/svg+xml 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/assets/background-image/arrow-right.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b14348040f17891d6abf5eb3059d81a336cbf5567ee27e1de0a1dc30d4feac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-forwarded-for: 149.88.98.152, 172.69.130.168:30070,::ffff:10.241.0.4
x-mss-script-nonce: YTlhNjk0OTktMmEzNy00OGMwLWI1OGYtN2RkYTllNWI0YmRm
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"f3-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a8482b19ac94-YYZ
expires: Wed, 12 Jun 2024 01:22:35 GMT

GET
H2 200 _Xms-HUzqDCFdgfMm4S9DaRvzig.woff2
fonts.gstatic.com/s/figtree/v5/ 20 KB
20 KB 130ms
43ms Font
font/woff2 172.217.222.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v5/_Xms-HUzqDCFdgfMm4S9DaRvzig.woff2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f94.1e100.net

Software

sffe /

Resource Hash

5392fcb13ceeae22545e0102586f503f8a5776bd631432814988c86bb64a3d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Origin: https://www.secureworks.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:42:18 GMT
x-content-type-options: nosniff
age: 416417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20004
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:53:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:42:18 GMT

GET
H2 200 EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 11 KB
11 KB 157ms
70ms Font
font/woff2 172.217.222.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f94.1e100.net

Software

sffe /

Resource Hash

8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Origin: https://www.secureworks.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 02:36:47 GMT
x-content-type-options: nosniff
age: 413148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11212
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:12:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 02:36:47 GMT

GET
H2 200 _Xm9-HUzqDCFdgfMm4GnA4aZFrUvtOK3A-gd-EI84kb3fO7mSg.woff
fonts.gstatic.com/s/figtree/v5/ 14 KB
14 KB 146ms
60ms Font
font/woff 172.217.222.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v5/_Xm9-HUzqDCFdgfMm4GnA4aZFrUvtOK3A-gd-EI84kb3fO7mSg.woff

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f94.1e100.net

Software

sffe /

Resource Hash

e5edab6cea865b4c88e4d85527ffa35b68b91e4bc2ac6d41db54933d4a88778d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Origin: https://www.secureworks.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:19:43 GMT
x-content-type-options: nosniff
age: 172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:55:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 21:19:43 GMT

GET
H2 200 abstracts_0057_green_geo_360x190.jpg
www.secureworks.com/-/media/images/insights/abstracts/0057-green-geo/ 20 KB
20 KB 1295ms
1294ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/images/insights/abstracts/0057-green-geo/abstracts_0057_green_geo_360x190.jpg?h=190&iar=0&w=360&hash=F6DC578A18E3D735CE746986ABCB6BDA?io=transform:fit,width:1284,height:660
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6d77266bd2a4688fbe39ef25f8245cb87a7c4a5c3b33d9655a58e49d2183c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
cf-cache-status: MISS
last-modified: Fri, 09 Dec 2016 14:50:28 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
etag: f303f9bcd74a4e9e8b35d01c10111ae1
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="abstracts_0057_green_geo_360x190.jpg"
accept-ranges: bytes
cf-ray: 8924a8485b33ac94-YYZ
content-length: 20288
expires: Tue, 18 Jun 2024 21:22:36 GMT

GET
H2 200 State-of-the-Threat-Report-2023
dam.secureworks.com/transform/29bc0c81-b8f8-4214-be21-f3e43296f502/ 48 KB
48 KB 146ms
49ms Image
image/webp 99.84.108.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dam.secureworks.com/transform/29bc0c81-b8f8-4214-be21-f3e43296f502/State-of-the-Threat-Report-2023?io=transform:fit,width:1284,height:660

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.108.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-108-117.iad79.r.cloudfront.net

Software

nginx /

Resource Hash

bd141cb88c05d7eb814ae3b69683cfdf8dd7276c039f38961c12b8a22acc7e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:38:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
via: 1.1 795fca0399f361701665c0d9fab45324.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 161028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="State-of-the-Threat-Report-2023.webp"; filename*=UTF-8''State-of-the-Threat-Report-2023.webp
content-length: 48662
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/webp
access-control-allow-origin: *
x-api-correlation-id: 05c8f88e-7945-b2b4-0262-52fe1f4032e6
cache-control: public, max-age=900, s-maxage=15552000
permissions-policy: camera=(), geolocation=(), microphone=()
x-amz-cf-id: lfjzTrIOOkBi3XAmKOhwnwFm8S5EdVAu0-wgStD1-qxrEFOOLkf0wg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 92ms
29ms Script
application/x-javascript 104.105.36.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/assets/js/initMunchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.36.121 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-36-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 31ms
31ms Script
application/x-javascript 104.105.36.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.36.121 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-36-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 19 Sep 2024 21:22:35 GMT

POST
H/1.1 200
OK visitWebPage
725-smc-563.mktoresp.com/webevents/ 2 B
318 B 159ms
40ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://725-smc-563.mktoresp.com/webevents/visitWebPage?_mchNc=1718140955126&_mchCn=&_mchId=725-SMC-563&_mchTk=_mch-secureworks.com-1718140955125-58089&_mchHo=www.secureworks.com&_mchPo=&_mchRu=%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:35 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 4d597e47-277e-40c1-ba5d-f3cd488283c9

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 340 KB
109 KB 145ms
56ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

eb7c84aa3e6f874b312aa8a35ae9ea23080ba33bc9be87dc4046430cb8219708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111426
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 21:22:35 GMT

GET
H2 200 getForm Show response
pages.secureworks.com/index.php/form/ 24 KB
6 KB 160ms
160ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.secureworks.com/index.php/form/getForm?munchkinId=725-SMC-563&form=1784&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&callback=jQuery37109918882749914164_1718140954990&_=1718140954991
Requested by: Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8533a2e2e1f011b37c8da7b0adb403c7234028282ed68badd18a78e9615b7963

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8924a84b7fd6ac72-YYZ
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 favicon.ico
www.secureworks.com/images/ 30 KB
6 KB 123ms
123ms Other
image/x-icon 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/images/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7ee488720823f506e6fca1ba0da31c53e12db210bf875a74b716fe4df66d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.98.152, 172.70.80.38:44206,::ffff:10.241.0.4
x-mss-script-nonce: Yzg4YmMxZGQtMWQxOC00MjFkLWIzODEtNjE0MzAzN2NiZTU3
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"3aee-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a84bbe71ac94-YYZ
x-test-worker: true
expires: Wed, 12 Jun 2024 01:22:35 GMT

GET
H2 404 blog.json Show response
www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/ 58 KB
14 KB 340ms
339ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/blog.json?path=blog
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f77182830a6f61b1c4f757df62051f9b3cd5573d6cc7d988c2bbe5b20c54e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a84bce82ac94-YYZ
x-test-worker: true

GET
H2 404 wp-xdr-vs-siem-a-cybersecurity-leaders-guide.json Show response
www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/ 58 KB
14 KB 349ms
348ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/wp-xdr-vs-siem-a-cybersecurity-leaders-guide.json?path=resources&path=wp-xdr-vs-siem-a-cybersecurity-leaders-guide
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6653899c72872749b0c660a0a367968505c9988d125a555f8c3ccac4f8ca63f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a84bce85ac94-YYZ
x-test-worker: true

GET
H2 404 eb-modernize-you-security-operation-center-with-xdr.json Show response
www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/ 58 KB
14 KB 139ms
139ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/eb-modernize-you-security-operation-center-with-xdr.json?path=resources&path=eb-modernize-you-security-operation-center-with-xdr
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2361b752bc93a39d489917e3d024a206c874a136b4643f01e1f5a786b143849

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a84bce87ac94-YYZ
x-test-worker: true

GET
H2 404 eb-mdr-done-right.json Show response
www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/ 58 KB
14 KB 107ms
106ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/eb-mdr-done-right.json?path=resources&path=eb-mdr-done-right
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f77182830a6f61b1c4f757df62051f9b3cd5573d6cc7d988c2bbe5b20c54e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a84bce88ac94-YYZ
x-test-worker: true

GET
H2 200 forms2.css
pages.secureworks.com/js/forms2/css/ 13 KB
3 KB 33ms
31ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/css/forms2.css

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 7029
etag: "25808e5-3437-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8924a84c88e8ac72-YYZ
content-length: 2623
expires: Wed, 12 Jun 2024 01:22:35 GMT

GET
H2 200 forms2-theme-simple.css
pages.secureworks.com/js/forms2/css/ 826 B
326 B 51ms
51ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 7029
etag: "25808e2-33a-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8924a84c88ebac72-YYZ
content-length: 242
expires: Wed, 12 Jun 2024 01:22:35 GMT

GET
H2 200 favicon-32x32.png
www.secureworks.com/images/ 4 KB
4 KB 212ms
212ms Other
image/png 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/images/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8174af0e580306698f3a965c8e0579daea1f8084c5c977ac96ee2d7539cab03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-forwarded-for: 149.88.98.152, 172.69.130.239:19216,::ffff:10.241.0.6
x-mss-script-nonce: Mzk0Y2Y0N2MtMzI3Ni00NGVkLWE2ZjEtMDU4ZGE2MjY5MGJj
content-length: 3672
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"899-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
cf-ray: 8924a84c9f81ac94-YYZ
x-test-worker: true
expires: Wed, 12 Jun 2024 01:22:35 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 69ms
29ms Script
application/javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YmFgVUTeB0lXZXM9YgX19A==
age: 22784
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jun 2024 15:43:59 GMT
server: cloudflare
etag: 0x8DC89642588AF95
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eac4e9ff-e01e-004e-1c50-bb848c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a84d3c01ab4c-YYZ
expires: Wed, 12 Jun 2024 15:02:51 GMT

GET
H2 200 XDFrame Show response
pages.secureworks.com/index.php/form/ Frame 9283 2 KB
865 B 53ms
53ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/index.php/form/XDFrame

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a02c64bcf27e009fb460880bb2d00a0bc64642b371551eb3bebdfd1bfa45571

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8924a84d7a37ac72-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:22:35 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 1bdee92e-dd5f-49d1-9ccb-9a788319e959.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/ 4 KB
2 KB 82ms
44ms XHR
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/1bdee92e-dd5f-49d1-9ccb-9a788319e959.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec9ca5bebcf9a33d5741db506547c6903858435a1643b40116ccfbbd0726f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13471
content-md5: LWNNPH5IVvikXclDyy+T5w==
content-length: 1673
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jan 2024 23:14:42 GMT
server: cloudflare
etag: 0x8DC16E8EBF24C1E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b6862fbb-501e-008b-7172-793dee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a84dce1aaae6-YYZ
expires: Wed, 12 Jun 2024 21:22:35 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
0 0ms
0ms Script
application/x-javascript 104.105.36.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.36.121 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-36-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 nanoTrackerv3-0-2.ashx Show response
www.secureworks.com/-/media/Assets/js/shared/ 16 KB
5 KB 107ms
107ms Script
application/x-javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/-/media/Assets/js/shared/nanoTrackerv3-0-2.ashx
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 16 Aug 2023 18:07:27 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
etag: 61ebd904f1a645838256dff9b09d4ffa
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=601752
content-disposition: inline; filename="nanoTrackerv3-0-2.js"
accept-ranges: bytes
cf-ray: 8924a84d891bac94-YYZ

GET
H2 200 forms2.min.js Show response
pages.secureworks.com/js/forms2/js/ Frame 9283 199 KB
0 0ms
0ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/js/forms2.min.js

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pages.secureworks.com/index.php/form/XDFrame
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 5925
etag: "12a0c18-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8924a8483c48ac72-YYZ
expires: Wed, 12 Jun 2024 01:22:34 GMT

GET
H2 200 favicon-16x16.png
www.secureworks.com/images/ 3 KB
3 KB 308ms
308ms Other
image/png 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/images/favicon-16x16.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76444a9885bbb64c7a19bc5db54d746ab2cc1b7fe80356d25512cf2d79efff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-forwarded-for: 149.88.98.152, 108.162.242.82:56780,::ffff:10.241.0.4
x-mss-script-nonce: YjFmZTBlMWUtNTIxNi00NTZiLWIxYjAtMTMyNWJiNjZhOWFk
content-length: 3137
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"6af-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
cf-ray: 8924a84de999ac94-YYZ
x-test-worker: true
expires: Wed, 12 Jun 2024 01:22:36 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 77ms
38ms XHR
application/json 104.18.32.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8924a84e599eac27-YYZ
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/ 429 KB
104 KB 31ms
30ms Script
application/javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g8NxcYp0IaoBIOhpMNVD1w==
age: 83149
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106568
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:22 GMT
server: cloudflare
etag: 0x8DC3E88CB118B87
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1933329b-701e-0025-1157-7990ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a84e9d66ab4c-YYZ

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/42124763-e1e2-48a2-afba-0e009da1475c/ 71 KB
18 KB 37ms
37ms Fetch
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/42124763-e1e2-48a2-afba-0e009da1475c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

832a204488e45f8ad10625d6c0b597b5ddcad1a9d3b4223506857c61cfd25a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 82815
content-md5: f/wptFRMXO4c4pPzzNpi8w==
content-length: 17712
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jan 2024 23:14:50 GMT
server: cloudflare
etag: 0x8DC16E8F0D19A28
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b32d72f7-601e-004b-7067-79c5d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a84f1f68aae6-YYZ
expires: Wed, 12 Jun 2024 21:22:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 348 KB
109 KB 56ms
55ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

821a9359e84a856533e8d6aa5ea4ca4df69a32c631f676be2eda48e65bf4909a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H2 200 201e7325-26d7-4b1a-af4b-38bdaf9162ab.js Show response
j.6sc.co/j/ 4 KB
2 KB 128ms
61ms Script
application/javascript 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/201e7325-26d7-4b1a-af4b-38bdaf9162ab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-106-73.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0d6fba9519c07a6138279b6d6fa859766cd5b6b27e68166b53dad79201597832

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Rb1FgEqgzPFxSC9UriirXQXzDMD.brdi
content-encoding: gzip
date: Tue, 11 Jun 2024 21:22:36 GMT
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1443
pragma: no-cache
last-modified: Tue, 15 Aug 2023 17:39:29 GMT
server: AmazonS3
etag: "4839d94bc87dfbd1598e2bf2e75404b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: p50pmXXsvb6prjMrpFYB53Ei_KhswlTGzrgJRhOfJwIeuRTchy3nMA==
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 150ms
47ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 11 Jun 2024 21:22:35 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9931C66339CE4C89B9E0929F4EBA4F57 Ref B: YTO01EDGE0808 Ref C: 2024-06-11T21:22:36Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 230 KB
83 KB 76ms
76ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7542958e94135ffcf39a2673574dda0be3ab03eb3636ee76c697213ce0883d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84845
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H2 200 6279.js Show response
script.crazyegg.com/pages/scripts/0097/ 6 KB
2 KB 78ms
28ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a034ab1be1fd0be24846ca7de9cb845befb2d4707ad8012a4881553773982957

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3954
cf-polished: origSize=6229
ce-version: 11.5.219
cf-bgj: minify
last-modified: Tue, 11 Jun 2024 20:16:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8924a84fdb65abc1-YYZ

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 54ms
16ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 22 May 2024 17:01:28 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12104

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 63ms
63ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10934024932&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e5cb84c7e91a1fa83f35d9b98a7a3f19ae0def755a8c85fbabcaa7d7e598fcb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83284
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 92ms
47ms Script
text/javascript 172.64.151.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.60 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 45339
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 8924a84fd9c6ac5a-YYZ
expires: Tue, 11 Jun 2024 21:42:36 GMT

GET
H2 200 2mnfp3myy8iz.js Show response
js.driftt.com/include/1718141100000/ 221 KB
62 KB 143ms
67ms Script
application/javascript 18.160.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1718141100000/2mnfp3myy8iz.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-33.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vYj2QwoXuDHoMr32TIXJRIEgPcZmsDr0
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 11 Jun 2024 21:22:36 GMT
via: 1.1 bd3f4df95f7c836cc4eb6a22d92ac2c2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Thu, 30 May 2024 18:54:04 GMT
server: istio-envoy
etag: W/"ae4f24426ae40aec8481b3eedc7098e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JgFtd3fDQOOiNDf3gEbtZYWnbbmkEs6imGeQcXiPuYgJpxzhMP80qg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 114ms
36ms Script
application/javascript 23.218.218.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.155 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:42 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=25631
accept-ranges: bytes
content-length: 16683

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 125ms
31ms Script
application/x-javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/81BC) /

Resource Hash

7832f4a3c9cdc8ef1259fd500526f9d7bde88361e75340f2d74a6dfbf2afc3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Mon, 10 Jun 2024 20:04:29 GMT
server: ECS (cha/81BC)
age: 432
etag: "ad123c6771bbda1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25407

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 111ms
35ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200135-IAD

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 18 KB
6 KB 126ms
50ms Script
application/javascript 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:45:19 GMT
Server: AmazonS3
x-amz-request-id: YBWH3MB4BQF8Q9KN
ETag: "7571f2b08378e73bce1d28a5908d2cd5"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=249
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5930
x-amz-id-2: AmiL1mMPtHRD6mKz6VGFF1lXqvldXaq1oTjnmkIDbhcXZHv4etgZ2EBG9B+YCYxLyp2uvs8rRX1SqaK/2AHpkg==

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 10 KB
3 KB 38ms
37ms Fetch
application/json 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IWgfQ2bSJjhsuqoSVsKHow==
age: 27700
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2707
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:16 GMT
server: cloudflare
etag: 0x8DC3E88C7B72051
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c48d4d08-a01e-00a0-3f58-79bd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a84f9fdcaae6-YYZ

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/ 62 KB
13 KB 31ms
30ms Fetch
application/json 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s2sOOFx0mjDJK9iNqaz9cw==
age: 27700
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12694
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:18 GMT
server: cloudflare
etag: 0x8DC3E88C8A3F53C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: eacc8051-801e-0088-7567-79dc8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a84f9fddaae6-YYZ

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 21 KB
4 KB 36ms
35ms Fetch
text/css 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 27700
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 19aacabc-701e-0025-0c72-7990ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a84f9fdeaae6-YYZ

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=www.secureworks.com&pId=181334244840384264

4 B
281 B

207ms
132ms

Image
application/json

18.160.10.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=www.secureworks.com&pId=181334244840384264
Protocol: H2
Server: 18.160.10.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-26.iad12.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
content-type: application/json
alt-svc: h3=":443"; ma=86400
content-length: 4
apigw-requestid: ZOL0gheRIAMEP_Q=
x-amz-cf-id: tHIFiMNEcCClYjvIy6c2THSGJ3RS6NbkVwfRMyqzqnY45YwpiEwd0A==

Redirect headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
an-x-request-uuid: cd73ba47-ec9a-4263-9904-4e71cb897435
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://attr.ml-api.io/?domain=www.secureworks.com&pId=181334244840384264
x-proxy-origin: 149.88.98.152; 149.88.98.152; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 31ms
30ms Image
image/svg+xml 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 12574
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 01:45:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 89215259-f01e-0096-34ae-bb235d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a84ffef3ab4c-YYZ

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 28ms
28ms Fetch
image/svg+xml 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 27699
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jun 2024 15:44:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a41c0374-f01e-0051-5655-bb5f9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a84ff836aae6-YYZ

GET
H2 200 SW_logo_black_print.png
cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/ 22 KB
22 KB 31ms
29ms Image
image/png 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/SW_logo_black_print.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2qjIoAdJjqAKBeXNXVdNEg==
age: 15864
content-length: 22030
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 15:05:07 GMT
server: cloudflare
etag: 0x8DBE459EC4B10B3
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: eac810b7-b01e-0093-3b72-79e289000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a8500f22ab4c-YYZ

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 30ms
28ms Image
image/svg+xml 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 22928
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jun 2024 15:44:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5e9b8716-c01e-001d-5b69-bb9883000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a8500f25ab4c-YYZ

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_f8xwyeln/ 3 B
124 B 55ms
19ms XHR
application/json 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_f8xwyeln/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_f8xwyeln_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 61ms
26ms XHR
application/json 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_f8xwyeln_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 56ms
18ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1718140956156&id=t2_f8xwyeln&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=55643176-c2ca-4400-8d89-0a0102a09f93&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 www.secureworks.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6279/site/ 19 KB
4 KB 69ms
32ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6279/site/www.secureworks.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fc03a12b273741a1add13e5e7e3ebd52b9b1f85e0c9e1798dcc6ad385f1586

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3954
ce-version: 11.5.219
content-length: 3808
last-modified: Tue, 11 Jun 2024 20:16:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8924a8505cbbab9a-YYZ

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/ 4 KB
1 KB 155ms
58ms Script
text/javascript 173.194.204.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/?random=1718140956178&cv=11&fst=1718140956178&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10934024932&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f154.1e100.net

Software

cafe /

Resource Hash

a5cd626bbffd3917ab5f3b0d0a209a9d677a017855c4e4165bb234dcf70c65fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
451 B 55ms
53ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1718140956186&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17588164
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPryncaau0pROxHvo7JL9HvdXDxLnht3ydMrnmvpG7SrHJIRDMxJCnonzIfzXOXdPmMXH4E
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Tue, 11 Jun 2024 22:22:36 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 89ms
49ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1718140956186&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 21:22:36 GMT
expires: Tue, 11 Jun 2024 21:22:36 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPqP1gO5u8Xk31jBm8oRJXEDrn99Ku4CCwECVZ9csEiXXWFaX-2TKRV2OUTLDu_YovGWntw

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 144ms
41ms Ping
text/plain 209.85.232.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je46a0v879063519z871332070za200zb71332070&_p=1718140955412&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1805603548.1718140956&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718140956&sct=1&seg=0&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&dt=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2186
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.85.232.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qt-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 144ms
40ms Ping
text/plain 209.85.201.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-15MK64YNN6&cid=1805603548.1718140956&gtm=45je46a0v879063519z871332070za200zb71332070&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.85.201.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qu-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.ca/ads/ 0
0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/ 4 KB
1 KB 80ms
59ms Script
text/javascript 173.194.204.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/?random=1718140956256&cv=11&fst=1718140956256&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f154.1e100.net

Software

cafe /

Resource Hash

a2a51c8b8a579c1634f39112ecca6f1831dd5f1aaca7c4a9e0f4039a5a86fbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1484
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/ 4 KB
1 KB 76ms
57ms Script
text/javascript 173.194.204.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/?random=1718140956261&cv=11&fst=1718140956261&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f154.1e100.net

Software

cafe /

Resource Hash

34b29f07f20622b5e37eff7e5b87a381a432999971e073289cee4ac82832870e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1481
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8eeb2924bd41887f98d9cf5f91c9c9ed.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 148 KB
49 KB 38ms
37ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74c089861b357f2d7aefccb4ad68cc92de7fd4041e8674c8c7d2d128adeca379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 May 2024 14:46:51 GMT
server: cloudflare
age: 100698
cf-polished: origSize=151950
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8924a850dc48abc1-YYZ

GET
H2 200 adsct
t.co/i/ 43 B
375 B 251ms
157ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=65105daa-e954-477b-83ca-785e5f7f329c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e2c69163-c06d-4ee9-a3cd-b9e0827d36fd&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 6
date: Tue, 11 Jun 2024 21:22:35 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: f8fe2fab8d64c59a
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 3c58b543166ddd91f535321be04d4cb022cac404d089919a41c1ed0d6e59e49a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 193ms
67ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=65105daa-e954-477b-83ca-785e5f7f329c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e2c69163-c06d-4ee9-a3cd-b9e0827d36fd&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 6
date: Tue, 11 Jun 2024 21:22:35 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 8dc3adce049d0916
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 0ef77ceb64d1454050c782c76d954eacd5b6eaf4a6607e330274db137e48fcc5
content-length: 43

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 34ms
34ms Script
application/javascript 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/201e7325-26d7-4b1a-af4b-38bdaf9162ab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 May 2024 06:01:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "663c66b5-106b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18038
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 111ms
35ms Script
application/x-javascript 18.67.60.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-60-119.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 09:59:22 GMT
Content-Encoding: gzip
Via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P1
Age: 40995
ETag: W/"a7eb6794e868fe870db350518165c868"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: lgcHnByit_IZlDrKCzriikYgDo-rch0m7J-eJzzBYPmY-e7sMOq7EQ==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
760 B 186ms
111ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B1605E4EBB0444A4984C11040948DAD7 Ref B: YTO01EDGE0716 Ref C: 2024-06-11T21:22:36Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYao91hoO6gSjj+eKeiZA==
x-fs-uuid: 00061aa3dd61a0eea04a38fe78a7a264

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1718140956290%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSy...

0
162 B

87ms
81ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CD70077985F74964B4D7FF28FA633743 Ref B: YTO01EDGE0719 Ref C: 2024-06-11T21:22:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYao91lW8Q30VtGhSEqyw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 21:22:35 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYao91j8K/K5pYMbHjJ8g==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 70A45F26A5384CB39B514D7D6F1C72AE Ref B: YTO01EDGE0719 Ref C: 2024-06-11T21:22:36Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140956290&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ipv
cdn.bizible.com/ 43 B
305 B 33ms
32ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=f7fe0f8771dc4a77d9c190973dcbeaad&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_biz_t=1718140956294&_biz_i=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&_biz_n=0&rnd=611831&cdn_o=a&_biz_z=1718140956295

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/80E6) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:24 GMT
server: ECS (cha/80E6)
age: 346032
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
181 B 34ms
30ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=f7fe0f8771dc4a77d9c190973dcbeaad&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_biz_t=1718140956302&_biz_i=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&rnd=540577&cdn_o=a&_biz_z=1718140956302

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/818C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:24 GMT
server: ECS (cha/818C)
age: 346032
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 204 56073499.js Show response
bat.bing.com/p/action/ 0
118 B 54ms
53ms Script
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56073499.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 11 Jun 2024 21:22:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDB877BE03854E69A32BE67F9AAAEE87 Ref B: YTO01EDGE0808 Ref C: 2024-06-11T21:22:36Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 61ms
59ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56073499&Ver=2&mid=9f6e541b-39d6-40a2-a71f-1c565ce248b9&sid=b9412000283811efa18765d7eb2316b9&vid=b9412700283811efa756952c399449e3&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&p=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&r=&lt=1284&evt=pageLoad&sv=1&rn=443866

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 21:22:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84A9C2FC81B14E56B39066CA7658474E Ref B: YTO01EDGE0808 Ref C: 2024-06-11T21:22:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 138 B
582 B 108ms
40ms Fetch
application/json 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&buyer_pixel_id=7246
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fd7058c7d4b96080b7a1cee0f7bf63a8900edeb1a45bd55e223673915565d0db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2024 21:22:36 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.secureworks.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 138
Expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H2 200 core
js.driftt.com/ Frame 678E 0
0 136ms
66ms Document
text/html 18.160.18.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=0329d581-9f3f-49be-8f6a-15e62e9960ba&sessionStarted=1718140956.323&campaignRefreshToken=f393f8e1-175c-456c-950a-0c785eb92f53&hideController=false&pageLoadStartTime=1718140954886&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1718141100000/2mnfp3myy8iz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-4.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:22:36 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 51164155275c508076425faa0467bff0.cloudfront.net (CloudFront)
x-amz-cf-id: jjMZUxBeXfCQhsh8jzo_9q6llQfnAXuezGDnQrpdAjIEgkbZhfowFw==
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

GET
H2 200 chat
js.driftt.com/core/ Frame E6C8 0
0 116ms
48ms Document
text/html 18.160.18.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718140954886

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1718141100000/2mnfp3myy8iz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-4.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:22:36 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 51164155275c508076425faa0467bff0.cloudfront.net (CloudFront)
x-amz-cf-id: 9-dykw7_JFS9eBKg8O3wO1wdgMXtxoHy69RaWCBzaa7Gxe-rpZOHTQ==
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 84 B
294 B 39ms
38ms Script
text/javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=f7fe0f8771dc4a77d9c190973dcbeaad&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.06.10

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/8123) /

Resource Hash

6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (cha/8123)
etag: EFEDFBC3
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 186

GET
H2 200 getuidj Show response
secure.adnxs.com/ 28 B
1 KB 34ms
32ms XHR
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

89492e75b5c96c9013b608ee2db5bd1f29c6598b0d95fa00c682f4bb852acde6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
an-x-request-uuid: 1dbdfa94-75e4-441a-86ec-70a835f3380c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.secureworks.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.98.152; 149.88.98.152; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 28
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
196 B 35ms
34ms XHR
text/html 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-106-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.secureworks.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
285 B 106ms
38ms XHR
text/html 23.212.249.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.132 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.secureworks.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718140956408_400320900_1028126518_19_1114_15_40_219";dur=1
content-length: 4
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
BLOB 200
OK 3de9cf14-beda-47c9-b5b2-456c6e4c7e35
https://www.secureworks.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.secureworks.com/3de9cf14-beda-47c9-b5b2-456c6e4c7e35
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H3 200 /
www.google.com/pagead/1p-user-list/648366107/ 42 B
64 B 137ms
49ms Image
image/gif 172.217.222.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648366107/?random=1718140956261&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLPFHcOYb4o7HF3RX5OuGsWjocwm2UGA&random=198804519&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.ca/pagead/1p-user-list/648366107/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10934024932/ 42 B
64 B 143ms
57ms Image
image/gif 172.217.222.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10934024932/?random=1718140956178&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLe2HY8S914MIzyqKJJsiMbyczW5th5A&random=283904301&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.ca/pagead/1p-user-list/10934024932/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/648366107/ 42 B
64 B 121ms
56ms Image
image/gif 172.217.222.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648366107/?random=1718140956256&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLBLzlQF29DLk6f_6mMNOOVRcq3rSlww&random=1176091545&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.ca/pagead/1p-user-list/648366107/ 0
0

GET
H2 200 www.secureworks.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6279/sampling/ Frame 2212 162 B
219 B 29ms
29ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6279/sampling/www.secureworks.com.json?t=477261
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd6234a63720e6c3acd6cb0d07a5136f425d3f09c148da4dcc485972f84214e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3953
ce-version: 11.5.219
content-length: 151
last-modified: Tue, 11 Jun 2024 20:16:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8924a8517dfaab9a-YYZ

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 41ms
40ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 85ms
84ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22db8067e51eb58581f03147464f6063b2%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22359714f191fbccf873d6d488c1ebaeeb533e4955%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22201e7325-26d7-4b1a-af4b-38bdaf9162ab%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:36 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 18 KB
18 KB 68ms
27ms Script
text/javascript 35.244.142.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:53:25 GMT
age: 1751
x-guploader-uploadid: ABPtcPpDVjG-B3fEKijGQ0OjHyADWXCJBW0foYYa7CdvbnsCamUI8FiJXPkGIGvUl1YmhAV0PVc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17985
last-modified: Tue, 14 May 2024 14:35:47 GMT
server: UploadServer
etag: "d7cac522641241ca4e9ceac4f1b458e8"
x-goog-generation: 1715697347359123
x-goog-hash: crc32c=Q65p8w==, md5=18rFImQSQcpOnOrE8bRY6A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 17985
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 11 Jun 2024 21:53:25 GMT

GET
H2 200 aa3cc511947365a3.min.js Show response
tag.demandbase.com/ 80 KB
22 KB 144ms
43ms Script
application/javascript 18.160.10.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/aa3cc511947365a3.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-40.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6968ffe4a37dbfa8e244672f97ddc3329815477ad3592085cfd19f2269577a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: x_ulfhEOs2j4YjYZ80rZzL3D5hu0s9fy
content-encoding: gzip
via: 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 21:22:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 06 Jun 2024 18:58:22 GMT
server: AmazonS3
etag: W/"c00d7b3946d4805bff2f31bad930a16f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: S6scCMjBqipqaCcdfGdx3uWMXU6uLqkPZyz-5mAQuAx-zOYQVyQnyg==

GET
H/1.1 200
OK rtp.js Show response
abrtp2-cdn.marketo.com/rtp-api/v1/ 152 KB
153 KB 231ms
120ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

3017d3476da7a48172b149b8f125d58e175ed4032a22babd0ed215666a99f0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 01:39:39 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Sat, 08 Jun 2024 01:39:39 GMT
Server: Jetty(9.4.45.v20220203)
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=300
Connection: close

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 2212 19 B
462 B 141ms
35ms XHR
application/json 3.162.103.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-73.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 08:09:23 GMT
via: 1.1 e4938fc434947f57a79af6b9b403df6e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P1
age: 565994
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 5vsVEpY7vaXsZjGEW_u68NOSag_d8kha2OOkcVkbR2M6p27STu36QA==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 2212 19 B
461 B 111ms
34ms XHR
application/json 18.67.65.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-42.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:40:22 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 394935
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: K9isgd6ksslf-G2MANBptOwRKHnxCgvjo8DZ_bq7kVwOEAqirBOBVg==

GET
H2 200 u
cdn.bizible.com/ 43 B
86 B 43ms
42ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1718140955125-58089&_biz_u=f7fe0f8771dc4a77d9c190973dcbeaad&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_biz_t=1718140956302&_biz_i=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&_biz_n=1&rnd=501735&cdn_o=a&_biz_z=1718140956427

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/818C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:36 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:24 GMT
server: ECS (cha/818C)
age: 346032
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
BLOB 200
OK 9dfa8630-8456-4a05-b678-ffa061fbaf80
https://www.secureworks.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.secureworks.com/9dfa8630-8456-4a05-b678-ffa061fbaf80
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame 9A72
Redirect Chain

https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0

0
0

41ms
39ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 11 Jun 2024 21:22:36 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 387
date: Tue, 11 Jun 2024 21:22:36 GMT
location: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
server: Kestrel

GET
H2 200 track
t.teads.tv/ 23 B
0 171ms
76ms Fetch
image/gif 23.62.169.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&user_session_id=91142239-e129-4c41-9a16-fcaccbfbc417
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.169.133 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-169-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.secureworks.com
date: Tue, 11 Jun 2024 21:22:36 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 182ms
132ms Image
image/gif 23.62.169.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&user_session_id=91142239-e129-4c41-9a16-fcaccbfbc417
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.169.133 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-169-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 11 Jun 2024 21:22:36 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 377ms
61ms Image
text/plain 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&user_session_id=91142239-e129-4c41-9a16-fcaccbfbc417
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1718140956","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Tue, 11 Jun 2024 21:22:36 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Tue, 11 Jun 2024 21:22:36 GMT

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
122 B 94ms
92ms Fetch
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:37 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 0f834f3cf3bd418312acbf9b4fa3dde0
cache-control: private
function-execution-id: vskroi3xp9hs
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 1144ms
51ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:22:37 GMT
function-execution-id: hun1i5r72z7m
server: Google Frontend
x-cloud-trace-context: 65af44007b3fde4d94294ebd42571ce2

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 755 B
716 B 1120ms
48ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 3cbadfa4978733bd5be49491780ee3fdcf1255dcfd09ebbaec113c1ddd256c5c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token 359714f191fbccf873d6d488c1ebaeeb533e4955
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
X-6s-CustomID: WebTag 201e7325-26d7-4b1a-af4b-38bdaf9162ab
Referer
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 945224200231304852
date: Tue, 11 Jun 2024 21:22:38 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: us-east-1a
access-control-allow-origin: https://www.secureworks.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 396

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 1141ms
42ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.secureworks.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Tue, 11 Jun 2024 21:22:37 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: us-east-1a
x-trace-id: 5356470563332557291

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame 2212 39 B
146 B 182ms
83ms XHR
text/plain 3.132.177.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1718140956567&tk=30a8be1af0ff6647f2a6a004fc2fb241&s=361865&p=%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&u=976279&v=9c8e24176e9a584fbae16571a4a1fc771414df31&f=secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&ul=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.177.74 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-177-74.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: f7232500e53ef989b17664d67429b02226a28247a0c840ce3bb9bde9b98e3e12

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 11 Jun 2024 21:22:36 GMT
cache-control: no-store
server: awselb/2.0
content-length: 39
content-type: text/plain

GET
H2 200 sync
s.company-target.com/s/ Frame 4CEE 0
0 81ms
40ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/aa3cc511947365a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 21:22:36 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCJ2Ao7MGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12971MzLR200gXs690opUF6whOmKuoB4D_BhATo05KsUERE

26 B
348 B

116ms
36ms

Image
image/gif

99.84.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12971MzLR200gXs690opUF6whOmKuoB4D_BhATo05KsUERE
Protocol: HTTP/1.1
Server: 99.84.191.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-65.iad89.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 11 Jun 2024 21:22:37 GMT
Via: 1.1 c242c974a465288488c7876cabca7752.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD89-C2
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
X-Amz-Cf-Id: 9hs4d8K02JzSUQLd4uGHpSsGEMDscki6GuXxxPiR_OD7Q6TD4UP7gA==

Redirect headers

date: Tue, 11 Jun 2024 21:22:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12971MzLR200gXs690opUF6whOmKuoB4D_BhATo05KsUERE
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 401 ip.json Show response
api.company-target.com/api/v2/ 12 B
514 B 1165ms
64ms XHR
text/plain 13.249.39.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&page_title=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.39.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-39-126.iad89.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jun 2024 21:22:37 GMT
via: 1.1 55b6418a8a2f714a67d8e4d292154ef2.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-C1
x-cache: Error from cloudfront
request-id: fe9df66d-658f-4113-9104-0e78459a1b20
content-length: 12
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.secureworks.com
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-amz-cf-id: _dRIKo-2V_zoEc0U6Skw2mdsidowMmOodXyWCMWwk2QzwuNbM3OYvQ==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 83ms
83ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:35 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 122A20CB03F24C2D88BF4CA598F5F8F9 Ref B: YTO01EDGE0719 Ref C: 2024-06-11T21:22:36Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.secureworks.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYao91mx+Jx4cCvxxo2hg==

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 27ms
27ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 18:23:06 GMT
server: cloudflare
age: 100699
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8924a8540f32abc1-YYZ

GET
BLOB 200
OK f1ece216-c75c-4871-a8e5-bcbb0055713e
https://www.secureworks.com/ 256 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.secureworks.com/f1ece216-c75c-4871-a8e5-bcbb0055713e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d88f54a9178a5c0b75abb4b7d66c4a084f4234e580f2c83a321c693702f7b41

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 256
Content-Type: text/javascript

GET
H2 200 556f7559f794c4b7f3fa7753ad882b97.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 32ms
32ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/556f7559f794c4b7f3fa7753ad882b97.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:22:36 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 18:23:04 GMT
server: cloudflare
age: 100698
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8924a8543f64abc1-YYZ

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/3.7.0/ 85 KB
30 KB 154ms
51ms Script
application/x-javascript 104.105.40.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/3.7.0/jquery.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.40.89 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-40-89.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Jun 2023 14:58:35 GMT
Server: AkamaiNetStorage
ETag: "e6c2415c0ace414e5153670314ce99a9:1685718127.441272"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 30386

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 23 KB
4 KB 101ms
33ms Stylesheet
text/css 104.105.40.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.40.89 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-40-89.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2024 05:08:51 GMT
Server: AkamaiNetStorage
ETag: "c89c0f4cc3c0f0f2bd846508a3cd504c:1715749730.923559"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3762

GET
H/1.1 200
OK trw Show response
abrtp2.marketo.com/gw1/ 0
435 B 188ms
35ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/trw?aid=dellsecureworks&trwv.uid=dellsecureworks-1718140956840-a06b66f7&trwv.vc=1&trwsa.sid=dellsecureworks-1718140956841-a348cf51&trwsb.cpv=1&ctzo=-07:00&uri=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&ma=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1718140955125-58089&pm=&viewedTypes=&rts=1718140956844

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:37 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK ga-integration-2.0.5.js Show response
rtp-static.marketo.com/rtp/libs/ 18 KB
6 KB 191ms
33ms Script
application/x-javascript 104.105.40.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.40.89 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-40-89.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2023 08:00:53 GMT
Server: AkamaiNetStorage
ETag: "18a7b0f60655900c0010a35d07b9da0f:1686816053.163727"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5654

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
426 B 300ms
35ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/msg?a=2&sid=dellsecureworks-1718140956841-a348cf51&aid=dellsecureworks&ma=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1718140955125-58089&viewedTypes=&0.8349071058104138&rts=1718140956895

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:37 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/ 522 KB
126 KB 70ms
47ms Script
application/x-javascript 104.105.40.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/jquery-custom-ui.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.40.89 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-40-89.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jun 2023 11:54:52 GMT
Server: AkamaiNetStorage
ETag: "85c4e68263c6de164e4bad3fb60222a5:1685620750.615377"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
426 B 1104ms
35ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:38 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK visitor Show response
abrtp2.marketo.com/gw1/rtp/api/v1_1/ 360 B
1 KB 139ms
36ms XHR
application/json 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/rtp/api/v1_1/visitor?sid=dellsecureworks-1718140956841-a348cf51&aid=dellsecureworks&1718140957151

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

5c7fa0738cb156379e2bde84a4fbe1c5329b554fe6fc9291d5f1deb752ffa1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: No-cache
Date: Tue, 11 Jun 2024 21:22:37 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Tue Jun 11 16:22:37 CDT 2024
Server: Jetty(9.4.45.v20220203)
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.secureworks.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
abrtp2.marketo.com/gw1/ga/ 48 B
501 B 352ms
35ms XHR
text/json 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/ga/sgm?sid=dellsecureworks-1718140956841-a348cf51&1718140957152

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:22:37 GMT
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 35ms
35ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A36%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:37 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 41ms
41ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A37%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:38 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 45ms
44ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A38%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:39 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:39 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 37ms
36ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A39%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:40 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 35ms
35ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A40%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:41 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 36ms
35ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A41%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%226004%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:22:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:22:42 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.ca
URL: https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-15MK64YNN6&cid=1805603548.1718140956&gtm=45je46a0v879063519z871332070za200zb71332070&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=2024174746

Domain: www.google.ca
URL: https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140956261&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLPFHcOYb4o7HF3RX5OuGsWjocwm2UGA&random=198804519&rmt_tld=1&ipr=y

Domain: www.google.ca
URL: https://www.google.ca/pagead/1p-user-list/10934024932/?random=1718140956178&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLe2HY8S914MIzyqKJJsiMbyczW5th5A&random=283904301&rmt_tld=1&ipr=y

Domain: www.google.ca
URL: https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140956256&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLBLzlQF29DLk6f_6mMNOOVRcq3rSlww&random=1176091545&rmt_tld=1&ipr=y

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=3b2c34ba-b54b-4580-8dff-37b4104ba5b0&session=7c61db35-f304-4dbf-892c-23242e34a41e&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A22%3A42%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=4b1fdee5-99b7-4d0e-8155-e4d3088ea916&an_uid=181334244840384264&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.secureworks.com/	1969-12-31 23:59:59	Name: sxa_site Value: swxp-rendering
.pages.secureworks.com/	1970-01-20 21:15:42	Name: __cf_bm Value: N_Z9Zp.O3I.sFrUArb8uWIlX7rwsQ_HEoQj8fL8FHgk-1718140954-1.0.1.1-SXAAc33DxaL8WkeACnG1ncLEOVbKNFZMsaQiQiGUJNgbZeyVHxvQx.zk.3bDwdWnPhSEOyYo6vP7XZSo3.tK2g
.secureworks.com/	1970-01-21 06:51:40	Name: _mkto_trk Value: id:725-SMC-563&token:_mch-secureworks.com-1718140955125-58089
pages.secureworks.com/	1969-12-31 23:59:59	Name: BIGipServerab44web-nginx-app_https Value: !a2m+x9ei1di/vBvagI9xdiUvaZp4gq9NpOKqWnncat7AnSREdebeG0kmNxIVTjS8AxOtgb4bH2D6vAg=
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: ef1bbc47747c6d9eb5d2dc61e1b5cd03
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: ef1bbc47747c6d9eb5d2dc61e1b5cd03
.secureworks.com/	1970-01-20 23:25:16	Name: _gcl_au Value: 1.1.1153808932.1718140956
.secureworks.com/	1970-01-21 06:01:16	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jun+11+2024+14%3A22%3A36+GMT-0700+(Pacific+Daylight+Saving+Time)&version=202401.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=0ef46ab5-f83d-4ebc-8661-6a1714477ef5&interactionCount=0&landingPath=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&groups=C0002%3A1%2CC0004%3A1%2CC0003%3A1%2CC0001%3A1
.secureworks.com/	1970-01-20 23:25:16	Name: _rdt_uuid Value: 1718140956155.55643176-c2ca-4400-8d89-0a0102a09f93
.techtarget.com/	1970-01-20 21:15:42	Name: __cf_bm Value: ev_FVHJgvcTW10RY93cXRfzDGmy0DenfhWFLCswn86U-1718140956-1.0.1.1-YbiNLrkvlw8XflpgESwu2ANgdI7Evx6TPV1HOlNUg029oj44iDkzyyM5z7nu4QbMM6SPjdvOBVkbX3h4vFXPRA
.secureworks.com/	1970-01-21 06:51:40	Name: _ga Value: GA1.1.1805603548.1718140956
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_uid Value: f7fe0f8771dc4a77d9c190973dcbeaad
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_nA Value: 2
.secureworks.com/	1970-01-20 21:17:07	Name: _uetsid Value: b9412000283811efa18765d7eb2316b9
.secureworks.com/	1970-01-21 06:37:16	Name: _uetvid Value: b9412700283811efa756952c399449e3
www.secureworks.com/	1970-01-20 21:15:42	Name: drift_campaign_refresh Value: f393f8e1-175c-456c-950a-0c785eb92f53
.bizible.com/	1970-01-21 06:01:16	Name: _BUID Value: f7fe0f8771dc4a77d9c190973dcbeaad
.adnxs.com/	1970-01-20 23:25:16	Name: XANDR_PANID Value: EWC8zR1PwSz7GE-yxKh5KOCZv6zDiLtW9qURuXseum2jR1pawA8qq1z26eB0aCrLuRe_phJwoGmWYSrxBMvOmX6WMgeUm7eSeznqmxfVLGI.
.adnxs.com/	1970-01-21 06:51:40	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:25:16	Name: uuid2 Value: 181334244840384264
.bing.com/	1970-01-21 06:37:16	Name: MUID Value: 1A7B48F0211062B80E115C6B203A63C9
.bat.bing.com/	1970-01-20 21:25:45	Name: MR Value: 0
.bizibly.com/	1970-01-21 06:01:16	Name: _BUID Value: 16772b14c83bfdfe0b85e7329034370e
www.secureworks.com/	1970-01-20 21:25:45	Name: _an_uid Value: 181334244840384264
www.secureworks.com/	1970-01-21 06:51:40	Name: _gd_visitor Value: 3b2c34ba-b54b-4580-8dff-37b4104ba5b0
www.secureworks.com/	1970-01-20 21:15:55	Name: _gd_session Value: 7c61db35-f304-4dbf-892c-23242e34a41e
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.secureworks.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.secureworks.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.secureworks.com/	1970-01-20 21:15:42	Name: tfpsi Value: 91142239-e129-4c41-9a16-fcaccbfbc417
.linkedin.com/	1970-01-20 23:25:16	Name: li_sugr Value: 5021a650-7d0c-4820-be73-100b803aa956
.linkedin.com/	1970-01-21 06:01:16	Name: bcookie Value: "v=2&6ba30a76-5b56-422a-83cd-1ccca374fc8e"
.linkedin.com/	1970-01-20 21:17:07	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2808:u=1:x=1:i=1718140956:t=1718227356:v=2:sig=AQHkZHp848nZ3sMNU_D1ZByNPpOglPUT"
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_pendingA Value: %5B%5D
.twitter.com/	1970-01-21 06:51:40	Name: personalization_id Value: "v1_ilU3MQfCzhe5LYdoS1LxWg=="
www.secureworks.com/	1970-01-21 06:01:16	Name: __pdst Value: f64ed879590c47918e6de7b3efcd7f65
.linkedin.com/	1970-01-20 21:58:52	Name: UserMatchHistory Value: AQKbzVFL4icthgAAAZAJLm9NY8-IVGBb0W2x4Ogk90V0I3k6a0jB_S5DyB3dzKdqrBH8b5keTV6PwQ
.linkedin.com/	1970-01-20 21:58:52	Name: AnalyticsSyncHistory Value: AQK9H-pJBYiTjgAAAZAJLm9Nt8TAZgr20LnB-MAB1JlHGxrVNYrnjtNm--Htg8HiZzaKz-xG9jZwL-QHwnGd0Q
.t.co/	1970-01-21 06:51:40	Name: muc_ads Value: 4bc9fdd4-2817-45c8-91ff-3ec5cb29ad43
.adsrvr.org/	1970-01-21 06:01:16	Name: TDID Value: aef1fcca-cb29-4360-9bf4-5205b87ba220
.secureworks.com/	1970-01-20 21:17:07	Name: _ce.clock_event Value: 1
.www.linkedin.com/	1970-01-21 06:01:16	Name: bscookie Value: "v=1&20240611212236fe47c18c-0dd1-4034-85c7-9e3f609871e6AQEeXASt4lUKT_bcw43k7UzLgWay-OXJ"
.company-target.com/	1970-01-21 06:51:40	Name: tuuid Value: 3cd70c24-2d02-460b-87f5-29457c1b6feb
.company-target.com/	1970-01-21 06:51:40	Name: tuuid_lu Value: 1718140956\|ix:0\|mctv:0\|rp:0
.secureworks.com/	1970-01-20 21:17:07	Name: _ce.clock_data Value: 13%2C149.88.98.152%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CCA
.secureworks.com/	1970-01-21 06:01:16	Name: _CEFT Value: Q%3D%3D%3D
.casalemedia.com/	1970-01-21 06:01:16	Name: CMID Value: ZmjAHNHM6uoAAGtlAC.pIAAA
.casalemedia.com/	1970-01-20 23:25:16	Name: CMPS Value: 3872
.casalemedia.com/	1970-01-20 23:25:16	Name: CMPRO Value: 3872
.secureworks.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.secureworks.com/	1970-01-21 06:01:16	Name: _ce.s Value: v~9c8e24176e9a584fbae16571a4a1fc771414df31~lcw~1718140956776~lva~1718140956418~vpv~0~v11.cs~361865~v11.s~b987f770-2838-11ef-9709-cf71071da32f~lcw~1718140956777
.tremorhub.com/	1970-01-21 06:01:37	Name: tvid Value: 0294425ca90e4bdcb53ed5fdbbc20380
.tremorhub.com/	1970-01-21 06:51:40	Name: tv_UIDM Value: 3cd70c24-2d02-460b-87f5-29457c1b6feb
.secureworks.com/	1970-01-21 06:51:40	Name: trwv.uid Value: dellsecureworks-1718140956840-a06b66f7%3A1
.secureworks.com/	1970-01-20 21:15:42	Name: trwsa.sid Value: dellsecureworks-1718140956841-a348cf51%3A1
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.rubiconproject.com/	1970-01-21 06:01:16	Name: khaos Value: LXAWRJ4M-I-CGCY
.rubiconproject.com/	1970-01-20 23:25:16	Name: receive-cookie-deprecation Value: 1
.rlcdn.com/	1970-01-21 06:01:16	Name: rlas3 Value: QMYgJQIBLXOBECZFDVjhDENymW6jwK0WzX6lIW7Mi1E=
.rlcdn.com/	1970-01-20 22:42:04	Name: pxrc Value: CJ2Ao7MGEgUI6AcQABIGCMrdKhAA
www.secureworks.com/	1970-01-21 06:51:40	Name: drift_aid Value: 22f69eff-5bb1-4155-a532-4c9083d7dc7c
www.secureworks.com/	1970-01-21 06:51:40	Name: driftt_aid Value: 22f69eff-5bb1-4155-a532-4c9083d7dc7c
.secureworks.com/	1970-01-21 06:51:40	Name: _ga_15MK64YNN6 Value: GS1.1.1718140956.1.0.1718140958.58.0.0
.rubiconproject.com/	1970-01-21 06:01:16	Name: audit Value: 1\|/ULsz1UBfLfBGbdLzJttEDgTQfX+mgYqkKAyTjHcU489lT6qX1KYWvFvsPDUE7M/Rz0efG7sgtWM1KxoLazIt5mwZQnb46mpqiRCG/u0pi+wCqWg/o4WoEft9v5HV20WhEf0vO7RVo8kc4NG2IlkVtB8rGYzCtE7cmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.doubleclick.net/	1970-01-21 06:51:40	Name: IDE Value: AHWqTUn9IShQZ-rvqS5lavBguxDIn3WqQXQ8UkbpRdv8Q-1uT3VHx7tZV27GUTt8vyM
.adsrvr.org/	1970-01-21 06:01:16	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCPyBzt7UmYU9EAUSFwoIYXBwbmV4dXMSCwi0os7e1JmFPRAFEhUKBmdvb2dsZRILCOT-xP7UmYU9EAUYBSACKAMyCwjS4dCL65mFPRAFQg8iDQgBEgkKBXRpZXIzEAFaBzZnMXk5aHlgAQ..

100 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/eb-mdr-done-right.json?path=resources&path=eb-mdr-done-right Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/eb-modernize-you-security-operation-center-with-xdr.json?path=resources&path=eb-modernize-you-security-operation-center-with-xdr Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/blog.json?path=blog Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/vQCGRQCG3NIM0tiRfE5Bf/en/resources/wp-xdr-vs-siem-a-cybersecurity-leaders-guide.json?path=resources&path=wp-xdr-vs-siem-a-cybersecurity-leaders-guide Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-15MK64YNN6&cid=1805603548.1718140956&gtm=45je46a0v879063519z871332070za200zb71332070&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=2024174746' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140956261&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLPFHcOYb4o7HF3RX5OuGsWjocwm2UGA&random=198804519&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/pagead/1p-user-list/10934024932/?random=1718140956178&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLe2HY8S914MIzyqKJJsiMbyczW5th5A&random=283904301&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140956256&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1153808932.1718140956&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLBLzlQF29DLk6f_6mMNOOVRcq3rSlww&random=1176091545&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&page_title=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' .secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-MjE0MGE5ZGMtNmQzNC00YzZjLThhZWEtMzg4MzgzMzRlMTNi' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com .gartner.com .gtnr.io .marketo.com https://play.vidyard.com .youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com .secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

725-smc-563.mktoresp.com
abrtp2-cdn.marketo.com
abrtp2.marketo.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
assets-tracking.crazyegg.com
attr.ml-api.io
b.6sc.co
bat.bing.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.pdst.fm
cm.teads.tv
dam.secureworks.com
epsilon.6sense.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
id.rlcdn.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
match.adsrvr.org
munchkin.marketo.net
p.teads.tv
pages.secureworks.com
pagestates-tracking.crazyegg.com
pixel-config.reddit.com
px.ads.linkedin.com
rtp-static.marketo.com
s.company-target.com
s.ml-attr.com
script.crazyegg.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.teads.tv
tag.demandbase.com
tracking.crazyegg.com
trk.techtarget.com
us-central1-adaptive-growth.cloudfunctions.net
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.secureworks.com
b.6sc.co
www.google.ca
104.105.36.121
104.105.40.89
104.17.71.206
104.18.32.137
104.19.147.8
104.19.177.52
104.244.42.131
13.107.42.14
13.249.39.126
146.75.36.157
151.101.1.140
151.101.129.140
152.199.2.76
162.159.140.25
172.217.222.105
172.217.222.94
172.64.151.60
173.194.204.154
18.160.10.26
18.160.10.40
18.160.18.33
18.160.18.4
18.67.60.119
18.67.65.42
192.28.144.124
192.28.155.3
204.79.197.237
209.85.144.97
209.85.201.156
209.85.232.138
216.239.36.54
23.205.106.73
23.212.249.132
23.218.218.155
23.50.125.47
23.62.169.133
3.132.177.74
3.162.103.73
34.111.208.231
34.96.71.22
35.244.142.80
35.244.154.8
52.223.40.198
68.67.153.60
68.67.160.76
72.21.81.130
76.223.9.105
99.84.108.117
99.84.191.65
01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6
01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0d6fba9519c07a6138279b6d6fa859766cd5b6b27e68166b53dad79201597832
0e7ee488720823f506e6fca1ba0da31c53e12db210bf875a74b716fe4df66d64
0ec9ca5bebcf9a33d5741db506547c6903858435a1643b40116ccfbbd0726f63
143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
19265c09939675d4a3511ba7fbc7f2a3d59ca6a1ff253645e221270868ae73d8
1a6d77266bd2a4688fbe39ef25f8245cb87a7c4a5c3b33d9655a58e49d2183c8
24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
2b76291b70139d9c203708f0afdbab2d98c39a24e6152e9cb99837e714df8845
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3017d3476da7a48172b149b8f125d58e175ed4032a22babd0ed215666a99f0bc
3093e33793c47765367d205c29aae6b87fa7f33b66c285fa1f155ef864faf5dd
311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f
34b29f07f20622b5e37eff7e5b87a381a432999971e073289cee4ac82832870e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cbadfa4978733bd5be49491780ee3fdcf1255dcfd09ebbaec113c1ddd256c5c
3d88f54a9178a5c0b75abb4b7d66c4a084f4234e580f2c83a321c693702f7b41
3e6b554534f7428b64fbc3de1c22bc0402b9acf4d3d955d917495a558e96204c
41f511c11798733b533de36c1a0ee8c04033a68f7eb2f11730f5bd528391ed4b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d57401850d7f4db0efa67f17e4ccb839ba545f3c377c078a03e9c12b943318
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4a02c64bcf27e009fb460880bb2d00a0bc64642b371551eb3bebdfd1bfa45571
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f4e5c3ed95b7f90a4c8c465a34c82dd9068e6887e8e2e4aa67c024bb73c9e56
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632
5392fcb13ceeae22545e0102586f503f8a5776bd631432814988c86bb64a3d72
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b14348040f17891d6abf5eb3059d81a336cbf5567ee27e1de0a1dc30d4feac3
5c7fa0738cb156379e2bde84a4fbe1c5329b554fe6fc9291d5f1deb752ffa1d7
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
74c089861b357f2d7aefccb4ad68cc92de7fd4041e8674c8c7d2d128adeca379
7542958e94135ffcf39a2673574dda0be3ab03eb3636ee76c697213ce0883d51
76444a9885bbb64c7a19bc5db54d746ab2cc1b7fe80356d25512cf2d79efff76
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
7832f4a3c9cdc8ef1259fd500526f9d7bde88361e75340f2d74a6dfbf2afc3a5
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730
821a9359e84a856533e8d6aa5ea4ca4df69a32c631f676be2eda48e65bf4909a
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832a204488e45f8ad10625d6c0b597b5ddcad1a9d3b4223506857c61cfd25a86
8533a2e2e1f011b37c8da7b0adb403c7234028282ed68badd18a78e9615b7963
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
89492e75b5c96c9013b608ee2db5bd1f29c6598b0d95fa00c682f4bb852acde6
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
a034ab1be1fd0be24846ca7de9cb845befb2d4707ad8012a4881553773982957
a2a51c8b8a579c1634f39112ecca6f1831dd5f1aaca7c4a9e0f4039a5a86fbd6
a5cd626bbffd3917ab5f3b0d0a209a9d677a017855c4e4165bb234dcf70c65fc
a7fc03a12b273741a1add13e5e7e3ebd52b9b1f85e0c9e1798dcc6ad385f1586
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129
b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
bd141cb88c05d7eb814ae3b69683cfdf8dd7276c039f38961c12b8a22acc7e56
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641
c1f77182830a6f61b1c4f757df62051f9b3cd5573d6cc7d988c2bbe5b20c54e3
c6653899c72872749b0c660a0a367968505c9988d125a555f8c3ccac4f8ca63f
c728ef0a0548ee709c3cc0c7d06665596a35176c42067c85c892b24415cc1c4f
ca050b8f34554c0a517f6270316c5ab6a2682491b4cf8f4150cd8c466ab0e437
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf27a8a97c021bd420b0e25d707b39df0289a37d6a0e9857daf1550330880e2f
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d2361b752bc93a39d489917e3d024a206c874a136b4643f01e1f5a786b143849
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d6968ffe4a37dbfa8e244672f97ddc3329815477ad3592085cfd19f2269577a1
d8174af0e580306698f3a965c8e0579daea1f8084c5c977ac96ee2d7539cab03
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb84c7e91a1fa83f35d9b98a7a3f19ae0def755a8c85fbabcaa7d7e598fcb9
e5edab6cea865b4c88e4d85527ffa35b68b91e4bc2ac6d41db54933d4a88778d
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2
eb7c84aa3e6f874b312aa8a35ae9ea23080ba33bc9be87dc4046430cb8219708
ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6234a63720e6c3acd6cb0d07a5136f425d3f09c148da4dcc485972f84214e
f0273094766fde820e821a416732ccc2f6ffe5d046fb4028b6d00f9dec3af92d
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f7232500e53ef989b17664d67429b02226a28247a0c840ce3bb9bde9b98e3e12
fd7058c7d4b96080b7a1cee0f7bf63a8900edeb1a45bd55e223673915565d0db
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.secureworks.com Open in urlscan Pro 162.159.140.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

93 %HTTPS

0 %IPv6

36 Domains

57 Subdomains

48 IPs

2 Countries

2471 kBTransfer

7153 kBSize

66 Cookies

16 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.secureworks.com Open in urlscan Pro
162.159.140.25 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

93 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

48
IPs

2
Countries

2471 kB
Transfer

7153 kB
Size

66
Cookies

148 HTTP transactions
0 data transactions