Submitted URL: http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Effective URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Submission: On January 10 via api from DE — Scanned from JP

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 101 HTTP transactions. The main IP is 2606:4700:10::ac43:18d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cyfirma.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.
This is the only time www.cyfirma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.182.94.20 16509 (AMAZON-02)
71 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.65.207.119 16509 (AMAZON-02)
5 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 2600:140b:1a0... 20940 (AKAMAI-ASN1)
2 2620:1ec:46::46 8075 (MICROSOFT...)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 20.231.53.73 8075 (MICROSOFT...)
1 2 20.205.115.81 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2604:a880:4:1... 14061 (DIGITALOC...)
101 19
Apex Domain
Subdomains
Transfer
72 cyfirma.com
cyfirma.com
www.cyfirma.com
2 MB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
px4.ads.linkedin.com — Cisco Umbrella Rank: 7294
6 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1280
q.clarity.ms — Cisco Umbrella Rank: 12359
c.clarity.ms — Cisco Umbrella Rank: 2579
23 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
403 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
225 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
16 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 6
analytics.google.com — Cisco Umbrella Rank: 266
1 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4701
12 KB
1 cleantalk.org
moderate1.cleantalk.org — Cisco Umbrella Rank: 531658
364 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 539
764 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 17094
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
254 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
947 B
1 fw-cdn.com
in.fw-cdn.com — Cisco Umbrella Rank: 418440
86 KB
101 15
Domain Requested by
71 www.cyfirma.com www.cyfirma.com
5 www.googletagmanager.com www.cyfirma.com
www.googletagmanager.com
www.google-analytics.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 q.clarity.ms www.clarity.ms
2 www.clarity.ms www.cyfirma.com
www.clarity.ms
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 challenges.cloudflare.com 1 redirects www.cyfirma.com
1 moderate1.cleantalk.org
1 c.bing.com 1 redirects
1 www.google.co.jp www.cyfirma.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com www.cyfirma.com
1 www.linkedin.com 1 redirects
1 www.gstatic.com www.google.com
1 fonts.googleapis.com www.cyfirma.com
1 www.google.com www.cyfirma.com
1 in.fw-cdn.com www.cyfirma.com
1 cyfirma.com 1 redirects
101 22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-14 -
2024-05-13
a year crt.sh
*.fw-cdn.com
Amazon RSA 2048 M02
2023-12-24 -
2025-01-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-11-03 -
2024-05-03
6 months crt.sh
*.cleantalk.org
Sectigo RSA Domain Validation Secure Server CA
2023-09-07 -
2024-09-24
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Frame ID: 434FB16C5F0A9056DA551221EEF9A88D
Requests: 101 HTTP requests in this frame

Screenshot

Page Title

A GAMER TURNED MALWARE DEVELOPER : DIVING INTO SILVERRAT AND IT’S SYRIAN ROOTS - CYFIRMA

Page URL History Show full URLs

  1. http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syr... HTTP 301
    https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /particles(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

101
Requests

97 %
HTTPS

76 %
IPv6

15
Domains

22
Subdomains

19
IPs

5
Countries

2331 kB
Transfer

4632 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/ HTTP 301
    https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js
Request Chain 86
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4091476%26time%3D1704892396495%26url%3Dhttps%253A%252F%252Fwww.cyfirma.com%252Foutofband%252Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true&e_ipv6=AQLWB9Lt0W7EcwAAAYzzgXZ6XanwoT3qRZFqn8U3Li5xNIEA7Cz3OFnSSGvKtTqEgvU4jg
Request Chain 97
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BBC10C5B8DDF47A4A29BC40A08A64BBF&RedC=c.clarity.ms&MXFR=17D722F981FE65102F2D36FB85FE6B47 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBC10C5B8DDF47A4A29BC40A08A64BBF&MUID=1D25D875F3D86EDD2AE8CC77F2A26FE6

101 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Redirect Chain
  • http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
  • https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
115 KB
34 KB
Document
General
Full URL
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360197d0049d6ec7819e9403de215bc4b7bb628fd34f90e5a8897c08e03dfa02
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
https://www.cyfirma.com/
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84352d1999506870-NRT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 13:13:16 GMT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/" <https://www.cyfirma.com/wp-json/wp/v2/out-of-band/23176>; rel="alternate"; type="application/json" <https://www.cyfirma.com/?p=23176>; rel=shortlink
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Wed, 10 Jan 2024 13:13:14 GMT
Location
https://www.cyfirma.com:443/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Server
awselb/2.0
api.js
challenges.cloudflare.com/turnstile/v0/b/c8377512/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js
34 KB
12 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
84352d239ff4b005-NRT
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 10 Jan 2024 13:13:16 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/b/c8377512/api.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84352d237fc6b005-NRT
alt-svc
h3=":443"; ma=86400
164635.js
in.fw-cdn.com/30284536/
342 KB
86 KB
Script
General
Full URL
https://in.fw-cdn.com/30284536/164635.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-119.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fbb1317e09b00ee140f43e416c854d5f3706c122c18653259a8fe63ef94119a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
oBH3aQRn4N0qPuazSvE_AiTRofZ36goT
content-encoding
br
via
1.1 e70028cb30f78307280e23c065d90090.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 13:12:36 GMT
last-modified
Wed, 06 Dec 2023 13:30:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
age
41
x-amz-server-side-encryption
AES256
etag
W/"1661cf6955e0e6b995aae4d07565f97d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=120
x-amz-cf-id
T5HrK0q44NhHLI_7bXMjGXskM9_uksE8AUOsOonHW6ZqpTOjzMqB7g==
style.min.css
www.cyfirma.com/my_includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/my_includes/css/dist/block-library/style.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
11681
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 12:06:57 GMT
server
cloudflare
etag
"15b64-5e942e5dafa40-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d236c566870-NRT
wpcf7-redirect-frontend.min.css
www.cyfirma.com/apps/wpcf7-redirect/build/css/
316 B
233 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
124
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 05:38:42 GMT
server
cloudflare
etag
"13c-5e5dc76305c80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d236c586870-NRT
cleantalk-public.min.css
www.cyfirma.com/apps/cleantalk-spam-protect/css/
591 B
445 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/cleantalk-spam-protect/css/cleantalk-public.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e1d4ca8e3b35d99f52810f28e11145a323dd0e849caea9ae81f34e19adcb65
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
335
x-xss-protection
1; mode=block
last-modified
Fri, 18 Nov 2022 06:38:54 GMT
server
cloudflare
etag
"24f-5edb8f59c9b80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d236c5a6870-NRT
styles.css
www.cyfirma.com/apps/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/css/styles.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
972
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:16:29 GMT
server
cloudflare
etag
"aab-5eb749e5a3940-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d236c5b6870-NRT
cf7msm.css
www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/
99 B
215 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/cf7msm.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
107
x-xss-protection
1; mode=block
last-modified
Fri, 05 Aug 2022 08:16:26 GMT
server
cloudflare
etag
"63-5e57a1514aa80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c616870-NRT
style.css
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/
2 KB
618 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bedb566e4c72916581634e62c27865c5e69c7257b6f13ce273688d85709b55
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
536
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:51 GMT
server
cloudflare
etag
"69a-5e56a3f1220c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c636870-NRT
admin-bar-style.css
www.cyfirma.com/apps/wpml-translation-management/res/css/
112 B
221 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/wpml-translation-management/res/css/admin-bar-style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2961bb57dcfff925f2e03ad6ad741a457b5f5482bd5b5c221cc20d5d1bfb4268
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
113
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:59 GMT
server
cloudflare
etag
"70-5e56a3f8c32c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c646870-NRT
uacf7-frontend.css
www.cyfirma.com/apps/ultimate-addons-for-contact-form-7/assets/css/
66 B
187 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/ultimate-addons-for-contact-form-7/assets/css/uacf7-frontend.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b431cd3e46b1b838277b94d965395353337d85e6671485b4ce10c11ec6dc31e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
263
x-xss-protection
1; mode=block
last-modified
Wed, 10 May 2023 08:28:51 GMT
server
cloudflare
etag
W/"42-5fb52a95eb6c0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
cf-ray
84352d237c656870-NRT
skin.css
www.cyfirma.com/template/
0
61 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/skin.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
0
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"0-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c666870-NRT
blocks.css
www.cyfirma.com/template/assets/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/blocks.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738d4cf265345f71cce17d9a69eb8f20df5de1fa2a6e5be1c6ca76824cf8745a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
1447
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"1e35-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c686870-NRT
bootstrap.min.css
www.cyfirma.com/template/assets/css/
156 KB
23 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/bootstrap.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23a5e62bb16bd36bfa1555d3f741821201496ac4b6d2cc974549568adadec88
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
23649
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"26eee-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c6a6870-NRT
fontawesome.min.css
www.cyfirma.com/template/assets/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/fontawesome.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425a515894a7215256e54706cc640acbb4fb34fd17eb29b374846d8b106e6f8e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
12157
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"da62-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c6b6870-NRT
all.css
www.cyfirma.com/template/assets/css/
77 KB
16 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/all.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4948aa9fd1875b6f894bf7ac085914baf38bc27d8b0699864a849c7b7f233ca7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
16190
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"135ba-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c6c6870-NRT
jquery.fancybox.css
www.cyfirma.com/template/assets/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/jquery.fancybox.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf8b2588497dcd12fa96a75731c6ec327491f8d55f18da0af72b70afa6713af
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
3486
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"382f-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c6d6870-NRT
slick.css
www.cyfirma.com/template/assets/css/
1 KB
577 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/slick.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
490
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"534-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c6f6870-NRT
jquery.mCustomScrollbar.css
www.cyfirma.com/template/assets/css/
42 KB
4 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/jquery.mCustomScrollbar.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
3989
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"a8a2-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c716870-NRT
custom-style.css
www.cyfirma.com/template/assets/css/
75 KB
15 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/custom-style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893457445b0ccaec3a0dcdcafc1fae03a4184efc7ccd112c5433d65c1101533a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
14863
x-xss-protection
1; mode=block
last-modified
Mon, 07 Nov 2022 05:06:34 GMT
server
cloudflare
etag
"12cd7-5ecda6325ca80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c726870-NRT
new-custom-style.css
www.cyfirma.com/template/assets/css/
257 B
254 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/new-custom-style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e5aea71b92d5bc2e05586277048d2b3b558e75aa7df216a28e4b77bceecc8d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
145
x-xss-protection
1; mode=block
last-modified
Mon, 05 Sep 2022 12:51:37 GMT
server
cloudflare
etag
"101-5e7ed8a4b2840-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c746870-NRT
responsive.css
www.cyfirma.com/template/assets/css/
36 KB
7 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/responsive.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf1bb5e4b0212164c1cedcbc1cf2d8b7cc399077fc89875d6bbdfbb349571f4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
7245
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 14:49:25 GMT
server
cloudflare
etag
"8e81-5eb786e702740-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c756870-NRT
jquery.min.js
www.cyfirma.com/template/assets/js/
87 KB
31 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
30910
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"15d84-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c786870-NRT
devtools-detect.js
www.cyfirma.com/apps/wp-hide-security-enhancer/assets/js/
1 KB
1 KB
Script
General
Full URL
https://www.cyfirma.com/apps/wp-hide-security-enhancer/assets/js/devtools-detect.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa4c3d21c2a86169948b5acc1bf4a8589bd4898c5bca6f46a20ae8727b30179
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
536
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:15:59 GMT
server
cloudflare
etag
"59f-5eb749c9075c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c796870-NRT
apbct-public-bundle.min.js
www.cyfirma.com/apps/cleantalk-spam-protect/js/
44 KB
12 KB
Script
General
Full URL
https://www.cyfirma.com/apps/cleantalk-spam-protect/js/apbct-public-bundle.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83c6996b8b62de253d21d5c66caef7e9475d216b125c183a3231aa342cc1eaf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
12299
x-xss-protection
1; mode=block
last-modified
Fri, 18 Nov 2022 06:38:54 GMT
server
cloudflare
etag
"b1d9-5edb8f59c9b80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c7b6870-NRT
script.js
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/
2 KB
763 B
Script
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/script.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2d1114a960c43692ad2909005aa641bc406fb1f6c5714bc2d2185b5c3b2129
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
637
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:51 GMT
server
cloudflare
etag
"768-5e56a3f1220c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c7c6870-NRT
js
www.googletagmanager.com/gtag/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b255ade25a6f2c7887e210f249b590271eb560a1e54ecc7b17dc7230baf22a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69228
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 13:13:16 GMT
CyfirmaLogoWhite.svg
www.cyfirma.com/media/2022/08/
18 KB
7 KB
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/CyfirmaLogoWhite.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ce60e24df059952c6c4f6a82cdb94603280a563a2c2e467f71dc712d0892a7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
263
x-xss-protection
1; mode=block
last-modified
Mon, 08 Aug 2022 05:08:58 GMT
server
cloudflare
etag
W/"465e-5e5b3d02bee80"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352d237c7e6870-NRT
en.png
www.cyfirma.com/media/flags/
1012 B
1 KB
Image
General
Full URL
https://www.cyfirma.com/media/flags/en.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82368a28809e066c7a394775e69bc6ce1ca857317222b8b0ea4ffe53ae5b5f3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
1012
x-xss-protection
1; mode=block
last-modified
Fri, 23 Sep 2022 07:10:14 GMT
server
cloudflare
etag
"3f4-5e952de8e2180"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d237c7f6870-NRT
game-fe.jpg
www.cyfirma.com/media/2024/01/
80 KB
80 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-fe.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4813a394e45fd92bcc4ea6f2c58aad3c7a705a3f919be52bc8cc1ae3d780bf27
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
81545
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:54 GMT
server
cloudflare
etag
"13e89-60e090105f4b0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d23ccfe6870-NRT
game-1.jpg
www.cyfirma.com/media/2024/01/
35 KB
35 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-1.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b22ab3b9fcb87360c73ec15bcb41922631c3c885f6655ad765cad19a8bc4873
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
36132
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:27 GMT
server
cloudflare
etag
"8d24-60e08ff5fbad8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d23cd006870-NRT
game-2.jpg
www.cyfirma.com/media/2024/01/
33 KB
33 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-2.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a165a7c7659182efd6321498ed0769dbd1a2962514cf9ab4d78edd79623fcd3e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
33450
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:24 GMT
server
cloudflare
etag
"82aa-60e08ff3c7b68"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be186870-NRT
game-3.jpg
www.cyfirma.com/media/2024/01/
20 KB
20 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-3.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a9b84b9b18224ebadcc2d87504030ba4e6441464bfd8526072ef21ac6af94f0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
20786
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:23 GMT
server
cloudflare
etag
"5132-60e08ff21fa40"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be1a6870-NRT
game-4.jpg
www.cyfirma.com/media/2024/01/
54 KB
54 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-4.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81aa5cbc19aa26564505a051e0222deb4b4c2c4eec6df548107e009ce753f8d2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
55011
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:21 GMT
server
cloudflare
etag
"d6e3-60e08ff047b78"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be1d6870-NRT
game-5.jpg
www.cyfirma.com/media/2024/01/
5 KB
6 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-5.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94abca203c15bd422d0e66e1c49755ea348088e2cebc10426464bc4aaa0f6207
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
5624
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:19 GMT
server
cloudflare
etag
"15f8-60e08fee60e68"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be1e6870-NRT
game-6.jpg
www.cyfirma.com/media/2024/01/
24 KB
24 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-6.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4bbe64fbb54cf16c604fb0a3516b05712f98e18efaeee113025beeb70c252e9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
24203
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:16 GMT
server
cloudflare
etag
"5e8b-60e08fec2fdd8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be216870-NRT
game-7.jpg
www.cyfirma.com/media/2024/01/
23 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-7.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d08b3c4e0d31ee8c5be246045c0424c3ce505645aab663364ec8bd8eaf37592
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
23128
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:15 GMT
server
cloudflare
etag
"5a58-60e08fea9a1a8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be226870-NRT
game-8.jpg
www.cyfirma.com/media/2024/01/
22 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-8.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8937050d83a758064ca7c345d51c4dd96ebb950a17a9f0242680d546b32ce5a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
22993
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:13 GMT
server
cloudflare
etag
"59d1-60e08fe87dd20"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be236870-NRT
game-9.jpg
www.cyfirma.com/media/2024/01/
26 KB
26 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-9.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bfb862f8695877b9520dbfb08d1774c96d1bbc5c910825fcd664ed92d26590
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
26164
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:11 GMT
server
cloudflare
etag
"6634-60e08fe6ba678"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be246870-NRT
game-10.jpg
www.cyfirma.com/media/2024/01/
23 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-10.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f0821b7f02d92d9e2edfc85f833468f09ba25818636baa69f54f36ca3b8054
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
23773
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:08 GMT
server
cloudflare
etag
"5cdd-60e08fe4899d0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be256870-NRT
game-11.jpg
www.cyfirma.com/media/2024/01/
38 KB
38 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-11.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9543edfb5dc8f9d0cf2518a9aab7259016f28581732641916e3ab81e1cef41f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
38561
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:07 GMT
server
cloudflare
etag
"96a1-60e08fe2d16d8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be286870-NRT
game-12.jpg
www.cyfirma.com/media/2024/01/
34 KB
34 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-12.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94dd11355000b0cecf42078c7b07c4b60a96d2ac812c87638e7fc66a7e0b866
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
34837
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:05 GMT
server
cloudflare
etag
"8815-60e08fe144360"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be296870-NRT
game-13.jpg
www.cyfirma.com/media/2024/01/
115 KB
116 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-13.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e191a8f0f3409ba0230d22fc8c72e49e09b295acfb32355fe0d9f303941a558
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
118139
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:04 GMT
server
cloudflare
etag
"1cd7b-60e08fdff8e98"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be2a6870-NRT
game-14.jpg
www.cyfirma.com/media/2024/01/
50 KB
51 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-14.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd3b652748e8e94f3b6b76d41becbb29b31ee51f4b6a488346a0e4e49463a70
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
51675
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:02 GMT
server
cloudflare
etag
"c9db-60e08fde29888"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be2c6870-NRT
game-15.jpg
www.cyfirma.com/media/2024/01/
35 KB
35 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-15.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fcb863e9702bbbf1786ed6a0516907748eb7243b9f595e812d8b8dd443c0d3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
35944
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:00 GMT
server
cloudflare
etag
"8c68-60e08fdc884c0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be2d6870-NRT
game-16.jpg
www.cyfirma.com/media/2024/01/
23 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-16.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c3d9ebb615025fc6e72a353af5c9060e9457c8143aa044e9d7e30682ef44ec
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
23080
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:58 GMT
server
cloudflare
etag
"5a28-60e08fdb08438"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be2e6870-NRT
game-17.jpg
www.cyfirma.com/media/2024/01/
62 KB
62 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-17.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f1d89b9c373054ecf43ccd99500a7bd903dbf7d41f40dc697bc6fc5dffd7b4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
62990
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:56 GMT
server
cloudflare
etag
"f60e-60e08fd91a9c8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be306870-NRT
game-18.jpg
www.cyfirma.com/media/2024/01/
48 KB
48 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-18.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
114f4522eee1d9ff4754183088a405ab26fd9069a124e4b97f42a95ef95171d5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
48687
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:55 GMT
server
cloudflare
etag
"be2f-60e08fd75b1a0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be346870-NRT
game-19.jpg
www.cyfirma.com/media/2024/01/
34 KB
34 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-19.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b06c480414c04b76546b7601ae434ee037f1a2f3d2c368fea636b4ec60a30cb5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
34540
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:53 GMT
server
cloudflare
etag
"86ec-60e08fd559ac8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be356870-NRT
game-20.jpg
www.cyfirma.com/media/2024/01/
21 KB
21 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-20.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0160289f88acaad5015d6305885ffbedbade942652a0b8f2bac34ebcf7bde9f2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
21302
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:51 GMT
server
cloudflare
etag
"5336-60e08fd3c1788"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be366870-NRT
game-21.jpg
www.cyfirma.com/media/2024/01/
56 KB
57 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-21.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52df45ba01cc35fbdd91ed56a522caf586eddb395fac843dfd18212cdd204d88
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
57821
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:49 GMT
server
cloudflare
etag
"e1dd-60e08fd267c48"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be376870-NRT
game-22.jpg
www.cyfirma.com/media/2024/01/
26 KB
26 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-22.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c33c0724121785c794440f67ebfb65eafe1edc8e387fd0825bfa9c01a6c4828d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
26815
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:48 GMT
server
cloudflare
etag
"68bf-60e08fd0b7268"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be396870-NRT
game-23.jpg
www.cyfirma.com/media/2024/01/
25 KB
25 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-23.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23411e3962d39eefa1bf12330e1d03ffbc11b2b7b1483f3840ddf33dc79ef506
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
25482
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:46 GMT
server
cloudflare
etag
"638a-60e08fcf202b0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be4d6870-NRT
linkedin-in-1.svg
www.cyfirma.com/media/2023/11/
688 B
586 B
Image
General
Full URL
https://www.cyfirma.com/media/2023/11/linkedin-in-1.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a53a9bfe4eff5bbf862f07880bca00665a89b61f9186060d514dc6590b60529
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
263
x-xss-protection
1; mode=block
last-modified
Thu, 16 Nov 2023 07:16:38 GMT
server
cloudflare
etag
W/"2b0-60a3fccfa8ef0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352d24be4f6870-NRT
facebook-f.svg
www.cyfirma.com/media/2023/11/
559 B
532 B
Image
General
Full URL
https://www.cyfirma.com/media/2023/11/facebook-f.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5121be3e86a265c52a5ad4cf1a8b7cf45f5f7a280b378edbf0e57499afb2810
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
263
x-xss-protection
1; mode=block
last-modified
Thu, 16 Nov 2023 07:16:42 GMT
server
cloudflare
etag
W/"22f-60a3fcd31bfd8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352d24be506870-NRT
x-twitter.svg
www.cyfirma.com/media/2023/11/
560 B
515 B
Image
General
Full URL
https://www.cyfirma.com/media/2023/11/x-twitter.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43ae1ac836ab2e2c6f5409d5912f1246383abe0955cb2e1a6ef6f4718dd988c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
263
x-xss-protection
1; mode=block
last-modified
Thu, 16 Nov 2023 07:16:36 GMT
server
cloudflare
etag
W/"230-60a3fcce04090"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352d24be526870-NRT
style.css
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/
812 B
465 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
311
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:51 GMT
server
cloudflare
etag
"32c-5e56a3f1220c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d241d5e6870-NRT
wpcf7r-fe.js
www.cyfirma.com/apps/wpcf7-redirect/build/js/
8 KB
2 KB
Script
General
Full URL
https://www.cyfirma.com/apps/wpcf7-redirect/build/js/wpcf7r-fe.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
1617
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 05:38:42 GMT
server
cloudflare
etag
"1f8a-5e5dc76305c80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d241d676870-NRT
index.js
www.cyfirma.com/apps/contact-form-7/includes/swv/js/
10 KB
3 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/swv/js/index.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
2937
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:16:29 GMT
server
cloudflare
etag
"26d1-5eb749e5a3940-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d243d966870-NRT
index.js
www.cyfirma.com/apps/contact-form-7/includes/js/
12 KB
4 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/js/index.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
3957
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:16:29 GMT
server
cloudflare
etag
"3016-5eb749e5a3940-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d243d9a6870-NRT
cf7msm.min.js
www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/
5 KB
2 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/cf7msm.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdb442f3cefaf2cdac354f011905aa766d027e6820fabc4499f243598f9c561
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
2012
x-xss-protection
1; mode=block
last-modified
Fri, 05 Aug 2022 08:16:26 GMT
server
cloudflare
etag
"1435-5e57a1514aa80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d245dc36870-NRT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33486529333d62be05c0096dfcdc78e14b783f6f476c403f1683a3de5ffc09eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 10 Jan 2024 13:13:16 GMT
particles.js
www.cyfirma.com/template/assets/js/
22 KB
6 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/particles.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b336cf8710d8097c7de836d5534ff7c803b00c260c9500a4cb4b95f1905230c1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
5721
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"591e-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d245dc76870-NRT
jquery.matchHeight-min.js
www.cyfirma.com/template/assets/js/
3 KB
1 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.matchHeight-min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ab9a2fb6fb65ca5debaa8686408bab41a073db2d5abcf0db248279d944ac51
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
1372
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"d29-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d248de46870-NRT
bootstrap.min.js
www.cyfirma.com/template/assets/js/
58 KB
15 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/bootstrap.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974e81270e14d0829929fe7cf9e20bd0ad6c651a6c4203b6799740b970174a52
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
15406
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"e6b4-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d248deb6870-NRT
jquery.custom-scroll.min.js
www.cyfirma.com/template/assets/js/
44 KB
13 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.custom-scroll.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
12940
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"b1a7-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24ae116870-NRT
jquery.fancybox.js
www.cyfirma.com/template/assets/js/
60 KB
19 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.fancybox.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539f5ac9dfd20b0944a5dcbf121289df379e4197e9263006b96b931c7bc18c5b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
19666
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"f154-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be136870-NRT
slick.js
www.cyfirma.com/template/assets/js/
42 KB
11 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/slick.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
10485
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"a88a-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be156870-NRT
custom.js
www.cyfirma.com/template/assets/js/
5 KB
1 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/custom.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290dc8deb77632ee52a3e08c01def62f5fb715b5c85fbc4afaa99a3c8b4d1a4e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
1318
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 12:15:07 GMT
server
cloudflare
etag
"144a-5e8a21454c8c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be176870-NRT
gtm.js
www.googletagmanager.com/
232 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d48967aaca726e44ee4b913413dae250065aa8b631599cb291e92324453d1370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77804
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 13:13:16 GMT
wp-emoji-release.min.js
www.cyfirma.com/my_includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.cyfirma.com/my_includes/js/wp-emoji-release.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
263
content-length
5009
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 12:05:01 GMT
server
cloudflare
etag
"48b9-5e942def0f540-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be546870-NRT
css2
fonts.googleapis.com/
4 KB
947 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/custom-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:53:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 13:13:16 GMT
footerbg.png
www.cyfirma.com/template/assets/media/2022/09/
28 KB
28 KB
Image
General
Full URL
https://www.cyfirma.com/template/assets/media/2022/09/footerbg.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/custom-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a8b1d843acab4993a44b5f85cf2721cacf4b28a3647044ca220778c9a3e63b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/template/assets/css/custom-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:17 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.cyfirma.com/
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
84352d24be556870-NRT
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:08:22 GMT
x-content-type-options
nosniff
age
547494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 05:08:22 GMT
fa-regular-400.woff2
www.cyfirma.com/template/assets/fonts/
142 KB
142 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-regular-400.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3da2adabcb26b0d20d5ddf91e3b608996801e6d8a99a739bb041f9c9628539c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/template/assets/css/all.css
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
145052
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"2369c-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be566870-NRT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 22:39:18 GMT
x-content-type-options
nosniff
age
311638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Jan 2025 22:39:18 GMT
fa-solid-900.woff2
www.cyfirma.com/template/assets/fonts/
115 KB
115 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-solid-900.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/template/assets/css/all.css
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
117616
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"1cb70-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be576870-NRT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:26:17 GMT
x-content-type-options
nosniff
age
13619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:26:17 GMT
fa-brands-400.woff2
www.cyfirma.com/template/assets/fonts/
70 KB
71 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-brands-400.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/template/assets/css/all.css
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
content-length
72124
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"119bc-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352d24be5b6870-NRT
apbct_get_pixel_url
www.cyfirma.com/wp-json/cleantalk-antispam/v1/
80 B
2 KB
XHR
General
Full URL
https://www.cyfirma.com/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/apps/cleantalk-spam-protect/js/apbct-public-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f77727ac33b55651b0ee174a6a5d44b1a8820b743c37ec8fac709c0762ae26
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
accept-language
jp-JP,jp;q=0.9
X-WP-Nonce
c95f8ba3a4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:18 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
allow
POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cyfirma.com
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
vary
Origin
x-robots-tag
noindex
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
84352d257f0e6870-NRT
x-wp-nonce
c95f8ba3a4
expires
Thu, 19 Nov 1981 08:52:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/
503 KB
202 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyfirma.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
544799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 05:53:17 GMT
js
www.googletagmanager.com/gtag/
244 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51b065e4f3f4d5cec830ba9079b9eb2f1727c1815797000d016857a66b558865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84798
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 13:13:16 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 12:42:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1827
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Jan 2024 14:42:49 GMT
js
www.googletagmanager.com/gtag/
276 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d6f757e8a60f244230e34c4e06f9628779b9a3c0b9234fabb1bf0eff9d5f43a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93304
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 13:13:16 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
1 KB
785 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:14::17dc:5494 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a544124f98add2e2d508d975d9f14d21c2721681010ff33006518d8a2a2123c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:26:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=76413
accept-ranges
bytes
content-length
575
jg2ucp2q3y
www.clarity.ms/tag/
650 B
1022 B
Script
General
Full URL
https://www.clarity.ms/tag/jg2ucp2q3y
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d7e3990bc9a7b157c1f6dabbb071f4e601c4ab9006b2ce2b1bf6de1886de357

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date
Wed, 10 Jan 2024 13:13:15 GMT
x-azure-ref
07JeeZQAAAADt8mUL1BQFToe6LRxp/Sc/VFlPMDFFREdFMjMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
650
expires
-1
insight.old.min.js
snap.licdn.com/li.lms-analytics/
42 KB
15 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:14::17dc:5494 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f0822081c33dc4a9cabd9255d574f89280925c4e1f833eefb49a966243014572
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:26:44 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=76431
accept-ranges
bytes
content-length
15605
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-r...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-r...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4091476%26time%3D1704892396495%26url%3Dhttps%253A%252F%252Fwww.cyfirma.com%252Fou...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-r...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-...
0
705 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true&e_ipv6=AQLWB9Lt0W7EcwAAAYzzgXZ6XanwoT3qRZFqn8U3Li5xNIEA7Cz3OFnSSGvKtTqEgvU4jg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B01D8E78FEB648F0A3B504C08037169E Ref B: TYO01EDGE2206 Ref C: 2024-01-10T13:13:17Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOlzG5lqBLaiXYqq/njQ==

Redirect headers

date
Wed, 10 Jan 2024 13:13:17 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 72EF9BC36FC44E8ABADECCB31688F68A Ref B: TYO01EDGE2116 Ref C: 2024-01-10T13:13:17Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892396495&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true&e_ipv6=AQLWB9Lt0W7EcwAAAYzzgXZ6XanwoT3qRZFqn8U3Li5xNIEA7Cz3OFnSSGvKtTqEgvU4jg
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOlzG2tMTp0owSS2js8Q==
collect
www.google-analytics.com/j/
1 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1551968404&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&ul=en-us&de=UTF-8&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=467009257&gjid=1257460507&cid=700748482.1704892397&tid=UA-80179732-4&_gid=1070847071.1704892397&_r=1&gtm=457e4180&gcd=11l1l1l1l1&dma=0&jsscut=1&z=284352333
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
15 B
83 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1551968404&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&ul=en-us&de=UTF-8&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1769432917&gjid=995088263&cid=700748482.1704892397&tid=UA-80179732-4&_gid=1070847071.1704892397&_r=1&_slc=1&gtm=45He4180n815GT46FNv852032066&gcd=11l1l1l1l1&dma=0&z=672110838
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bb2ccb10404cc6a241da8ff58b2ccb32e483c021f9123c09d4e5f565af4fc718
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XN67BK9M7N&gtm=45je4180v9135687612&_p=1704892396139&gcd=11l1l1l1l1&dma=0&cid=700748482.1704892397&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704892396&sct=1&seg=0&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&en=page_view&_fv=1&_ss=1&tfd=2112
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
248 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
690e04faf52abdff81e4f4353101ae3f3271e0328d65d1d7fe1f3547c453562c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 13:13:16 GMT
collect
analytics.google.com/g/
0
254 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KBLXRB4PTX&gtm=45je4180v897044746z8852032066&_p=1704892396139&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=700748482.1704892397&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704892396&sct=1&seg=0&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&en=page_view&_fv=1&_ss=1&tfd=2147
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
254 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KBLXRB4PTX&cid=700748482.1704892397&gtm=45je4180v897044746z8852032066&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/
42 B
408 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KBLXRB4PTX&cid=700748482.1704892397&gtm=45je4180v897044746z8852032066&aip=1&dma=0&gcd=11l1l1l1l1&z=1038540702
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
20 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jg2ucp2q3y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:13:15 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 12:01:53 GMT
etag
"0x8DC10419AF46081"
x-azure-ref
07JeeZQAAAABGoljov8uER4mNv5yS4ZINVFlPMDFFREdFMjMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
24e8224d-e01e-0061-3b16-430d98000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
collect
q.clarity.ms/
0
295 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.cyfirma.com
Date
Wed, 10 Jan 2024 13:13:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
/
px.ads.linkedin.com/wa/
0
198 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jan 2024 13:13:17 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EE7522A87ACD4360928F1B30AE10399F Ref B: TYO01EDGE2116 Ref C: 2024-01-10T13:13:17Z
linkedin-action
1
vary
Origin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
access-control-allow-origin
https://www.cyfirma.com
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYOlzG8Zy1Llvbo/rKkXQ==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BBC10C5B8DDF47A4A29BC40A08A64BBF&RedC=c.clarity.ms&MXFR=17D722F981FE65102F2D36FB85FE6B47
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBC10C5B8DDF47A4A29BC40A08A64BBF&MUID=1D25D875F3D86EDD2AE8CC77F2A26FE6
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBC10C5B8DDF47A4A29BC40A08A64BBF&MUID=1D25D875F3D86EDD2AE8CC77F2A26FE6
Protocol
H2
Server
20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:17 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:13:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 29F838555D1A4116A5F1A9004163ADD7 Ref B: TYBEDGE0409 Ref C: 2024-01-10T13:13:17Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBC10C5B8DDF47A4A29BC40A08A64BBF&MUID=1D25D875F3D86EDD2AE8CC77F2A26FE6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
e86bbe72943a40126382f5f76f656290.gif
moderate1.cleantalk.org/pixel/
43 B
364 B
Image
General
Full URL
https://moderate1.cleantalk.org/pixel/e86bbe72943a40126382f5f76f656290.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:4:1d0::4cf:c000 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:13:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
collect
q.clarity.ms/
0
295 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.cyfirma.com
Date
Wed, 10 Jan 2024 13:13:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| hideChatWidget string| custWidgetId object| fwcrm function| jQuery object| freshsales object| ZargetUrlChangeTrigger function| beforeunload boolean| zg_is_new_visitor object| zargetCookie function| zg_selector function| integrations function| zg_projectProps function| runZGHeatmap function| runZGPausedExp object| expEvt function| zarget$ function| fm_$ object| zargetAPI object| FMApi object| triggerHeatmapExperiment object| bulkDetails object| FM object| session object| dataLayer function| turnstileCallbackFunction function| apbct_attach_event_handler__backend object| _wpemojiSettings object| turnstile function| $ object| devtools object| ctPublicFunctions object| ctPublic function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| ApbctCore function| apbct function| ApbctXhr function| ApbctAjax function| ApbctRest function| ctSetCookie function| ctSetAlternativeCookie function| ctGetCookie function| ctDeleteCookie function| apbct_public_sendAJAX function| apbct_public_sendREST object| apbctLocalStorage object| ct_date number| ctTimeMs boolean| ctMouseEventTimerFlag object| ctMouseData number| ctMouseDataCounter object| ctCheckedEmails function| apbct_attach_event_handler function| apbct_remove_event_handler number| ctMouseReadInterval number| ctMouseWriteDataInterval function| ctFunctionFirstKey function| ctFunctionMouseMove function| ctMouseStopData function| ctKeyStopStopListening function| checkEmail function| ctSetPixelImg function| ctGetPixelUrl function| ctSetHasScrolled function| ctSetMouseMoved function| ctPreloadLocalStorage function| apbct_ready function| ctFillDecodedEmailHandler function| apbctAjaxEmailDecode function| apbctEmailEncoderCallback function| getJavascriptClientData function| removeDoubleJsonEncoding function| ctProcessDecodedDataResult function| ctFillDecodedEmail function| ctShowDecodeComment function| apbct_collect_visible_fields function| apbct_visible_fields_set_cookie function| apbct_js_keys__set_input_value function| apbctGetScreenInfo function| ctParseBlockMessage function| ctSetPixelUrlLocalstorage function| ctNoCookieConstructHiddenField function| ctNoCookieGetForms function| ctNoCookieAttachHiddenFieldsToForms object| cleantalkModal object| buttons_to_handle function| apbct_gdpr_handle_buttons function| ct_protect_external function| formIsExclusion function| apbctProcessIframes function| apbctProcessExternalForm function| apbct_replace_inputs_values_from_other_form function| isIntegratedForm function| sendAjaxCheckingFormData function| ct_check_internal function| ct_check_internal__is_exclude_form object| WPMLLanguageSwitcherDropdownClick function| gtag object| wpcf7r object| wpcf7_redirect object| swv object| wpcf7 object| cf7msm_posted_data function| renderInvisibleReCaptcha function| pJS function| hexToRgb function| clamp function| isInArray function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| bootstrap boolean| mCustomScrollbar object| frontobj object| twemoji object| wp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| clarity function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| recaptcha function| onYouTubeIframeAPIReady object| ORIBILI

43 Cookies

Domain/Path Name / Value
www.cyfirma.com/ Name: apbct_site_landing_ts
Value: 1704892394
.www.cyfirma.com/ Name: apbct_site_referer
Value: UNKNOWN
www.cyfirma.com/ Name: PHPSESSID
Value: iku0tijp3fbou7dno7polkgkv3
.cyfirma.com/ Name: _fw_crm_v
Value: af28e9fa-accb-4aa9-932d-8b79a1511f57
www.cyfirma.com/ Name: first_session
Value: %7B%22visits%22%3A1%2C%22start%22%3A1704892396121%2C%22last_visit%22%3A1704892396121%2C%22url%22%3A%22https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F%22%2C%22path%22%3A%22%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F%22%2C%22referrer%22%3A%22%22%2C%22referrer_info%22%3A%7B%22host%22%3A%22%22%2C%22path%22%3A%22blank%22%2C%22protocol%22%3A%22about%3A%22%2C%22port%22%3A80%2C%22search%22%3A%22%22%2C%22query%22%3A%7B%7D%7D%2C%22search%22%3A%7B%22engine%22%3Anull%2C%22query%22%3Anull%7D%2C%22version%22%3A0.4%7D
www.cyfirma.com/ Name: ct_ps_timestamp
Value: 1704892396
www.cyfirma.com/ Name: ct_fkp_timestamp
Value: 0
www.cyfirma.com/ Name: ct_timezone
Value: 9
www.cyfirma.com/ Name: ct_screen_info
Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A16256%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
www.cyfirma.com/ Name: apbct_headless
Value: false
www.cyfirma.com/ Name: ct_checked_emails
Value: 0
www.cyfirma.com/ Name: ct_checkjs
Value: c29295420ae51592fbf97bd6050c16e002e3c7ecd4e824f7217f9244bfef7e1d
.cyfirma.com/ Name: _gid
Value: GA1.2.1070847071.1704892397
.cyfirma.com/ Name: _gat_gtag_UA_80179732_4
Value: 1
.www.cyfirma.com/ Name: _ga
Value: GA1.3.700748482.1704892397
.www.cyfirma.com/ Name: _gid
Value: GA1.3.1070847071.1704892397
.www.cyfirma.com/ Name: _gat_UA-80179732-4
Value: 1
.cyfirma.com/ Name: _ga_XN67BK9M7N
Value: GS1.1.1704892396.1.0.1704892396.0.0.0
.cyfirma.com/ Name: _ga
Value: GA1.1.700748482.1704892397
.cyfirma.com/ Name: _ga_KBLXRB4PTX
Value: GS1.1.1704892396.1.0.1704892396.60.0.0
www.clarity.ms/ Name: CLID
Value: ab243d44c9d04365a62cd7de4b43190c.20240110.20250109
.cyfirma.com/ Name: _clck
Value: 1xfrfp8%7C2%7Cfia%7C0%7C1470
.linkedin.com/ Name: li_sugr
Value: 4cbc5288-e92a-4e1f-bc8e-14963676e1f2
.linkedin.com/ Name: bcookie
Value: "v=2&329da637-6490-4d0d-8fa9-f8b59de3d82e"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2956:u=1:x=1:i=1704892396:t=1704978796:v=2:sig=AQEtu3WSzHZRoH5UgSJb4fASPD-QwpvR"
.linkedin.com/ Name: UserMatchHistory
Value: AQLKowFQwLzymAAAAYzzgXT17sIb1-nInPOZYkBuk-nnZeM4iXnO-vxus0t2CAcSqJZdqS_1zyu63Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLAG7jDzl5iYAAAAYzzgXT1q3rIwCS617OnFYTeykeliDVLtK3YFv1CuBTwSxNj035qEeik5hUt_u_IkKWvVQ
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240110131316d2f347a7-8d48-41ec-8a31-3dff2c4b8dc6AQEKPK_zK_AFf1VBbWR1LWAbBb1e97Vl"
www.cyfirma.com/ Name: ct_pointer_data
Value: %5B%5D
www.cyfirma.com/ Name: apbct_timestamp
Value: 1704892396
www.cyfirma.com/ Name: apbct_page_hits
Value: 2
.cyfirma.com/ Name: _clsk
Value: 9naiuv%7C1704892397608%7C1%7C1%7Cq.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 1D25D875F3D86EDD2AE8CC77F2A26FE6
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1D25D875F3D86EDD2AE8CC77F2A26FE6
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1D25D875F3D86EDD2AE8CC77F2A26FE6
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
www.cyfirma.com/ Name: apbct_prev_referer
Value: https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F
www.cyfirma.com/ Name: apbct_cookies_test
Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522de2f3f0bb616f88d7e490bc84f24b6de%2522%257D
.www.cyfirma.com/ Name: apbct_urls
Value: %7B%22www.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F%22%3A%5B1704892394%5D%2C%22www.cyfirma.com%2Fwp-json%2Fcleantalk-antispam%2Fv1%2Fapbct_get_pixel_url%22%3A%5B1704892396%5D%7D
www.cyfirma.com/ Name: apbct_pixel_url
Value: https%3A%2F%2Fmoderate1.cleantalk.org%2Fpixel%2Fe86bbe72943a40126382f5f76f656290.gif

1 Console Messages

Source Level URL
Text
network error URL: https://www.cyfirma.com/template/assets/media/2022/09/footerbg.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
challenges.cloudflare.com
cyfirma.com
fonts.googleapis.com
fonts.gstatic.com
in.fw-cdn.com
moderate1.cleantalk.org
px.ads.linkedin.com
px4.ads.linkedin.com
q.clarity.ms
snap.licdn.com
stats.g.doubleclick.net
www.clarity.ms
www.cyfirma.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
18.182.94.20
18.65.207.119
20.205.115.81
20.231.53.73
2001:4860:4802:36::181
2404:6800:4004:820::2003
2404:6800:4004:820::2004
2404:6800:4004:821::2003
2404:6800:4004:823::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:824::200e
2404:6800:4008:c13::9d
2600:140b:1a00:14::17dc:5494
2604:a880:4:1d0::4cf:c000
2606:4700:10::ac43:18d6
2606:4700::6811:2b8
2620:1ec:21::14
2620:1ec:46::46
2620:1ec:c11::200
0160289f88acaad5015d6305885ffbedbade942652a0b8f2bac34ebcf7bde9f2
07ce60e24df059952c6c4f6a82cdb94603280a563a2c2e467f71dc712d0892a7
114f4522eee1d9ff4754183088a405ab26fd9069a124e4b97f42a95ef95171d5
1aa4c3d21c2a86169948b5acc1bf4a8589bd4898c5bca6f46a20ae8727b30179
22e1d4ca8e3b35d99f52810f28e11145a323dd0e849caea9ae81f34e19adcb65
23411e3962d39eefa1bf12330e1d03ffbc11b2b7b1483f3840ddf33dc79ef506
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c
290dc8deb77632ee52a3e08c01def62f5fb715b5c85fbc4afaa99a3c8b4d1a4e
2961bb57dcfff925f2e03ad6ad741a457b5f5482bd5b5c221cc20d5d1bfb4268
29bfb862f8695877b9520dbfb08d1774c96d1bbc5c910825fcd664ed92d26590
2fbb1317e09b00ee140f43e416c854d5f3706c122c18653259a8fe63ef94119a
33486529333d62be05c0096dfcdc78e14b783f6f476c403f1683a3de5ffc09eb
360197d0049d6ec7819e9403de215bc4b7bb628fd34f90e5a8897c08e03dfa02
3b22ab3b9fcb87360c73ec15bcb41922631c3c885f6655ad765cad19a8bc4873
3b2d1114a960c43692ad2909005aa641bc406fb1f6c5714bc2d2185b5c3b2129
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a
425a515894a7215256e54706cc640acbb4fb34fd17eb29b374846d8b106e6f8e
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
4813a394e45fd92bcc4ea6f2c58aad3c7a705a3f919be52bc8cc1ae3d780bf27
4948aa9fd1875b6f894bf7ac085914baf38bc27d8b0699864a849c7b7f233ca7
4dd3b652748e8e94f3b6b76d41becbb29b31ee51f4b6a488346a0e4e49463a70
4e191a8f0f3409ba0230d22fc8c72e49e09b295acfb32355fe0d9f303941a558
4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3
51b065e4f3f4d5cec830ba9079b9eb2f1727c1815797000d016857a66b558865
52df45ba01cc35fbdd91ed56a522caf586eddb395fac843dfd18212cdd204d88
539f5ac9dfd20b0944a5dcbf121289df379e4197e9263006b96b931c7bc18c5b
5a53a9bfe4eff5bbf862f07880bca00665a89b61f9186060d514dc6590b60529
5a9b84b9b18224ebadcc2d87504030ba4e6441464bfd8526072ef21ac6af94f0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b431cd3e46b1b838277b94d965395353337d85e6671485b4ce10c11ec6dc31e
5cf1bb5e4b0212164c1cedcbc1cf2d8b7cc399077fc89875d6bbdfbb349571f4
5d7e3990bc9a7b157c1f6dabbb071f4e601c4ab9006b2ce2b1bf6de1886de357
63ab9a2fb6fb65ca5debaa8686408bab41a073db2d5abcf0db248279d944ac51
690e04faf52abdff81e4f4353101ae3f3271e0328d65d1d7fe1f3547c453562c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6f757e8a60f244230e34c4e06f9628779b9a3c0b9234fabb1bf0eff9d5f43a
738d4cf265345f71cce17d9a69eb8f20df5de1fa2a6e5be1c6ca76824cf8745a
7cf8b2588497dcd12fa96a75731c6ec327491f8d55f18da0af72b70afa6713af
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81aa5cbc19aa26564505a051e0222deb4b4c2c4eec6df548107e009ce753f8d2
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef
893457445b0ccaec3a0dcdcafc1fae03a4184efc7ccd112c5433d65c1101533a
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94abca203c15bd422d0e66e1c49755ea348088e2cebc10426464bc4aaa0f6207
974e81270e14d0829929fe7cf9e20bd0ad6c651a6c4203b6799740b970174a52
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9d08b3c4e0d31ee8c5be246045c0424c3ce505645aab663364ec8bd8eaf37592
a165a7c7659182efd6321498ed0769dbd1a2962514cf9ab4d78edd79623fcd3e
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
a544124f98add2e2d508d975d9f14d21c2721681010ff33006518d8a2a2123c4
a7f77727ac33b55651b0ee174a6a5d44b1a8820b743c37ec8fac709c0762ae26
a9bedb566e4c72916581634e62c27865c5e69c7257b6f13ce273688d85709b55
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
b06c480414c04b76546b7601ae434ee037f1a2f3d2c368fea636b4ec60a30cb5
b1f1d89b9c373054ecf43ccd99500a7bd903dbf7d41f40dc697bc6fc5dffd7b4
b23a5e62bb16bd36bfa1555d3f741821201496ac4b6d2cc974549568adadec88
b255ade25a6f2c7887e210f249b590271eb560a1e54ecc7b17dc7230baf22a90
b336cf8710d8097c7de836d5534ff7c803b00c260c9500a4cb4b95f1905230c1
b3f0821b7f02d92d9e2edfc85f833468f09ba25818636baa69f54f36ca3b8054
b4bbe64fbb54cf16c604fb0a3516b05712f98e18efaeee113025beeb70c252e9
b82368a28809e066c7a394775e69bc6ce1ca857317222b8b0ea4ffe53ae5b5f3
b83c6996b8b62de253d21d5c66caef7e9475d216b125c183a3231aa342cc1eaf
b8fcb863e9702bbbf1786ed6a0516907748eb7243b9f595e812d8b8dd443c0d3
b9543edfb5dc8f9d0cf2518a9aab7259016f28581732641916e3ab81e1cef41f
bb2ccb10404cc6a241da8ff58b2ccb32e483c021f9123c09d4e5f565af4fc718
c33c0724121785c794440f67ebfb65eafe1edc8e387fd0825bfa9c01a6c4828d
c43ae1ac836ab2e2c6f5409d5912f1246383abe0955cb2e1a6ef6f4718dd988c
c94dd11355000b0cecf42078c7b07c4b60a96d2ac812c87638e7fc66a7e0b866
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c3d9ebb615025fc6e72a353af5c9060e9457c8143aa044e9d7e30682ef44ec
d3da2adabcb26b0d20d5ddf91e3b608996801e6d8a99a739bb041f9c9628539c
d48967aaca726e44ee4b913413dae250065aa8b631599cb291e92324453d1370
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdb442f3cefaf2cdac354f011905aa766d027e6820fabc4499f243598f9c561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e8e5aea71b92d5bc2e05586277048d2b3b558e75aa7df216a28e4b77bceecc8d
e9a8b1d843acab4993a44b5f85cf2721cacf4b28a3647044ca220778c9a3e63b
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0822081c33dc4a9cabd9255d574f89280925c4e1f833eefb49a966243014572
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f5121be3e86a265c52a5ad4cf1a8b7cf45f5f7a280b378edbf0e57499afb2810
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8937050d83a758064ca7c345d51c4dd96ebb950a17a9f0242680d546b32ce5a
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167