www.secureworks.com Open in urlscan Pro
162.159.140.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Submission: On June 11 via manual (June 11th 2024, 9:23:20 pm UTC) from CA — Scanned from CA

Summary HTTP 150 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 50 IPs in 2 countries across 36 domains to perform 150 HTTP transactions. The main IP is 162.159.140.25, located in and belongs to CLOUDFLARENET, US. The main domain is www.secureworks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2023. Valid for: a year.

This is the only time www.secureworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	162.159.140.25 162.159.140.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.222.94 172.217.222.94	15169 (GOOGLE) (GOOGLE)
1	99.84.108.35 99.84.108.35	16509 (AMAZON-02) (AMAZON-02)
2	23.13.172.203 23.13.172.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4	209.85.144.97 209.85.144.97	15169 (GOOGLE) (GOOGLE)
11	104.19.178.52 104.19.178.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.212.249.132 23.212.249.132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	104.19.148.8 104.19.148.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	172.64.151.60 172.64.151.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.160.18.4 18.160.18.4	16509 (AMAZON-02) (AMAZON-02)
1	23.12.145.20 23.12.145.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	152.199.2.76 152.199.2.76	15133 (EDGECAST) (EDGECAST)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
3	23.222.197.151 23.222.197.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	68.67.160.24 68.67.160.24	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.160.10.75 18.160.10.75	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
3	173.194.204.155 173.194.204.155	15169 (GOOGLE) (GOOGLE)
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	209.85.201.155 209.85.201.155	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.67.60.119 18.67.60.119	16509 (AMAZON-02) (AMAZON-02)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.217.222.147 172.217.222.147	15169 (GOOGLE) (GOOGLE)
1	23.222.79.235 23.222.79.235	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.53.35.115 23.53.35.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	23.205.106.73 23.205.106.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.142.80 35.244.142.80	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.160.10.40 18.160.10.40	16509 (AMAZON-02) (AMAZON-02)
6	192.28.155.3 192.28.155.3	15224 (OMNITURE) (OMNITURE)
1 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	3.162.103.42 3.162.103.42	16509 (AMAZON-02) (AMAZON-02)
1	18.67.65.59 18.67.65.59	16509 (AMAZON-02) (AMAZON-02)
2	23.59.25.156 23.59.25.156	16625 (AKAMAI-AS) (AKAMAI-AS)
2	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
1	3.141.124.186 3.141.124.186	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.84.191.112 99.84.191.112	16509 (AMAZON-02) (AMAZON-02)
1	13.249.39.55 13.249.39.55	16509 (AMAZON-02) (AMAZON-02)
4	23.66.217.72 23.66.217.72	16625 (AKAMAI-AS) (AKAMAI-AS)
150	50

30 162.159.140.25 (None, )

ASN13335 (CLOUDFLARENET, US)

www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.108.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-35.iad79.r.cloudfront.net

dam.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.13.172.203 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-172-203.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

725-smc-563.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.85.144.97 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.178.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.249.132 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-249-132.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.60 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.18.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-4.iad12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.12.145.20 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-145-20.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.2.76 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.222.197.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-197-151.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.24 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-75.iad12.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.204.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.60.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-60-119.iad89.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.79.235 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-79-235.deploy.static.akamaitechnologies.com

c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.35.115 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-115.deploy.static.akamaitechnologies.com

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.205.106.73 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-73.deploy.static.akamaitechnologies.com

b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-40.iad12.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.28.155.3 (United States)

ASN15224 (OMNITURE, US)

abrtp2-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abrtp2.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.103.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-42.iad61.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.65.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-59.iad89.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.59.25.156 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-25-156.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.141.124.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-124-186.us-east-2.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-112.iad89.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-55.iad89.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.66.217.72 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-217-72.deploy.static.akamaitechnologies.com

rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	secureworks.com www.secureworks.com pages.secureworks.com dam.secureworks.com	1 MB
13	6sc.co j.6sc.co — Cisco Umbrella Rank: 5930 c.6sc.co — Cisco Umbrella Rank: 8413 ipv6.6sc.co — Cisco Umbrella Rank: 6075 b.6sc.co — Cisco Umbrella Rank: 3843	26 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	176 KB
10	marketo.com abrtp2-cdn.marketo.com — Cisco Umbrella Rank: 71465 rtp-static.marketo.com — Cisco Umbrella Rank: 23193 abrtp2.marketo.com — Cisco Umbrella Rank: 68956	322 KB
9	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 3003 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 6741 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6587 tracking.crazyegg.com — Cisco Umbrella Rank: 5463	95 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558	4 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 171 www.google.com — Cisco Umbrella Rank: 5	503 B
5	teads.tv p.teads.tv — Cisco Umbrella Rank: 6044 cm.teads.tv — Cisco Umbrella Rank: 5110 t.teads.tv — Cisco Umbrella Rank: 3351	8 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 stats.g.doubleclick.net — Cisco Umbrella Rank: 132	5 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8814	26 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	383 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1561 segments.company-target.com — Cisco Umbrella Rank: 1794 api.company-target.com — Cisco Umbrella Rank: 4480	862 B
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1419 insight.adsrvr.org — Cisco Umbrella Rank: 1061 match.adsrvr.org — Cisco Umbrella Rank: 415	6 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 522	3 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 7352	62 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 30012 ibc-flow.techtarget.com — Cisco Umbrella Rank: 26488	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	14 KB
3	gstatic.com fonts.gstatic.com	46 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 892	770 B
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10109	717 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 4401	123 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2067 alb.reddit.com — Cisco Umbrella Rank: 1388	761 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1179	13 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 4509	6 KB
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 6161	22 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 4251	18 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 15566	181 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 938	393 B
1	t.co t.co — Cisco Umbrella Rank: 711	374 B
1	ml-api.io attr.ml-api.io — Cisco Umbrella Rank: 19193	282 B
1	ml-attr.com 1 redirects s.ml-attr.com — Cisco Umbrella Rank: 17070	284 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 881	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	306 B
1	mktoresp.com 725-smc-563.mktoresp.com	318 B
0	google.ca Failed www.google.ca Failed
150	36

	Domain	Requested by
30	www.secureworks.com	www.secureworks.com www.googletagmanager.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
9	b.6sc.co
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
6	pages.secureworks.com	www.secureworks.com pages.secureworks.com
5	abrtp2.marketo.com	abrtp2-cdn.marketo.com cdn.bizible.com
5	px.ads.linkedin.com	2 redirects snap.licdn.com cdn.bizible.com
4	rtp-static.marketo.com	abrtp2-cdn.marketo.com
4	cdn.bizible.com	www.googletagmanager.com cdn.bizible.com
4	www.googletagmanager.com	www.secureworks.com www.googletagmanager.com
3	www.google.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	secure.adnxs.com	2 redirects cdn.bizible.com
3	js.driftt.com	www.secureworks.com js.driftt.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.gstatic.com	www.secureworks.com
2	id.rlcdn.com	2 redirects
2	epsilon.6sense.com	cdn.bizible.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	t.teads.tv	p.teads.tv
2	cm.teads.tv	p.teads.tv
2	ibc-flow.techtarget.com	trk.techtarget.com
2	analytics.google.com	www.googletagmanager.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	munchkin.marketo.net	www.secureworks.com munchkin.marketo.net
1	api.company-target.com	cdn.bizible.com
1	segments.company-target.com
1	s.company-target.com	tag.demandbase.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	abrtp2-cdn.marketo.com	www.secureworks.com
1	tag.demandbase.com	www.secureworks.com
1	cdn.pdst.fm	www.secureworks.com
1	ipv6.6sc.co	cdn.bizible.com
1	c.6sc.co	cdn.bizible.com
1	cdn.bizibly.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com
1	t.co
1	js.adsrvr.org	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	alb.reddit.com
1	pixel-config.reddit.com	www.redditstatic.com
1	attr.ml-api.io
1	s.ml-attr.com	1 redirects
1	p.teads.tv	www.googletagmanager.com
1	static.ads-twitter.com	www.secureworks.com
1	snap.licdn.com	www.secureworks.com
1	trk.techtarget.com	www.secureworks.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	725-smc-563.mktoresp.com	munchkin.marketo.net
1	dam.secureworks.com	www.secureworks.com
0	www.google.ca Failed
150	57

This site contains links to these domains. Also see Links.

Domain
github.com
researchcenter.paloaltonetworks.com
www.clearskysec.com
www.cylance.com
support.office.com
www.dni.gov
policies.google.com
www.linkedin.com
twitter.com
www.facebook.com
investors.secureworks.com
portal.secureworks.com
pages.secureworks.com
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-11` - `2024-08-09`	a year	crt.sh
pages.secureworks.com Cloudflare Inc ECC CA-3	`2023-09-09` - `2024-09-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
secureworks.bynder.com Amazon RSA 2048 M02	`2024-01-23` - `2025-02-20`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
trk.techtarget.com GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
cdn.pdst.fm WR3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.marketo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-08-27`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
misc.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-04-23` - `2025-05-22`	a year	crt.sh
*.company-target.com R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Frame ID: 433466C5DF51F692FD671DF08314F83B
Requests: 137 HTTP requests in this frame

Frame: https://pages.secureworks.com/index.php/form/XDFrame
Frame ID: 7DA4571A88CA4C7A156BEB0DF3C1709B
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=6bd14a18-796b-4528-b63f-d4cda5392f57&sessionStarted=1718140992.511&campaignRefreshToken=62fa065f-ba8e-44e5-9ddd-da7212030e79&hideController=false&pageLoadStartTime=1718140990821&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
Frame ID: AD93EFD78ABAF39526E293BBF42ECA30
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718140990821
Frame ID: 2EF81FD43CBF4F9916A46042A6EF1762
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0097/6279/sampling/www.secureworks.com.json?t=477261
Frame ID: 2FE13EDCB4A0FC90E937D3390AA9B254
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
Frame ID: 5CDB0CE1EDBE9235045414F8FD7801EA
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 1A752F5B67D1DF0BCBD02EF80EFD9546
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iranian PupyRAT Bites Middle Eastern Organizations | Secureworks

Detected technologies

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

93 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

50
IPs

2
Countries

2488 kB
Transfer

7205 kB
Size

66
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/n1nj4sec/pupy
Title: PupyRAT

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2016/05/the-oilrig-campaign-attacks-on-saudi-arabian-organizations-deliver-helminth-backdoor/
Title: financial

Search URL Search Domain Scan URL

URL: http://www.clearskysec.com/oilrig/
Title: technology

Search URL Search Domain Scan URL

URL: https://www.cylance.com/operation-cleaver-cylance
Title: job-themed lures

Search URL Search Domain Scan URL

URL: https://support.office.com/en-us/article/Enable-or-disable-macros-in-Office-documents-7B4FDD2E-174F-47E2-9611-9EFE4F860B12
Title: disable macros

Search URL Search Domain Scan URL

URL: http://www.dni.gov/files/documents/Newsroom/Press%20Releases/2007%20Press%20Releases/20071203_release.pdf
Title: published

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/secureworks

Search URL Search Domain Scan URL

URL: https://twitter.com/secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secureworks

Search URL Search Domain Scan URL

URL: https://github.com/secureworks

Search URL Search Domain Scan URL

URL: https://investors.secureworks.com/overview/default.aspx
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://portal.secureworks.com/portal/loginIDP
Title: Login

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/UnsubscribePage.html?mkt_unsubscribe=1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=www.secureworks.com&pId=7207400824223007217

Request Chain 87

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1718140992481%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%252Fblog%252Firanian-pupyrat-bites-middle-eastern-organizations%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSync=true

Request Chain 111

https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0

Request Chain 128

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMKAo7MGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297IIa6QFXKvrLvu_AJE4PBVgkCoBjtY9k-mBk0wg6Y2Vo

150 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request iranian-pupyrat-bites-middle-eastern-organizations Show response
www.secureworks.com/blog/ 497 KB
87 KB 11560ms
11515ms Document
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2bb66af47be55d0a2a98c89ea45d146dbaa8a975d0f5e81f6d834e3a86ba3bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-NDA4NWIxY2YtMjZmMi00NThjLWIzMWItZGYxZDUyNjBkODhm' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com .gartner.com .gtnr.io .marketo.com https://play.vidyard.com .youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com .secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8924a8e08d00abb1-YYZ
content-encoding: gzip
content-security-policy: script-src 'self' *.secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-NDA4NWIxY2YtMjZmMi00NThjLWIzMWItZGYxZDUyNjBkODhm' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com *.gartner.com *.gtnr.io *.marketo.com https://play.vidyard.com *.youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com *.vidyard.com cdn.jsdelivr.net cm.teads.tv https://*.teads.tv https://*.jsdelivr.net https://*.vimeo.com https://*.vimeocdn.com *.vumbnail.com vumbnail.com content.secureworks.com *.secureworks.com id.rlcdn.com *.googletagmanager.com cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com *.google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com *.secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com *.secureworks.com; worker-src 'self' blob: data:;
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:23:10 GMT
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-forwarded-for: 149.88.16.56, 172.69.130.96:42932,::ffff:10.241.0.4
x-frame-options: DENY
x-mss-script-nonce: NDA4NWIxY2YtMjZmMi00NThjLWIzMWItZGYxZDUyNjBkODhm
x-sc-rewrite: /_site_swxp-rendering/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-test-worker: true
x-xss-protection: 1; mode=block

GET
H2 200 initMunchkin.js Show response
www.secureworks.com/assets/js/ 565 B
504 B 308ms
306ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/initMunchkin.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-forwarded-for: 149.88.16.56, 172.69.214.175:46368,::ffff:10.241.0.4
x-mss-script-nonce: NjE5ZDMzOGUtY2JhYy00YTI0LTgwZjQtODA2Y2Q3ZWZhOGFh
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"235-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a9295b2fabb1-YYZ
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 forms2.min.js Show response
pages.secureworks.com/js/forms2/js/ 199 KB
67 KB 84ms
35ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/js/forms2.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 5962
etag: "12a0c18-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8924a929af92b40b-YYZ
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 reCaptchaClientSidev1-1-3.js Show response
www.secureworks.com/assets/js/ 3 KB
1 KB 497ms
492ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/reCaptchaClientSidev1-1-3.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.16.56, 172.69.130.45:18012,::ffff:10.241.0.4
x-mss-script-nonce: Mzk5NDNjMzgtMmI1ZC00ODUyLTg3ZDUtZjkyYWFlNmUyMTg2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"b7d-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a9298b4eabb1-YYZ
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 marketo-form-custom.js Show response
www.secureworks.com/assets/js/ 22 KB
5 KB 116ms
111ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/marketo-form-custom.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19265c09939675d4a3511ba7fbc7f2a3d59ca6a1ff253645e221270868ae73d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.16.56, 172.69.130.31:26132,::ffff:10.241.0.5
x-mss-script-nonce: NmVmYTRiMDUtN2E0OC00Y2UzLTllOGUtNDlkODIxY2YxNmQ5
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"58dc-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a9298b50abb1-YYZ
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 webpack-9395620247e36af4.js Show response
www.secureworks.com/_next/static/chunks/ 4 KB
2 KB 44ms
40ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/webpack-9395620247e36af4.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 02:34:28 GMT
server: cloudflare
age: 3809139
etag: W/"fd1-18eac1b842e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b51abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 framework-0365125e11538b64.js Show response
www.secureworks.com/_next/static/chunks/ 206 KB
65 KB 55ms
51ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/framework-0365125e11538b64.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 01:54:07 GMT
server: cloudflare
age: 3825902
etag: W/"3373d-18eabf695d7"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b53abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 main-2679873e9bfb727f.js Show response
www.secureworks.com/_next/static/chunks/ 146 KB
40 KB 47ms
43ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 02:34:28 GMT
server: cloudflare
age: 3857919
etag: W/"246b8-18eac1b842e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b55abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 _app-83d0942c2f4e9a8f.js Show response
www.secureworks.com/_next/static/chunks/pages/ 94 KB
28 KB 51ms
47ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/pages/_app-83d0942c2f4e9a8f.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d57401850d7f4db0efa67f17e4ccb839ba545f3c377c078a03e9c12b943318

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:50:19 GMT
server: cloudflare
age: 1638335
etag: W/"17854-18fa76efb9f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b56abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 358-2b80955b03b485cb.js Show response
www.secureworks.com/_next/static/chunks/ 13 KB
5 KB 48ms
45ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/358-2b80955b03b485cb.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b76291b70139d9c203708f0afdbab2d98c39a24e6152e9cb99837e714df8845

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 02:35:07 GMT
server: cloudflare
age: 3825903
etag: W/"35e6-18eac1c1ebe"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b57abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 609-4c71be8046992d46.js Show response
www.secureworks.com/_next/static/chunks/ 826 KB
240 KB 63ms
60ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/609-4c71be8046992d46.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f511c11798733b533de36c1a0ee8c04033a68f7eb2f11730f5bd528391ed4b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:50:08 GMT
server: cloudflare
age: 1638335
etag: W/"ce6f8-18fa76ecfcc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b58abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 121-5c9b198d678a7a9d.js Show response
www.secureworks.com/_next/static/chunks/ 23 KB
9 KB 51ms
49ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/121-5c9b198d678a7a9d.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:51:46 GMT
server: cloudflare
age: 1638335
etag: W/"5b1a-18fa77050cf"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b59abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 %5B%5B...path%5D%5D-3943b2d689311f58.js Show response
www.secureworks.com/_next/static/chunks/pages/ 499 KB
108 KB 59ms
57ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/pages/%5B%5B...path%5D%5D-3943b2d689311f58.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0273094766fde820e821a416732ccc2f6ffe5d046fb4028b6d00f9dec3af92d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:50:08 GMT
server: cloudflare
age: 1638335
etag: W/"7cdaf-18fa76ecfcc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9298b5aabb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 _buildManifest.js Show response
www.secureworks.com/_next/static/pxjHHFJVmFlOcWxZccp9j/ 1 KB
546 B 65ms
64ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/pxjHHFJVmFlOcWxZccp9j/_buildManifest.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f4e5c3ed95b7f90a4c8c465a34c82dd9068e6887e8e2e4aa67c024bb73c9e56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:51:46 GMT
server: cloudflare
age: 1223903
etag: W/"41b-18fa77050c7"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9299b7fabb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:10 GMT

GET
H2 200 _ssgManifest.js Show response
www.secureworks.com/_next/static/pxjHHFJVmFlOcWxZccp9j/ 77 B
188 B 79ms
78ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/pxjHHFJVmFlOcWxZccp9j/_ssgManifest.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 21:51:46 GMT
server: cloudflare
age: 1058309
etag: W/"4d-18fa77050c7"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8924a9299b80abb1-YYZ
x-test-worker: true
expires: Wed, 11 Jun 2025 21:23:11 GMT

GET
H2 200 blog-pupyrat_img1.jpg
www.secureworks.com/-/media/images/insights/blog/pupyrat/ 123 KB
123 KB 46ms
45ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/images/insights/blog/pupyrat/blog-pupyrat_img1.jpg
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c728ef0a0548ee709c3cc0c7d06665596a35176c42067c85c892b24415cc1c4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 15:56:43 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
age: 207
etag: 5d2fbb8443d04da28bcad18301788055
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="blog-PupyRAT_img1.jpg"
accept-ranges: bytes
cf-ray: 8924a9295b30abb1-YYZ
content-length: 125469
expires: Tue, 18 Jun 2024 21:23:10 GMT

GET
H2 200 blog-pupyrat_img2.jpg
www.secureworks.com/-/media/images/insights/blog/pupyrat/ 80 KB
80 KB 37ms
36ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/images/insights/blog/pupyrat/blog-pupyrat_img2.jpg
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca050b8f34554c0a517f6270316c5ab6a2682491b4cf8f4150cd8c466ab0e437

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:10 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 15:56:44 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
age: 207
etag: 552ca8cf70974132bf2faf8d304d7cac
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="blog-PupyRAT_img2.jpg"
accept-ranges: bytes
cf-ray: 8924a9295b31abb1-YYZ
content-length: 82031
expires: Tue, 18 Jun 2024 21:23:10 GMT

GET
H2 200 hero.jpg
www.secureworks.com/-/media/branches/services-page-a/ 192 KB
193 KB 63ms
62ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/branches/services-page-a/hero.jpg?h=574&iar=0&w=1600&hash=7B80710DE2554F8BAA92F4B5A0B9F9C2
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf27a8a97c021bd420b0e25d707b39df0289a37d6a0e9857daf1550330880e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 15:27:26 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
age: 435343
etag: 363b31d76ccb4e358fc03c6aa99fd69a
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="Hero.jpg"
accept-ranges: bytes
cf-ray: 8924a9299b81abb1-YYZ
content-length: 196999
expires: Tue, 18 Jun 2024 21:23:11 GMT

GET
H2 200 author-placeholder.svg
www.secureworks.com/assets/background-image/ 1 KB
922 B 487ms
487ms Image
image/svg+xml 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/assets/background-image/author-placeholder.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6b554534f7428b64fbc3de1c22bc0402b9acf4d3d955d917495a558e96204c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.16.56, 172.69.130.153:26932,::ffff:10.241.0.6
x-mss-script-nonce: ZTdiMzA0YTMtNjI2NS00NTViLThhYzUtYWVkZmY4MDcwOTA4
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"57f-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a9299b83abb1-YYZ
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 arrow-right.svg
www.secureworks.com/assets/background-image/ 243 B
393 B 302ms
302ms Image
image/svg+xml 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/assets/background-image/arrow-right.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b14348040f17891d6abf5eb3059d81a336cbf5567ee27e1de0a1dc30d4feac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-forwarded-for: 149.88.16.56, 172.69.130.169:64572,::ffff:10.241.0.5
x-mss-script-nonce: MDg1OTRlNWUtMDczZi00YmJlLWFmMmMtYWYwYWI1N2U3ZGNk
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"f3-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a9299b84abb1-YYZ
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 _Xms-HUzqDCFdgfMm4S9DaRvzig.woff2
fonts.gstatic.com/s/figtree/v5/ 20 KB
20 KB 134ms
47ms Font
font/woff2 172.217.222.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v5/_Xms-HUzqDCFdgfMm4S9DaRvzig.woff2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f94.1e100.net

Software

sffe /

Resource Hash

5392fcb13ceeae22545e0102586f503f8a5776bd631432814988c86bb64a3d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Origin: https://www.secureworks.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:42:18 GMT
x-content-type-options: nosniff
age: 416453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20004
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:53:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:42:18 GMT

GET
H2 200 EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 11 KB
11 KB 129ms
43ms Font
font/woff2 172.217.222.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f94.1e100.net

Software

sffe /

Resource Hash

8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Origin: https://www.secureworks.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 02:36:47 GMT
x-content-type-options: nosniff
age: 413184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11212
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:12:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 02:36:47 GMT

GET
H2 200 _Xm9-HUzqDCFdgfMm4GnA4aZFrUvtOK3A-gd-EI84kb3fO7mSg.woff
fonts.gstatic.com/s/figtree/v5/ 14 KB
14 KB 156ms
69ms Font
font/woff 172.217.222.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v5/_Xm9-HUzqDCFdgfMm4GnA4aZFrUvtOK3A-gd-EI84kb3fO7mSg.woff

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f94.1e100.net

Software

sffe /

Resource Hash

e5edab6cea865b4c88e4d85527ffa35b68b91e4bc2ac6d41db54933d4a88778d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Origin: https://www.secureworks.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:19:43 GMT
x-content-type-options: nosniff
age: 208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:55:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 21:19:43 GMT

GET
H2 200 abstracts_0057_green_geo_360x190.jpg
www.secureworks.com/-/media/images/insights/abstracts/0057-green-geo/ 20 KB
20 KB 43ms
42ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/images/insights/abstracts/0057-green-geo/abstracts_0057_green_geo_360x190.jpg?h=190&iar=0&w=360&hash=B0BB7F1FD5FEABC803CB4139B9D91135?io=transform:fit,width:1284,height:660
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6d77266bd2a4688fbe39ef25f8245cb87a7c4a5c3b33d9655a58e49d2183c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2016 14:50:28 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
age: 208
etag: f303f9bcd74a4e9e8b35d01c10111ae1
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="abstracts_0057_green_geo_360x190.jpg"
accept-ranges: bytes
cf-ray: 8924a929bb99abb1-YYZ
content-length: 20288
expires: Tue, 18 Jun 2024 21:23:11 GMT

GET
H2 200 State-of-the-Threat-Report-2023
dam.secureworks.com/transform/29bc0c81-b8f8-4214-be21-f3e43296f502/ 48 KB
48 KB 129ms
49ms Image
image/webp 99.84.108.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dam.secureworks.com/transform/29bc0c81-b8f8-4214-be21-f3e43296f502/State-of-the-Threat-Report-2023?io=transform:fit,width:1284,height:660

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.108.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-108-35.iad79.r.cloudfront.net

Software

nginx /

Resource Hash

bd141cb88c05d7eb814ae3b69683cfdf8dd7276c039f38961c12b8a22acc7e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:38:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
via: 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 161064
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="State-of-the-Threat-Report-2023.webp"; filename*=UTF-8''State-of-the-Threat-Report-2023.webp
content-length: 48662
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/webp
access-control-allow-origin: *
x-api-correlation-id: 05c8f88e-7945-b2b4-0262-52fe1f4032e6
cache-control: public, max-age=900, s-maxage=15552000
permissions-policy: camera=(), geolocation=(), microphone=()
x-amz-cf-id: el5a5dep_eoyp8F9O4ElyJEF4N4lXE5eC5ln5o7RqCTPVaNhcg6L6Q==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 107ms
35ms Script
application/x-javascript 23.13.172.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/assets/js/initMunchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.13.172.203 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-13-172-203.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 40ms
39ms Script
application/x-javascript 23.13.172.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.13.172.203 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-13-172-203.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 19 Sep 2024 21:23:11 GMT

POST
H/1.1 200
OK visitWebPage
725-smc-563.mktoresp.com/webevents/ 2 B
318 B 147ms
35ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://725-smc-563.mktoresp.com/webevents/visitWebPage?_mchNc=1718140991384&_mchCn=&_mchId=725-SMC-563&_mchTk=_mch-secureworks.com-1718140991383-15259&_mchHo=www.secureworks.com&_mchPo=&_mchRu=%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:11 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: ef9d2295-eeee-4629-ba41-99310e624c27

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 340 KB
109 KB 152ms
66ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7a772e65aa00cb2dde2ed5e66a3f5d11f2b26e6cc35f8e32e3caed19d764b93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111555
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 21:23:11 GMT

GET
H2 200 getForm Show response
pages.secureworks.com/index.php/form/ 24 KB
6 KB 64ms
63ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.secureworks.com/index.php/form/getForm?munchkinId=725-SMC-563&form=1784&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&callback=jQuery371004400865885766625_1718140991236&_=1718140991237
Requested by: Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a43acf7dd11aa888085cce6e81d99102c89f4b24273cdcc8b32f882b2a6e79

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8924a92dfca9b40b-YYZ
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 favicon.ico
www.secureworks.com/images/ 30 KB
6 KB 175ms
174ms Other
image/x-icon 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/images/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7ee488720823f506e6fca1ba0da31c53e12db210bf875a74b716fe4df66d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-forwarded-for: 149.88.16.56, 172.70.80.38:44206,::ffff:10.241.0.4
x-mss-script-nonce: YWMzOWI3N2UtMjY5Zi00N2RiLTg2ZDUtMGYyMzgwMzdiZjEx
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"3aee-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a92e4910abb1-YYZ
x-test-worker: true
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 404 emergency-response.json Show response
www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/contact/ 58 KB
14 KB 333ms
332ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/contact/emergency-response.json?path=contact&path=emergency-response
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fffb01080620d7cbb2b2f481973991d1504b3732a59b3d2771231f96485c5376

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a92e4916abb1-YYZ
x-test-worker: true

GET
H2 404 blog.json Show response
www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/ 58 KB
14 KB 365ms
365ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/blog.json?path=blog
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cc47e2311490e796629f78fff8cb1ff683b4891ddd9aacc651f264003aa340

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a92e5917abb1-YYZ
x-test-worker: true

GET
H2 404 wp-xdr-vs-siem-a-cybersecurity-leaders-guide.json Show response
www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/ 58 KB
14 KB 119ms
119ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/wp-xdr-vs-siem-a-cybersecurity-leaders-guide.json?path=resources&path=wp-xdr-vs-siem-a-cybersecurity-leaders-guide
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b012b1e2336645b1c18d3b3a56304c1c3b442e7467d2098b278c9d0ed3939c60

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a92e5918abb1-YYZ
x-test-worker: true

GET
H2 404 eb-modernize-you-security-operation-center-with-xdr.json Show response
www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/ 58 KB
14 KB 343ms
343ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/eb-modernize-you-security-operation-center-with-xdr.json?path=resources&path=eb-modernize-you-security-operation-center-with-xdr
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ab7e310c42cf2b90eefb5a99cf4c498f767f43b250dda11c7f6e7783c9cfae

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a92e591aabb1-YYZ
x-test-worker: true

GET
H2 404 eb-mdr-done-right.json Show response
www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/ 58 KB
14 KB 347ms
346ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/eb-mdr-done-right.json?path=resources&path=eb-mdr-done-right
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73f749727bb4a579cd17c608f17d0f505192ecd1053ff08bdec6906fb1dce977

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8924a92e591cabb1-YYZ
x-test-worker: true

GET
H2 200 ndr.json Show response
www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/products/ 2 B
304 B 812ms
811ms Fetch
text/plain 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/products/ndr.json?path=products&path=ndr

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
purpose: prefetch
x-nextjs-data: 1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
x-middleware-prefetch: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sc-rewrite: /_site_swxp-rendering/products/ndr
x-middleware-skip: 1
x-forwarded-for: 149.88.16.56, 172.69.130.148:52236,::ffff:10.241.0.6
x-mss-script-nonce: ZjIxNWVmYzYtMzEzMC00OGI1LWJkMTYtMzY5Yzg1ODYyNjI1
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8924a92e5927abb1-YYZ
x-nextjs-rewrite: /en/_site_swxp-rendering/products/ndr?path=ndr&path=products
x-test-worker: true

GET
H2 200 forms2.css
pages.secureworks.com/js/forms2/css/ 13 KB
3 KB 41ms
41ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/css/forms2.css

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 7065
etag: "25808e5-3437-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8924a92e6d2cb40b-YYZ
content-length: 2623
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 forms2-theme-simple.css
pages.secureworks.com/js/forms2/css/ 826 B
342 B 34ms
34ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 7065
etag: "25808e2-33a-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8924a92e6d2fb40b-YYZ
content-length: 242
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 XDFrame Show response
pages.secureworks.com/index.php/form/ Frame 7DA4 2 KB
877 B 56ms
56ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/index.php/form/XDFrame

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a02c64bcf27e009fb460880bb2d00a0bc64642b371551eb3bebdfd1bfa45571

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8924a92f3e0bb40b-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:23:11 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 67ms
29ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YmFgVUTeB0lXZXM9YgX19A==
age: 22820
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jun 2024 15:43:59 GMT
server: cloudflare
etag: 0x8DC89642588AF95
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eac4e9ff-e01e-004e-1c50-bb848c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a92fbc8c36ae-YYZ
expires: Wed, 12 Jun 2024 15:02:51 GMT

GET
H2 200 favicon-32x32.png
www.secureworks.com/images/ 4 KB
4 KB 116ms
115ms Other
image/png 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/images/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8174af0e580306698f3a965c8e0579daea1f8084c5c977ac96ee2d7539cab03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-forwarded-for: 149.88.16.56, 172.69.130.239:16364,::ffff:10.241.0.4
x-mss-script-nonce: MzhjZjIzZWItYmQ5MS00NjBiLWJhM2ItMTliMjg1MzM2ZmI1
content-length: 3672
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"899-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
cf-ray: 8924a92f8a51abb1-YYZ
x-test-worker: true
expires: Wed, 12 Jun 2024 01:23:12 GMT

GET
H2 200 forms2.min.js Show response
pages.secureworks.com/js/forms2/js/ Frame 7DA4 199 KB
0 1ms
0ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/js/forms2.min.js

Requested by

Host: pages.secureworks.com
URL: https://pages.secureworks.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pages.secureworks.com/index.php/form/XDFrame
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 5962
etag: "12a0c18-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8924a929af92b40b-YYZ
expires: Wed, 12 Jun 2024 01:23:11 GMT

GET
H2 200 1bdee92e-dd5f-49d1-9ccb-9a788319e959.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/ 4 KB
2 KB 74ms
37ms XHR
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/1bdee92e-dd5f-49d1-9ccb-9a788319e959.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec9ca5bebcf9a33d5741db506547c6903858435a1643b40116ccfbbd0726f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13508
content-md5: LWNNPH5IVvikXclDyy+T5w==
content-length: 1673
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jan 2024 23:14:42 GMT
server: cloudflare
etag: 0x8DC16E8EBF24C1E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b6862fbb-501e-008b-7172-793dee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a9302914ab1e-YYZ
expires: Wed, 12 Jun 2024 21:23:12 GMT

GET
H2 200 nanoTrackerv3-0-2.ashx Show response
www.secureworks.com/-/media/Assets/js/shared/ 16 KB
5 KB 116ms
116ms Script
application/x-javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/-/media/Assets/js/shared/nanoTrackerv3-0-2.ashx
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 16 Aug 2023 18:07:27 GMT
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
server: cloudflare
etag: 61ebd904f1a645838256dff9b09d4ffa
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604188
content-disposition: inline; filename="nanoTrackerv3-0-2.js"
accept-ranges: bytes
cf-ray: 8924a92fead3abb1-YYZ

GET
H2 200 favicon-16x16.png
www.secureworks.com/images/ 3 KB
3 KB 245ms
244ms Other
image/png 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/images/favicon-16x16.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76444a9885bbb64c7a19bc5db54d746ab2cc1b7fe80356d25512cf2d79efff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-forwarded-for: 149.88.16.56, 108.162.242.82:42490,::ffff:10.241.0.6
x-mss-script-nonce: ZGNjMDZhNDYtNDNhOS00YzBmLThjNTMtNzdjNWU0YjY3MTg3
content-length: 3137
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 May 2024 16:49:40 GMT
server: cloudflare
etag: W/"6af-18fa65bb8a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
cf-ray: 8924a9304b39abb1-YYZ
x-test-worker: true
expires: Wed, 12 Jun 2024 01:23:12 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 73ms
35ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8924a930aae3aab0-YYZ
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/ 429 KB
104 KB 31ms
31ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g8NxcYp0IaoBIOhpMNVD1w==
age: 83186
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106568
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:22 GMT
server: cloudflare
etag: 0x8DC3E88CB118B87
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1933329b-701e-0025-1157-7990ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a930dda136ae-YYZ

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/42124763-e1e2-48a2-afba-0e009da1475c/ 71 KB
17 KB 40ms
40ms Fetch
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/42124763-e1e2-48a2-afba-0e009da1475c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

832a204488e45f8ad10625d6c0b597b5ddcad1a9d3b4223506857c61cfd25a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 82851
content-md5: f/wptFRMXO4c4pPzzNpi8w==
content-length: 17712
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jan 2024 23:14:50 GMT
server: cloudflare
etag: 0x8DC16E8F0D19A28
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b32d72f7-601e-004b-7067-79c5d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a9316a4dab1e-YYZ
expires: Wed, 12 Jun 2024 21:23:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 348 KB
109 KB 56ms
55ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

cc1e0ff2593a69e2cf73a73cd60839b1df8dfb9012e6069a0e20a690b03f2a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111691
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H2 200 201e7325-26d7-4b1a-af4b-38bdaf9162ab.js Show response
j.6sc.co/j/ 4 KB
5 KB 130ms
63ms Script
application/javascript 23.212.249.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/201e7325-26d7-4b1a-af4b-38bdaf9162ab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.132 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-132.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0d6fba9519c07a6138279b6d6fa859766cd5b6b27e68166b53dad79201597832

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Rb1FgEqgzPFxSC9UriirXQXzDMD.brdi
date: Tue, 11 Jun 2024 21:23:12 GMT
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 4524
pragma: no-cache
last-modified: Tue, 15 Aug 2023 17:39:29 GMT
server: AmazonS3
etag: "4839d94bc87dfbd1598e2bf2e75404b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: FvW6PO9Ular1FCEgK6IfY5n0ZrRN2LZ4MkdS24No5Jj_asV3orv1ig==
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 147ms
48ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 11 Jun 2024 21:23:12 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D6C3BA60A444F44BF703C18DB5C47B4 Ref B: YTO01EDGE0722 Ref C: 2024-06-11T21:23:12Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 230 KB
83 KB 67ms
67ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

002976623a298ec45982f0e868a6451680eb58cf19addbccfbe3b7e228d9f4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84786
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H2 200 6279.js Show response
script.crazyegg.com/pages/scripts/0097/ 6 KB
2 KB 81ms
29ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a034ab1be1fd0be24846ca7de9cb845befb2d4707ad8012a4881553773982957

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3990
cf-polished: origSize=6229
ce-version: 11.5.219
cf-bgj: minify
last-modified: Tue, 11 Jun 2024 20:16:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8924a9322eefab0a-YYZ

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 55ms
17ms Script
application/javascript 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 22 May 2024 17:01:28 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12104

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 81ms
81ms Script
application/javascript 209.85.144.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10934024932&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3976d2e7a142344aee3105522c8afc5688f1a856d2c425e6494d4baba6c3d052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83153
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 98ms
51ms Script
text/javascript 172.64.151.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.60 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 45375
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 8924a9322abc39fb-YYZ
expires: Tue, 11 Jun 2024 21:43:12 GMT

GET
H2 200 2mnfp3myy8iz.js Show response
js.driftt.com/include/1718141100000/ 221 KB
62 KB 167ms
92ms Script
application/javascript 18.160.18.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1718141100000/2mnfp3myy8iz.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-4.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vYj2QwoXuDHoMr32TIXJRIEgPcZmsDr0
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 11 Jun 2024 21:23:12 GMT
via: 1.1 9584642257cbfecd967367758cd3e13c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Thu, 30 May 2024 18:54:04 GMT
server: istio-envoy
etag: W/"ae4f24426ae40aec8481b3eedc7098e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pFtv15Hn4Z0NYw5YP6KSukUUTltJGuCdHO0qEyahWL2Sw-7AIQhXWQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 117ms
36ms Script
application/javascript 23.12.145.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.12.145.20 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-12-145-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:42 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=25607
accept-ranges: bytes
content-length: 16683

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 128ms
30ms Script
application/x-javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/81BC) /

Resource Hash

7832f4a3c9cdc8ef1259fd500526f9d7bde88361e75340f2d74a6dfbf2afc3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Mon, 10 Jun 2024 20:04:29 GMT
server: ECS (cha/81BC)
age: 468
etag: "ad123c6771bbda1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25407

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 111ms
33ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200100-IAD

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 18 KB
6 KB 117ms
39ms Script
application/javascript 23.222.197.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-197-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:45:19 GMT
Server: AmazonS3
x-amz-request-id: YBWH3MB4BQF8Q9KN
ETag: "7571f2b08378e73bce1d28a5908d2cd5"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=129
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5930
x-amz-id-2: AmiL1mMPtHRD6mKz6VGFF1lXqvldXaq1oTjnmkIDbhcXZHv4etgZ2EBG9B+YCYxLyp2uvs8rRX1SqaK/2AHpkg==

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 10 KB
3 KB 30ms
30ms Fetch
application/json 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IWgfQ2bSJjhsuqoSVsKHow==
age: 27736
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2707
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:16 GMT
server: cloudflare
etag: 0x8DC3E88C7B72051
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c48d4d08-a01e-00a0-3f58-79bd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a931eacbab1e-YYZ

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/ 62 KB
13 KB 31ms
31ms Fetch
application/json 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s2sOOFx0mjDJK9iNqaz9cw==
age: 27736
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12694
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:18 GMT
server: cloudflare
etag: 0x8DC3E88C8A3F53C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: eacc8051-801e-0088-7567-79dc8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a931eaccab1e-YYZ

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 21 KB
4 KB 26ms
26ms Fetch
text/css 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 27736
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 19aacabc-701e-0025-0c72-7990ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a931eacdab1e-YYZ

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=www.secureworks.com&pId=7207400824223007217

4 B
282 B

208ms
128ms

Image
application/json

18.160.10.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=www.secureworks.com&pId=7207400824223007217
Protocol: H2
Server: 18.160.10.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-75.iad12.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
content-type: application/json
alt-svc: h3=":443"; ma=86400
content-length: 4
apigw-requestid: ZOL6KgSyIAMEPZA=
x-amz-cf-id: plyFRQsaBGeWuqI4fJSy6ERcFbwEO11NwKXUtmMYcACYZYBVb3wcPQ==

Redirect headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
an-x-request-uuid: 67fc9760-28cd-40b5-809a-0376e35f999a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://attr.ml-api.io/?domain=www.secureworks.com&pId=7207400824223007217
x-proxy-origin: 149.88.16.56; 149.88.16.56; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 35ms
34ms Image
image/svg+xml 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.secureworks.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 12610
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 01:45:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 89215259-f01e-0096-34ae-bb235d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a9323f1736ae-YYZ

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 29ms
28ms Fetch
image/svg+xml 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 27735
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jun 2024 15:44:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a41c0374-f01e-0051-5655-bb5f9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a9324b23ab1e-YYZ

GET
H2 200 SW_logo_black_print.png
cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/ 22 KB
22 KB 32ms
31ms Image
image/png 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/SW_logo_black_print.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2qjIoAdJjqAKBeXNXVdNEg==
age: 15900
content-length: 22030
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 15:05:07 GMT
server: cloudflare
etag: 0x8DBE459EC4B10B3
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: eac810b7-b01e-0093-3b72-79e289000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8924a9325f3736ae-YYZ

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 33ms
33ms Image
image/svg+xml 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 22964
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jun 2024 15:44:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5e9b8716-c01e-001d-5b69-bb9883000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8924a9325f3836ae-YYZ

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_f8xwyeln/ 3 B
124 B 56ms
19ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_f8xwyeln/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_f8xwyeln_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 59ms
25ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_f8xwyeln_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 54ms
17ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1718140992360&id=t2_f8xwyeln&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=ed0fbfae-fefc-4786-9180-2f22761a29c4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 www.secureworks.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6279/site/ 19 KB
4 KB 66ms
29ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6279/site/www.secureworks.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fc03a12b273741a1add13e5e7e3ebd52b9b1f85e0c9e1798dcc6ad385f1586

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3990
ce-version: 11.5.219
content-length: 3808
last-modified: Tue, 11 Jun 2024 20:16:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8924a9329ad2ac69-YYZ

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/ 4 KB
1 KB 136ms
48ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/?random=1718140992381&cv=11&fst=1718140992381&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

f16fed5ed2b73b091c0815e2bb5edf476b0cc16b45e8f169fa170bb6cc5039a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1484
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/ 4 KB
1 KB 125ms
50ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/?random=1718140992387&cv=11&fst=1718140992387&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

96f0a96285ddfb463ad5eabf71a0c70e2f5fc62657fa8c2ace3403c362afd8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 97ms
39ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je46a0v879063519z871332070za200zb71332070&_p=1718140991653&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1840579946.1718140992&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718140992&sct=1&seg=0&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&dt=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=13220
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 131ms
42ms Ping
text/plain 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-15MK64YNN6&cid=1840579946.1718140992&gtm=45je46a0v879063519z871332070za200zb71332070&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qu-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.ca/ads/ 0
0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/ 4 KB
1 KB 68ms
52ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/?random=1718140992453&cv=11&fst=1718140992453&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10934024932&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

8b329825008e906de3f37e48914a518e0c01a8270fd7b1cfa9623deadd12c1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1484
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8eeb2924bd41887f98d9cf5f91c9c9ed.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 148 KB
49 KB 33ms
33ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74c089861b357f2d7aefccb4ad68cc92de7fd4041e8674c8c7d2d128adeca379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 May 2024 14:46:51 GMT
server: cloudflare
age: 100734
cf-polished: origSize=151950
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8924a9330fd4ab0a-YYZ

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 95ms
50ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1718140992472&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 21:23:12 GMT
expires: Tue, 11 Jun 2024 21:23:12 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPpBk06yk62nLnBoqd9JdMQ0Wn_8PT9inI0z_jE-S3RNZLOmRS4vNNfh5cc1fWqNGcuhlf0

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
449 B 57ms
56ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1718140992472&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17588164
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPoHDnD9PodmDWUtXes4MpzM9UoubVbifcHdjuIFUwUgwOhogmpZsjM7dE0lAf0osW_PlIc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Tue, 11 Jun 2024 22:23:12 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 38ms
37ms Script
application/javascript 23.212.249.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/201e7325-26d7-4b1a-af4b-38bdaf9162ab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.249.132 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-249-132.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 May 2024 06:01:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "663c66b5-106b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18038
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 105ms
34ms Script
application/x-javascript 18.67.60.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-60-119.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 09:59:22 GMT
Content-Encoding: gzip
Via: 1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P1
Age: 41031
ETag: W/"a7eb6794e868fe870db350518165c868"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: K7mXGkdE0eBguJ4Aa5ygKpdgcrvX609Yy57iLEu4gQvuIr9M_-dz6g==

GET
H2 200 adsct
t.co/i/ 43 B
374 B 257ms
159ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=7060e367-8928-4deb-b6f9-17c2602dcb99&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=04a12706-c489-4d93-8200-6e1f29695424&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 6
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 3d54d3bf728ba49c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 12c842e1214e9b8f45dcbbc65b8e1b2123a4fd6d180fb5e47a623c01571a1c63
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 183ms
62ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7060e367-8928-4deb-b6f9-17c2602dcb99&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=04a12706-c489-4d93-8200-6e1f29695424&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 6
date: Tue, 11 Jun 2024 21:23:11 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: c59e5043ad8cd70c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 6d3796906e6f593837edf6cb23e510443460a632db99c606890d51057a0d2192
content-length: 43

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
978 B 182ms
114ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYao9+JxWrO2QS2McVjYw==
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6BDF737A6C134343A81876F1C1242D35 Ref B: YTO01EDGE0512 Ref C: 2024-06-11T21:23:12Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 00061aa3df89c56aced904b631c56363

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1718140992481%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSy...

0
384 B

122ms
122ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 21:23:13 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7B7F7EB7912540458A1F8DA46DE6191A Ref B: YTO01EDGE0519 Ref C: 2024-06-11T21:23:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYao9+Rq50WWcYcQQIZsQ==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 21:23:12 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYao9+P0GiROUiiV1nZsg==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0A2D47E1C2784D0B8C6F3ED71C7CAB49 Ref B: YTO01EDGE0519 Ref C: 2024-06-11T21:23:12Z
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1718140992481&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 56073499.js Show response
bat.bing.com/p/action/ 0
116 B 49ms
48ms Script
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56073499.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 11 Jun 2024 21:23:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E81419F407044F7E8850E068A191880B Ref B: YTO01EDGE0722 Ref C: 2024-06-11T21:23:12Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 61ms
61ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56073499&Ver=2&mid=3c71b2e0-6502-43f0-9dc6-86e1b8df6907&sid=ced15600283811efb7e41b1c69befd44&vid=ced13b70283811ef9d557bf1777bc4b8&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&p=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&r=&lt=12362&evt=pageLoad&sv=1&rn=862417

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 21:23:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0CB677A3853A462CBFB1A82544436CEA Ref B: YTO01EDGE0722 Ref C: 2024-06-11T21:23:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ipv
cdn.bizible.com/ 43 B
305 B 31ms
31ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=6561a5fc06484896e83af19ebd52d4c6&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_biz_t=1718140992493&_biz_i=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&_biz_n=0&rnd=578804&cdn_o=a&_biz_z=1718140992494

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/80E6) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:24 GMT
server: ECS (cha/80E6)
age: 346068
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
181 B 40ms
34ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=6561a5fc06484896e83af19ebd52d4c6&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_biz_t=1718140992500&_biz_i=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&rnd=359068&cdn_o=a&_biz_z=1718140992500

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/818C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:24 GMT
server: ECS (cha/818C)
age: 346068
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 core
js.driftt.com/ Frame AD93 0
0 114ms
48ms Document
text/html 18.160.18.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=6bd14a18-796b-4528-b63f-d4cda5392f57&sessionStarted=1718140992.511&campaignRefreshToken=62fa065f-ba8e-44e5-9ddd-da7212030e79&hideController=false&pageLoadStartTime=1718140990821&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1718141100000/2mnfp3myy8iz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-4.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:23:12 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b467a4a34e9f37bba6d2f0aba8257b5e.cloudfront.net (CloudFront)
x-amz-cf-id: -ASW9EbhBn76yIKjQZfD1WZpTX7avPG2tu4qHDXZJLGgMTM5tmmAdQ==
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

GET
H2 200 chat
js.driftt.com/core/ Frame 2EF8 0
0 109ms
45ms Document
text/html 18.160.18.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718140990821

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1718141100000/2mnfp3myy8iz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-4.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:23:12 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b467a4a34e9f37bba6d2f0aba8257b5e.cloudfront.net (CloudFront)
x-amz-cf-id: via_ZtRiF1vCiNacA4kVLwcH0QV6rCiSy9-9Ont9jrwEKTI0lqdiSg==
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 138 B
582 B 111ms
42ms Fetch
application/json 23.222.197.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&buyer_pixel_id=7246
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-197-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f317578d7a04e1e0cd9706663bf10707855ff45e76612274b562828e39e9053f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2024 21:23:12 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.secureworks.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 138
Expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/648366107/ 42 B
64 B 141ms
51ms Image
image/gif 172.217.222.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648366107/?random=1718140992381&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL4kVrvKji-uarOwV6XPPoyFdpDIm45g&random=2658217469&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.ca/pagead/1p-user-list/648366107/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/648366107/ 42 B
64 B 137ms
49ms Image
image/gif 172.217.222.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648366107/?random=1718140992387&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLfJ5-JjVI5LoOIFlPGW31M3R5h-2IoQ&random=2328775652&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.ca/pagead/1p-user-list/648366107/ 0
0

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
701 B 34ms
33ms XHR
application/json 68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
an-x-request-uuid: 173c5010-953e-46d4-8f2b-7c37eaf0a574
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.secureworks.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.16.56; 149.88.16.56; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 7 B
333 B 109ms
38ms XHR
text/html 23.222.79.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.79.235 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-79-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:12 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/html
Access-Control-Allow-Origin: https://www.secureworks.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
285 B 102ms
33ms XHR
text/html 23.53.35.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.115 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.secureworks.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718140992594_389287731_2191757027_12_479_16_36_219";dur=1
content-length: 4
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10934024932/ 42 B
64 B 128ms
50ms Image
image/gif 172.217.222.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10934024932/?random=1718140992453&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLkpx498QSPfx4NDEkwkcUWcFQTOx56Q&random=3888390484&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.ca/pagead/1p-user-list/10934024932/ 0
0

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 84 B
294 B 36ms
35ms Script
text/javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=6561a5fc06484896e83af19ebd52d4c6&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.06.10

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/8123) /

Resource Hash

6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (cha/8123)
etag: EFEDFBC3
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 186

GET
H2 200 www.secureworks.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6279/sampling/ Frame 2FE1 162 B
219 B 29ms
28ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6279/sampling/www.secureworks.com.json?t=477261
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd6234a63720e6c3acd6cb0d07a5136f425d3f09c148da4dcc485972f84214e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3989
ce-version: 11.5.219
content-length: 151
last-modified: Tue, 11 Jun 2024 20:16:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8924a933abf0ac69-YYZ

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 104ms
35ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 108ms
40ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22db8067e51eb58581f03147464f6063b2%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22359714f191fbccf873d6d488c1ebaeeb533e4955%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22201e7325-26d7-4b1a-af4b-38bdaf9162ab%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:12 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 18 KB
18 KB 57ms
19ms Script
text/javascript 35.244.142.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:53:25 GMT
age: 1787
x-guploader-uploadid: ABPtcPpDVjG-B3fEKijGQ0OjHyADWXCJBW0foYYa7CdvbnsCamUI8FiJXPkGIGvUl1YmhAV0PVc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17985
last-modified: Tue, 14 May 2024 14:35:47 GMT
server: UploadServer
etag: "d7cac522641241ca4e9ceac4f1b458e8"
x-goog-generation: 1715697347359123
x-goog-hash: crc32c=Q65p8w==, md5=18rFImQSQcpOnOrE8bRY6A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 17985
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 11 Jun 2024 21:53:25 GMT

GET
H2 200 aa3cc511947365a3.min.js Show response
tag.demandbase.com/ 80 KB
22 KB 1148ms
44ms Script
application/javascript 18.160.10.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/aa3cc511947365a3.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-40.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6968ffe4a37dbfa8e244672f97ddc3329815477ad3592085cfd19f2269577a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: x_ulfhEOs2j4YjYZ80rZzL3D5hu0s9fy
content-encoding: gzip
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 21:22:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 44
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 06 Jun 2024 18:58:22 GMT
server: AmazonS3
etag: W/"c00d7b3946d4805bff2f31bad930a16f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: w8VjIMzfSXuuPosu6pUe6EgYlUXZkiKGW3D1sy-XZMtCdljWHyYQpQ==

GET
H/1.1 200
OK rtp.js Show response
abrtp2-cdn.marketo.com/rtp-api/v1/ 152 KB
153 KB 1159ms
36ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

3017d3476da7a48172b149b8f125d58e175ed4032a22babd0ed215666a99f0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 01:40:13 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Sat, 08 Jun 2024 01:40:13 GMT
Server: Jetty(9.4.45.v20220203)
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=300
Connection: close

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame 5CDB
Redirect Chain

https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0

0
0

39ms
38ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 11 Jun 2024 21:23:12 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 387
date: Tue, 11 Jun 2024 21:23:12 GMT
location: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&upid=gn5z6gn&upv=1.1.0
server: Kestrel

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 2FE1 19 B
461 B 1118ms
34ms XHR
application/json 3.162.103.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-42.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 08:09:23 GMT
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P1
age: 566031
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: lf2VCFrB3ZniFoAaAmSYzQirqZbqRDJ75BZRetfkssMEktSYwtsgEQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 2FE1 19 B
462 B 106ms
33ms XHR
application/json 18.67.65.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-59.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:40:22 GMT
via: 1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 394971
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: Vq4QpDZmX9Mx9QJYE5TUAjfVTHuyoSoxZaW8G0q2GgTPU1sCjzi_3w==

GET
BLOB 200
OK 6f54e185-c546-438d-bb37-d2a13e181fb4
https://www.secureworks.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.secureworks.com/6f54e185-c546-438d-bb37-d2a13e181fb4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 u
cdn.bizible.com/ 43 B
86 B 31ms
31ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1718140991383-15259&_biz_u=6561a5fc06484896e83af19ebd52d4c6&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&_biz_t=1718140992500&_biz_i=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&_biz_n=1&rnd=405542&cdn_o=a&_biz_z=1718140992612

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/818C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:12 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:24 GMT
server: ECS (cha/818C)
age: 346068
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
BLOB 200
OK 7afa3a4e-ff52-4fdd-aea1-5550c6f3c4ec
https://www.secureworks.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.secureworks.com/7afa3a4e-ff52-4fdd-aea1-5550c6f3c4ec
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
0 368ms
40ms Fetch
image/gif 23.59.25.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&user_session_id=5b0983dc-0692-4f94-85e8-79117e1abf5a
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.25.156 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-25-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.secureworks.com
date: Tue, 11 Jun 2024 21:23:13 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 343ms
44ms Image
image/gif 23.59.25.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&user_session_id=5b0983dc-0692-4f94-85e8-79117e1abf5a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.25.156 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-25-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 11 Jun 2024 21:23:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 1121ms
38ms Image
text/plain 23.222.197.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&user_session_id=5b0983dc-0692-4f94-85e8-79117e1abf5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-197-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1718140993","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Tue, 11 Jun 2024 21:23:13 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Tue, 11 Jun 2024 21:23:13 GMT

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 1140ms
52ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 21:23:13 GMT
function-execution-id: nnd9viw2xmlc
server: Google Frontend
x-cloud-trace-context: 6702122f7beb680d7c6141980aadf02c

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
123 B 100ms
97ms Fetch
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:13 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 9fcaa849ecca5699743e8afddc86b189
cache-control: private
function-execution-id: 9bv4bpf0vfxg
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 755 B
717 B 365ms
45ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 3cbadfa4978733bd5be49491780ee3fdcf1255dcfd09ebbaec113c1ddd256c5c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token 359714f191fbccf873d6d488c1ebaeeb533e4955
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
X-6s-CustomID: WebTag 201e7325-26d7-4b1a-af4b-38bdaf9162ab
Referer
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 9015560628974166514
date: Tue, 11 Jun 2024 21:23:13 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: us-east-1a
access-control-allow-origin: https://www.secureworks.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 396

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 115ms
41ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.secureworks.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Tue, 11 Jun 2024 21:23:12 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: us-east-1a
x-trace-id: 8432175229733687580

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
199 B 115ms
115ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:13 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9006BC38A32444E496201C51413DD23E Ref B: YTO01EDGE0519 Ref C: 2024-06-11T21:23:13Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.secureworks.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYao9+Ty2jk9IHKIPhH9w==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 40ms
40ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A12%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:13 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame 2FE1 38 B
145 B 160ms
67ms XHR
text/plain 3.141.124.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1718140993730&tk=30a8be1af0ff6647f2a6a004fc2fb241&s=361865&p=%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&u=976279&v=c593cd459ae04f1cd383763827dfd9ae7943ed67&f=secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&ul=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.124.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-124-186.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: a80531e7e48b5c3d9239efecd49adb83930f6f3d4210b890fce4d43227d79077

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 11 Jun 2024 21:23:13 GMT
cache-control: no-store
server: awselb/2.0
content-length: 38
content-type: text/plain

GET
H2 200 sync
s.company-target.com/s/ Frame 1A75 0
0 352ms
41ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/aa3cc511947365a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 21:23:14 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMKAo7MGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297IIa6QFXKvrLvu_AJE4PBVgkCoBjtY9k-mBk0wg6Y2Vo

26 B
348 B

108ms
36ms

Image
image/gif

99.84.191.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297IIa6QFXKvrLvu_AJE4PBVgkCoBjtY9k-mBk0wg6Y2Vo
Protocol: HTTP/1.1
Server: 99.84.191.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-112.iad89.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 11 Jun 2024 21:23:14 GMT
Via: 1.1 649b4de6ebe50fb3c542f3d95c8ed8ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD89-C2
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
X-Amz-Cf-Id: sddMEZHC7OMsv4cDOd4N5e8Ir5tcguszI1UJMKS5CzypmFJcu7qouw==

Redirect headers

date: Tue, 11 Jun 2024 21:23:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297IIa6QFXKvrLvu_AJE4PBVgkCoBjtY9k-mBk0wg6Y2Vo
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 401 ip.json Show response
api.company-target.com/api/v2/ 12 B
514 B 1229ms
132ms XHR
text/plain 13.249.39.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&page_title=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.39.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-39-55.iad89.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jun 2024 21:23:15 GMT
via: 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-C1
x-cache: Error from cloudfront
request-id: b2d30cdd-483d-469c-b0b1-9b8d268282d4
content-length: 12
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.secureworks.com
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-amz-cf-id: 8Ff7_GqinncZva4b5hWYoCQ-89-D3RvSW_BJStV_LGxEkK4dbDJTWg==

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 29ms
29ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:13 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 18:23:06 GMT
server: cloudflare
age: 100736
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8924a93c0963ab0a-YYZ

GET
BLOB 200
OK 5ad0be45-76ec-47e9-8ac5-195765882dec
https://www.secureworks.com/ 256 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.secureworks.com/5ad0be45-76ec-47e9-8ac5-195765882dec
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d88f54a9178a5c0b75abb4b7d66c4a084f4234e580f2c83a321c693702f7b41

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 256
Content-Type: text/javascript

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/3.7.0/ 85 KB
30 KB 389ms
46ms Script
application/x-javascript 23.66.217.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/3.7.0/jquery.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.217.72 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-217-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Jun 2023 14:58:35 GMT
Server: AkamaiNetStorage
ETag: "e6c2415c0ace414e5153670314ce99a9:1685718127.441272"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 30386

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 23 KB
4 KB 342ms
29ms Stylesheet
text/css 23.66.217.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.217.72 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-217-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2024 05:08:51 GMT
Server: AkamaiNetStorage
ETag: "c89c0f4cc3c0f0f2bd846508a3cd504c:1715749730.923559"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3762

GET
H/1.1 200
OK trw Show response
abrtp2.marketo.com/gw1/ 0
435 B 1141ms
35ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/trw?aid=dellsecureworks&trwv.uid=dellsecureworks-1718140993926-e410a5ac&trwv.vc=1&trwsa.sid=dellsecureworks-1718140993927-846a007b&trwsb.cpv=1&ctzo=-07:00&uri=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&ma=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1718140991383-15259&pm=&viewedTypes=&rts=1718140993928

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:15 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK ga-integration-2.0.5.js Show response
rtp-static.marketo.com/rtp/libs/ 18 KB
6 KB 426ms
29ms Script
application/x-javascript 23.66.217.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.217.72 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-217-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2023 08:00:53 GMT
Server: AkamaiNetStorage
ETag: "18a7b0f60655900c0010a35d07b9da0f:1686816053.163727"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5654

GET
H2 200 556f7559f794c4b7f3fa7753ad882b97.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 32ms
32ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/556f7559f794c4b7f3fa7753ad882b97.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:23:13 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 18:23:04 GMT
server: cloudflare
age: 100735
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8924a93c499bab0a-YYZ

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
426 B 1148ms
34ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/msg?a=2&sid=dellsecureworks-1718140993927-846a007b&aid=dellsecureworks&ma=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1718140991383-15259&viewedTypes=&0.39095987168751645&rts=1718140993979

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:15 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/ 522 KB
126 KB 70ms
49ms Script
application/x-javascript 23.66.217.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/jquery-custom-ui.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.217.72 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-217-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jun 2023 11:54:52 GMT
Server: AkamaiNetStorage
ETag: "85c4e68263c6de164e4bad3fb60222a5:1685620750.615377"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK visitor Show response
abrtp2.marketo.com/gw1/rtp/api/v1_1/ 215 B
928 B 141ms
36ms XHR
application/json 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/rtp/api/v1_1/visitor?sid=dellsecureworks-1718140993927-846a007b&aid=dellsecureworks&1718140994455

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

33f5b103d443e18653b92a521a4121412e375b9d3085a149a67054ae5d57a118

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: No-cache
Date: Tue, 11 Jun 2024 21:23:14 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Tue Jun 11 16:23:14 CDT 2024
Server: Jetty(9.4.45.v20220203)
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.secureworks.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
abrtp2.marketo.com/gw1/ga/ 48 B
501 B 139ms
35ms XHR
text/json 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/ga/sgm?sid=dellsecureworks-1718140993927-846a007b&1718140994456

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:14 GMT
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 35ms
35ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A13%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:14 GMT

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
426 B 102ms
36ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 21:23:15 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 39ms
39ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A14%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:15 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:15 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 37ms
36ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A15%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:16 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:16 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 36ms
36ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A16%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:17 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 47ms
45ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je46a0v879063519z871332070za200zb71332070&_p=1718140991653&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1840579946.1718140992&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1718140992&sct=1&seg=0&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&dt=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&en=6si_company_details&ep.company_name=&ep.company_industry=&ep.company_segment=&_et=736&tfd=18969
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 41ms
41ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A17%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:18 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 37ms
36ms Image
image/gif 23.205.106.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=d645de03-c06c-4ae4-8d58-22caa22afa7c&session=00928236-54bc-45fb-8826-aa18470daded&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2011%20Jun%202024%2021%3A23%3A18%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%227005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&pageViewId=99a7aab0-9b3b-400e-8765-160847dbd595&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-73.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 21:23:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Jun 2024 21:23:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.ca
URL: https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-15MK64YNN6&cid=1840579946.1718140992&gtm=45je46a0v879063519z871332070za200zb71332070&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1356488211

Domain: www.google.ca
URL: https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140992381&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL4kVrvKji-uarOwV6XPPoyFdpDIm45g&random=2658217469&rmt_tld=1&ipr=y

Domain: www.google.ca
URL: https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140992387&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLfJ5-JjVI5LoOIFlPGW31M3R5h-2IoQ&random=2328775652&rmt_tld=1&ipr=y

Domain: www.google.ca
URL: https://www.google.ca/pagead/1p-user-list/10934024932/?random=1718140992453&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLkpx498QSPfx4NDEkwkcUWcFQTOx56Q&random=3888390484&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.secureworks.com/	1969-12-31 23:59:59	Name: sxa_site Value: swxp-rendering
.pages.secureworks.com/	1970-01-20 21:15:42	Name: __cf_bm Value: klsTaJdJGOSNfBecZvHQQ6eTC6K44lQj8nute8j.tEA-1718140991-1.0.1.1-quTK.AYUsPEkKo8scn_A1SGcBxFAg_bXWq1tLU3d.Yp_zawDjnwIM9p_piF3s2RygUoNRFPspW0IplNbUJ8aZg
.secureworks.com/	1970-01-21 06:51:40	Name: _mkto_trk Value: id:725-SMC-563&token:_mch-secureworks.com-1718140991383-15259
pages.secureworks.com/	1969-12-31 23:59:59	Name: BIGipServerab44web-nginx-app_https Value: !6n+l6RVU+GSohczagI9xdiUvaZp4gn9Ho0QOlrI0yEW+Z4fF4SEnhw4+AriDsCvzWbMNXxXB18y/1LA=
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 896b4d18dd5057d298ddaa0c337a0a5b
.secureworks.com/	1970-01-20 23:25:16	Name: _gcl_au Value: 1.1.928020083.1718140992
.secureworks.com/	1970-01-21 06:01:16	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jun+11+2024+14%3A23%3A12+GMT-0700+(Pacific+Daylight+Saving+Time)&version=202401.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c6693924-37db-41bd-a1e8-8d3e020cce98&interactionCount=0&landingPath=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&groups=C0002%3A1%2CC0004%3A1%2CC0003%3A1%2CC0001%3A1
.secureworks.com/	1970-01-20 23:25:16	Name: _rdt_uuid Value: 1718140992358.ed0fbfae-fefc-4786-9180-2f22761a29c4
.techtarget.com/	1970-01-20 21:15:42	Name: __cf_bm Value: x5L9ArU1gIlOHDg1uHwEtAP7IsBRiOvvXvneJyAKVM4-1718140992-1.0.1.1-txZgqq6VwUmYWmGpdCuOmHF1llr68HhVT.bT0b7G0hubnSoSQeLO_vqkfAmGlHFAgbqIatydc.xnU0Yh1B4JTg
.secureworks.com/	1970-01-21 06:51:40	Name: _ga Value: GA1.1.1840579946.1718140992
.secureworks.com/	1970-01-20 21:17:07	Name: _uetsid Value: ced15600283811efb7e41b1c69befd44
.secureworks.com/	1970-01-21 06:37:16	Name: _uetvid Value: ced13b70283811ef9d557bf1777bc4b8
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_uid Value: 6561a5fc06484896e83af19ebd52d4c6
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_nA Value: 2
www.secureworks.com/	1970-01-20 21:15:42	Name: drift_campaign_refresh Value: 62fa065f-ba8e-44e5-9ddd-da7212030e79
www.secureworks.com/	1969-12-31 23:59:59	Name: sc_site Value: swxp-rendering
.bizible.com/	1970-01-21 06:01:16	Name: _BUID Value: 6561a5fc06484896e83af19ebd52d4c6
.adnxs.com/	1970-01-20 23:25:16	Name: XANDR_PANID Value: JO6YOScuO7kdirlHATrmK3Fq8E5W-kQskv9211Hk84oh3h0Ps6PEVN4P1gq5OeDA_0zvt_VuArNyzkc_b6OX2TwoAb7LqYVKBlsr6u17W28.
.adnxs.com/	1970-01-21 06:51:40	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:25:16	Name: uuid2 Value: 7207400824223007217
.bing.com/	1970-01-21 06:37:16	Name: MUID Value: 04B1A8B0961162131C15BC2B97BB6353
.bat.bing.com/	1970-01-20 21:25:45	Name: MR Value: 0
.bizibly.com/	1970-01-21 06:01:16	Name: _BUID Value: 061c4a7a1e3c3be5f97e7c8c5d6b9856
www.secureworks.com/	1970-01-20 21:25:45	Name: _an_uid Value: 0
www.secureworks.com/	1970-01-21 06:51:40	Name: _gd_visitor Value: d645de03-c06c-4ae4-8d58-22caa22afa7c
www.secureworks.com/	1970-01-20 21:15:55	Name: _gd_session Value: 00928236-54bc-45fb-8826-aa18470daded
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.secureworks.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.secureworks.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.secureworks.com/	1970-01-20 21:15:42	Name: tfpsi Value: 5b0983dc-0692-4f94-85e8-79117e1abf5a
.secureworks.com/	1970-01-21 06:01:16	Name: _biz_pendingA Value: %5B%5D
www.secureworks.com/	1970-01-21 06:01:16	Name: __pdst Value: 18e2e9dba4a7426aaa7861dfade8deb8
.twitter.com/	1970-01-21 06:51:40	Name: personalization_id Value: "v1_agsk1ZAcCNmzVJrwUkfjNw=="
.linkedin.com/	1970-01-20 23:25:16	Name: li_sugr Value: 6f536312-3919-4be4-936a-eb7567791fc1
.linkedin.com/	1970-01-21 06:01:16	Name: bcookie Value: "v=2&080e8d8e-57e7-4767-84c7-8005e3ef2bfd"
.linkedin.com/	1970-01-20 21:17:07	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3219:u=1:x=1:i=1718140992:t=1718227392:v=2:sig=AQHdgTyvlQzyDMZ8ccUDW9QnYamYM25p"
.adsrvr.org/	1970-01-21 06:01:16	Name: TDID Value: e607a22a-39a8-4653-953b-174206755866
.t.co/	1970-01-21 06:51:40	Name: muc_ads Value: da4832cd-3718-41a3-a2cb-a5415e311e0a
.linkedin.com/	1970-01-20 21:58:52	Name: UserMatchHistory Value: AQJnuVGTFWdvaAAAAZAJLvzZD6HMp8CmlA-u2HyW9ISD915ShUthnNsQZi-3ePE1EUECYkGvBL5RMA
.linkedin.com/	1970-01-20 21:58:52	Name: AnalyticsSyncHistory Value: AQIXjkg9N9qfnwAAAZAJLvzZO8-EGNxii9rjgv8bWUK1cVfbiLiJbCCliTolNLbz_uWXqoJZxawpq2vEdzT4uw
.rubiconproject.com/	1970-01-21 06:01:16	Name: khaos Value: LXAWSAUC-D-HHRE
.www.linkedin.com/	1970-01-21 06:01:16	Name: bscookie Value: "v=1&20240611212313d7fcb463-0afd-4e96-8b65-671ae53e7b63AQHWxlIrTRNk36m3AauucKDjtffyTjRQ"
www.secureworks.com/	1970-01-21 06:51:40	Name: drift_aid Value: ef58a815-f33e-40ee-b5e3-d4487ea9b073
www.secureworks.com/	1970-01-21 06:51:40	Name: driftt_aid Value: ef58a815-f33e-40ee-b5e3-d4487ea9b073
.secureworks.com/	1970-01-21 06:51:40	Name: _ga_15MK64YNN6 Value: GS1.1.1718140992.1.0.1718140993.59.0.0
.secureworks.com/	1970-01-20 21:17:07	Name: _ce.clock_event Value: 1
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.secureworks.com/	1970-01-20 21:17:07	Name: _ce.clock_data Value: 20%2C149.88.16.56%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CCA
.secureworks.com/	1970-01-21 06:01:16	Name: _CEFT Value: Q%3D%3D%3D
.secureworks.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.secureworks.com/	1970-01-21 06:01:16	Name: _ce.s Value: v~c593cd459ae04f1cd383763827dfd9ae7943ed67~lcw~1718140993904~lva~1718140992603~vpv~0~v11.cs~361865~v11.s~cfa96700-2838-11ef-92d6-9bbbdac8750b~lcw~1718140993905
.secureworks.com/	1970-01-21 06:51:40	Name: trwv.uid Value: dellsecureworks-1718140993926-e410a5ac%3A1
.secureworks.com/	1970-01-20 21:15:42	Name: trwsa.sid Value: dellsecureworks-1718140993927-846a007b%3A1
.rlcdn.com/	1970-01-21 06:01:16	Name: rlas3 Value: eqsHzX6O0ZL25/FT1FKKdCv4o/N95eyGZm7w4Yp1Nyg=
.company-target.com/	1970-01-21 06:51:40	Name: tuuid Value: ca4bad68-9f75-4bfa-9b52-bf934e8c19b7
.company-target.com/	1970-01-21 06:51:40	Name: tuuid_lu Value: 1718140994\|ix:0\|mctv:0\|rp:0
.rlcdn.com/	1970-01-20 22:42:04	Name: pxrc Value: CMKAo7MGEgUI6AcQABIGCMrdKhAA
.rubiconproject.com/	1970-01-21 06:01:16	Name: audit Value: 1\|AWe4pCsdVdJiH5voku1T49yaL5HygLyVGJD7z0jmDePsf3zahXrs4fFvsPDUE7M/6WnPHZUlnxSM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLu579LYnjBg1TRrtf+pFHFPTXWgJEo+YDQHDU0DV6embGVpneXA672wz11ZvUtF/WFbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.rubiconproject.com/	1970-01-20 23:25:16	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 06:01:16	Name: CMID Value: ZmjAQtHM6EEAABWEADbXrgAA
.casalemedia.com/	1970-01-20 23:25:16	Name: CMPS Value: 513
.casalemedia.com/	1970-01-20 23:25:16	Name: CMPRO Value: 513
.tremorhub.com/	1970-01-21 06:01:37	Name: tvid Value: 5a27b5d7318b4141bef972a818585d76
.tremorhub.com/	1970-01-21 06:51:40	Name: tv_UIDM Value: ca4bad68-9f75-4bfa-9b52-bf934e8c19b7
.doubleclick.net/	1970-01-21 06:51:40	Name: IDE Value: AHWqTUnuNQYjqX7Hh4sh1azGXpkJtcEGMmf3G7hO-_S9q7ijSc1jfpU41YHIiDYWC1Q
.adsrvr.org/	1970-01-21 06:01:16	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCO7PsbfXmYU9EAUSFwoIYXBwbmV4dXMSCwi677G315mFPRAFEhUKBmdvb2dsZRILCISZkdfXmYU9EAUYBSACKAMyCwj0rrTk7ZmFPRAFQg8iDQgBEgkKBXRpZXIzEAFaBzZnMXk5aHlgAQ..

99 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/wp-xdr-vs-siem-a-cybersecurity-leaders-guide.json?path=resources&path=wp-xdr-vs-siem-a-cybersecurity-leaders-guide Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/contact/emergency-response.json?path=contact&path=emergency-response Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/eb-modernize-you-security-operation-center-with-xdr.json?path=resources&path=eb-modernize-you-security-operation-center-with-xdr Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/resources/eb-mdr-done-right.json?path=resources&path=eb-mdr-done-right Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/pxjHHFJVmFlOcWxZccp9j/en/blog.json?path=blog Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-15MK64YNN6&cid=1840579946.1718140992&gtm=45je46a0v879063519z871332070za200zb71332070&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1356488211' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140992381&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL4kVrvKji-uarOwV6XPPoyFdpDIm45g&random=2658217469&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/pagead/1p-user-list/648366107/?random=1718140992387&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v889968102z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLfJ5-JjVI5LoOIFlPGW31M3R5h-2IoQ&random=2328775652&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
security	error	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Refused to load the image 'https://www.google.ca/pagead/1p-user-list/10934024932/?random=1718140992453&cv=11&fst=1718139600000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v870813510z871332070za201zb71332070&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&hn=www.googleadservices.com&frm=0&tiba=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=928020083.1718140992&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLkpx498QSPfx4NDEkwkcUWcFQTOx56Q&random=3888390484&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Firanian-pupyrat-bites-middle-eastern-organizations&page_title=Iranian%20PupyRAT%20Bites%20Middle%20Eastern%20Organizations%20%7C%20Secureworks Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' .secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-NDA4NWIxY2YtMjZmMi00NThjLWIzMWItZGYxZDUyNjBkODhm' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com .gartner.com .gtnr.io .marketo.com https://play.vidyard.com .youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com .secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

725-smc-563.mktoresp.com
abrtp2-cdn.marketo.com
abrtp2.marketo.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
assets-tracking.crazyegg.com
attr.ml-api.io
b.6sc.co
bat.bing.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.pdst.fm
cm.teads.tv
dam.secureworks.com
epsilon.6sense.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
id.rlcdn.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
match.adsrvr.org
munchkin.marketo.net
p.teads.tv
pages.secureworks.com
pagestates-tracking.crazyegg.com
pixel-config.reddit.com
px.ads.linkedin.com
rtp-static.marketo.com
s.company-target.com
s.ml-attr.com
script.crazyegg.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.teads.tv
tag.demandbase.com
tracking.crazyegg.com
trk.techtarget.com
us-central1-adaptive-growth.cloudfunctions.net
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.secureworks.com
www.google.ca
104.17.74.206
104.19.148.8
104.19.178.52
104.244.42.3
13.107.42.14
13.249.39.55
146.75.36.157
15.197.193.217
151.101.129.140
151.101.193.140
151.101.65.140
152.199.2.76
162.159.140.25
172.217.222.147
172.217.222.94
172.64.151.60
172.64.155.119
173.194.204.155
18.160.10.40
18.160.10.75
18.160.18.4
18.67.60.119
18.67.65.59
192.28.144.124
192.28.155.3
204.79.197.237
209.85.144.97
209.85.201.155
216.239.32.181
216.239.36.54
23.12.145.20
23.13.172.203
23.205.106.73
23.212.249.132
23.222.197.151
23.222.79.235
23.53.35.115
23.59.25.156
23.66.217.72
3.141.124.186
3.162.103.42
34.111.208.231
34.96.71.22
35.244.142.80
35.244.154.8
68.67.153.60
68.67.160.24
72.21.81.130
76.223.9.105
99.84.108.35
99.84.191.112
002976623a298ec45982f0e868a6451680eb58cf19addbccfbe3b7e228d9f4e8
01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6
01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0d6fba9519c07a6138279b6d6fa859766cd5b6b27e68166b53dad79201597832
0e7ee488720823f506e6fca1ba0da31c53e12db210bf875a74b716fe4df66d64
0ec9ca5bebcf9a33d5741db506547c6903858435a1643b40116ccfbbd0726f63
143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
16ab7e310c42cf2b90eefb5a99cf4c498f767f43b250dda11c7f6e7783c9cfae
19265c09939675d4a3511ba7fbc7f2a3d59ca6a1ff253645e221270868ae73d8
1a6d77266bd2a4688fbe39ef25f8245cb87a7c4a5c3b33d9655a58e49d2183c8
22a43acf7dd11aa888085cce6e81d99102c89f4b24273cdcc8b32f882b2a6e79
24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
2b76291b70139d9c203708f0afdbab2d98c39a24e6152e9cb99837e714df8845
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3017d3476da7a48172b149b8f125d58e175ed4032a22babd0ed215666a99f0bc
311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f
33f5b103d443e18653b92a521a4121412e375b9d3085a149a67054ae5d57a118
3976d2e7a142344aee3105522c8afc5688f1a856d2c425e6494d4baba6c3d052
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cbadfa4978733bd5be49491780ee3fdcf1255dcfd09ebbaec113c1ddd256c5c
3d88f54a9178a5c0b75abb4b7d66c4a084f4234e580f2c83a321c693702f7b41
3e6b554534f7428b64fbc3de1c22bc0402b9acf4d3d955d917495a558e96204c
41f511c11798733b533de36c1a0ee8c04033a68f7eb2f11730f5bd528391ed4b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d57401850d7f4db0efa67f17e4ccb839ba545f3c377c078a03e9c12b943318
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4a02c64bcf27e009fb460880bb2d00a0bc64642b371551eb3bebdfd1bfa45571
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f4e5c3ed95b7f90a4c8c465a34c82dd9068e6887e8e2e4aa67c024bb73c9e56
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632
5392fcb13ceeae22545e0102586f503f8a5776bd631432814988c86bb64a3d72
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b14348040f17891d6abf5eb3059d81a336cbf5567ee27e1de0a1dc30d4feac3
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
73f749727bb4a579cd17c608f17d0f505192ecd1053ff08bdec6906fb1dce977
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
74c089861b357f2d7aefccb4ad68cc92de7fd4041e8674c8c7d2d128adeca379
76444a9885bbb64c7a19bc5db54d746ab2cc1b7fe80356d25512cf2d79efff76
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
7832f4a3c9cdc8ef1259fd500526f9d7bde88361e75340f2d74a6dfbf2afc3a5
7a772e65aa00cb2dde2ed5e66a3f5d11f2b26e6cc35f8e32e3caed19d764b93d
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832a204488e45f8ad10625d6c0b597b5ddcad1a9d3b4223506857c61cfd25a86
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8b329825008e906de3f37e48914a518e0c01a8270fd7b1cfa9623deadd12c1be
8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
96f0a96285ddfb463ad5eabf71a0c70e2f5fc62657fa8c2ace3403c362afd8df
a034ab1be1fd0be24846ca7de9cb845befb2d4707ad8012a4881553773982957
a7fc03a12b273741a1add13e5e7e3ebd52b9b1f85e0c9e1798dcc6ad385f1586
a80531e7e48b5c3d9239efecd49adb83930f6f3d4210b890fce4d43227d79077
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b012b1e2336645b1c18d3b3a56304c1c3b442e7467d2098b278c9d0ed3939c60
b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129
b2bb66af47be55d0a2a98c89ea45d146dbaa8a975d0f5e81f6d834e3a86ba3bc
b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
bd141cb88c05d7eb814ae3b69683cfdf8dd7276c039f38961c12b8a22acc7e56
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641
c728ef0a0548ee709c3cc0c7d06665596a35176c42067c85c892b24415cc1c4f
ca050b8f34554c0a517f6270316c5ab6a2682491b4cf8f4150cd8c466ab0e437
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc1e0ff2593a69e2cf73a73cd60839b1df8dfb9012e6069a0e20a690b03f2a3a
cf27a8a97c021bd420b0e25d707b39df0289a37d6a0e9857daf1550330880e2f
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d6968ffe4a37dbfa8e244672f97ddc3329815477ad3592085cfd19f2269577a1
d8174af0e580306698f3a965c8e0579daea1f8084c5c977ac96ee2d7539cab03
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc47e2311490e796629f78fff8cb1ff683b4891ddd9aacc651f264003aa340
e5edab6cea865b4c88e4d85527ffa35b68b91e4bc2ac6d41db54933d4a88778d
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2
ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6234a63720e6c3acd6cb0d07a5136f425d3f09c148da4dcc485972f84214e
f0273094766fde820e821a416732ccc2f6ffe5d046fb4028b6d00f9dec3af92d
f16fed5ed2b73b091c0815e2bb5edf476b0cc16b45e8f169fa170bb6cc5039a4
f317578d7a04e1e0cd9706663bf10707855ff45e76612274b562828e39e9053f
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fffb01080620d7cbb2b2f481973991d1504b3732a59b3d2771231f96485c5376

www.secureworks.com Open in urlscan Pro 162.159.140.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

93 %HTTPS

0 %IPv6

36 Domains

57 Subdomains

50 IPs

2 Countries

2488 kBTransfer

7205 kBSize

66 Cookies

16 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.secureworks.com Open in urlscan Pro
162.159.140.25 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

93 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

50
IPs

2
Countries

2488 kB
Transfer

7205 kB
Size

66
Cookies

150 HTTP transactions
0 data transactions