cyware.com Open in urlscan Pro
52.24.100.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6P...
Effective URL:
https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2...
Submission: On December 17 via api (December 17th 2020, 12:39:13 pm UTC) from DE

Summary HTTP 46 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 24 domains to perform 46 HTTP transactions. The main IP is 52.24.100.176, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is cyware.com.
TLS certificate: Issued by Amazon on February 23rd 2020. Valid for: a year.

This is the only time cyware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
5	52.24.100.176 52.24.100.176	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:206... 2600:9000:206f:a000:1:d92a:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::621	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	52.218.204.226 52.218.204.226	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.6.57.28 3.6.57.28	16509 (AMAZON-02) (AMAZON-02)
46	28

2 199.60.103.254 (Canada) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.24.100.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-100-176.us-west-2.compute.amazonaws.com

cyware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:206f:a000:1:d92a:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

production.cyware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::621 (Ascension Island)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.204.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

cyware-ent.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.6.57.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-6-57-28.ap-south-1.compute.amazonaws.com

debugger.cyware.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cyware.com cyware.com production.cyware.com	2 MB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	licdn.com snap.licdn.com	3 KB
2	hubspot.com forms.hubspot.com track.hubspot.com	1 KB
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	18 KB
2	silobreaker.com 1 redirects info.silobreaker.com	3 KB
1	cyware.io debugger.cyware.io	242 B
1	google.de www.google.de	552 B
1	google.com www.google.com	324 B
1	googleadservices.com www.googleadservices.com	13 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	hubapi.com api.hubapi.com	751 B
1	hsforms.com forms.hsforms.com	589 B
1	hscollectedforms.net js.hscollectedforms.net	25 KB
1	hs-banner.com js.hs-banner.com	13 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	amazonaws.com cyware-ent.s3.amazonaws.com	611 KB
1	hsforms.net js.hsforms.net	127 KB
1	hs-scripts.com js.hs-scripts.com	958 B
1	polyfill.io polyfill.io	530 B
1	googleapis.com fonts.googleapis.com	750 B
46	24

	Domain	Requested by
13	production.cyware.com	cyware.com production.cyware.com
5	cyware.com	info.silobreaker.com cyware.com production.cyware.com
2	px.ads.linkedin.com	1 redirects
2	snap.licdn.com	js.hsadspixel.net snap.licdn.com
2	www.google-analytics.com	production.cyware.com
2	fonts.gstatic.com	fonts.googleapis.com
2	info.silobreaker.com	1 redirects
1	debugger.cyware.io	production.cyware.com
1	www.linkedin.com	1 redirects
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	js.hsadspixel.net
1	api.hubapi.com	production.cyware.com
1	track.hubspot.com
1	forms.hsforms.com	cyware.com
1	forms.hubspot.com	production.cyware.com
1	stats.g.doubleclick.net	production.cyware.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	cyware-ent.s3.amazonaws.com	cyware.com
1	js.hsforms.net	cyware.com
1	js.hs-scripts.com	cyware.com
1	polyfill.io	cyware.com
1	fonts.googleapis.com	cyware.com
46	28

This site contains links to these domains. Also see Links.

Domain
www.trendmicro.com
www.bbc.com
www.techrepublic.com
www.google.com
apps.apple.com
play.google.com
twitter.com
www.linkedin.com
www.youtube.com
www.iubenda.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.cyware.com Amazon	`2020-02-23` - `2021-03-23`	a year	crt.sh
cyware.com Amazon	`2020-10-04` - `2021-11-03`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.cyware.io Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Frame ID: 2AF0396FB99C5FA46BEEBEC696B79863
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3N... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1... HTTP 307
https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsm... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

46
Requests

100 %
HTTPS

82 %
IPv6

24
Domains

28
Subdomains

28
IPs

6
Countries

2869 kB
Transfer

3757 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trendmicro.com/en_us/research/20/l/sidewinder-leverages-south-asian-territorial-issues-for-spear-ph.html
Title: malicious LNK

Search URL Search Domain Scan URL

URL: https://www.bbc.com/news/world-asia-india-55232432
Title: disinformation campaign

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/hackers-for-hire-target-victims-with-cyber-espionage-campaign/
Title: South Asia

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Cyware+Labs/@40.7559136,-73.9881915,17z/data=!3m1!4b1!4m5!3m4!1s0x0:0xc1e4c88980c6b2fe!8m2!3d40.7559136!4d-73.9860028?hl=en
Title: Cyware Labs, 1460 Broadway, New York, NY 10036

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/cyware-social/id1082345915

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=co.cyware

Search URL Search Domain Scan URL

URL: https://twitter.com/CywareCo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/10407612/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCBPcVKjzXijVkBWwV3wNjag

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/terms-and-conditions/13599757
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/13599757/legal
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP05W8pMCNG2M-sgRW7Nf9xW2YgdqDW3-3QxN1t4y4dW5nhLbx8s8WLvVWqNjY68ygHsW1p6Bk24SpTywW7p72ZT8Vh2LVW1Drw5W5wC3_TW1x33BZ8V3zHWW6KvcXV2dP0vvW5PJSrJ643gjKW6fNgZK8bPCnLW3HBc1f5XWJYXVDXwxd48Tc6hW7-VDDv6RHPhw3jSn1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP05W8pMCNG2M-sgRW7Nf9xW2YgdqDW3-3QxN1t4y4dW5nhLbx8s8WLvVWqNjY68ygHsW1p6Bk24SpTywW7p72ZT8Vh2LVW1Drw5W5wC3_TW1x33BZ8V3zHWW6KvcXV2dP0vvW5PJSrJ643gjKW6fNgZK8bPCnLW3HBc1f5XWJYXVDXwxd48Tc6hW7-VDDv6RHPhw3jSn1?_ud=eb604a3f-8e6a-4ef4-9208-4c569dc27295&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2232740&time=1608208736710&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2232740%26time%3D1608208736710%26url%3Dhttps%253A%252F%252Fcyware.com%252Fnews%252Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2232740&time=1608208736710&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&liSync=true

46 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP0... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 101ms
101ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP05W8pMCNG2M-sgRW7Nf9xW2YgdqDW3-3QxN1t4y4dW5nhLbx8s8WLvVWqNjY68ygHsW1p6Bk24SpTywW7p72ZT8Vh2LVW1Drw5W5wC3_TW1x33BZ8V3zHWW6KvcXV2dP0vvW5PJSrJ643gjKW6fNgZK8bPCnLW3HBc1f5XWJYXVDXwxd48Tc6hW7-VDDv6RHPhw3jSn1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e433016348890b3b3d700e08eece1d3d594666360640e134124bf4668c546ef

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP05W8pMCNG2M-sgRW7Nf9xW2YgdqDW3-3QxN1t4y4dW5nhLbx8s8WLvVWqNjY68ygHsW1p6Bk24SpTywW7p72ZT8Vh2LVW1Drw5W5wC3_TW1x33BZ8V3zHWW6KvcXV2dP0vvW5PJSrJ643gjKW6fNgZK8bPCnLW3HBc1f5XWJYXVDXwxd48Tc6hW7-VDDv6RHPhw3jSn1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:52 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d0410890d100902d063e462d1c11107721608208732; expires=Sat, 16-Jan-21 12:38:52 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=d757590926eaa29fcbb28e0653050071e251873c-1608208732; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 6030b421b80132a6-CDG
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07124ee916000032a677817000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf Show response
cyware.com/news/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR...
https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDje...

294 KB
49 KB

903ms
531ms

Document
text/html

52.24.100.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP05W8pMCNG2M-sgRW7Nf9xW2YgdqDW3-3QxN1t4y4dW5nhLbx8s8WLvVWqNjY68ygHsW1p6Bk24SpTywW7p72ZT8Vh2LVW1Drw5W5wC3_TW1x33BZ8V3zHWW6KvcXV2dP0vvW5PJSrJ643gjKW6fNgZK8bPCnLW3HBc1f5XWJYXVDXwxd48Tc6hW7-VDDv6RHPhw3jSn1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.100.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-100-176.us-west-2.compute.amazonaws.com

Software

Cyware / Express

Resource Hash

a71d2ac931ae65101358dc45c6e49d6201ecafc8d9f492139880341aac780f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cyware.com
:scheme: https
:path: /news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP05W8pMCNG2M-sgRW7Nf9xW2YgdqDW3-3QxN1t4y4dW5nhLbx8s8WLvVWqNjY68ygHsW1p6Bk24SpTywW7p72ZT8Vh2LVW1Drw5W5wC3_TW1x33BZ8V3zHWW6KvcXV2dP0vvW5PJSrJ643gjKW6fNgZK8bPCnLW3HBc1f5XWJYXVDXwxd48Tc6hW7-VDDv6RHPhw3jSn1

Response headers

date: Thu, 17 Dec 2020 12:38:53 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
set-cookie: auth.strategy=local; Path=/
etag: "496c2-G83GWTsNmxssIn7qSjTXS5GKDDk"
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
server: Cyware
cache-control: max-age=86400, no-cache, public
x-frame-options: allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload;

Redirect headers

date: Thu, 17 Dec 2020 12:38:52 GMT
location: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
cf-ray: 6030b422696332a6-CDG
link: <https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07124ee983000032a6afbb5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H2 200 d774a595170355335949.js Show response
production.cyware.com/social/ 3 KB
3 KB 44ms
10ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/d774a595170355335949.js
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6d68a7cb4bae99cc7609396c43838a1e77d1137f8a84234703b30ef07def11a

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 00:17:22 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:02 GMT
server: AmazonS3
age: 44492
etag: "bcb74847007fb1c93de945cad3eb7057"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2906
x-amz-cf-id: M695LKumkIR9p_DWQ6bD40cEoFG8J_u1MaLu1d5b-m9OKXPzWn4sfw==

GET
H2 200 850ac2d58c15bb0d48f7.js Show response
production.cyware.com/social/ 188 KB
188 KB 44ms
9ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/850ac2d58c15bb0d48f7.js
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d16896edf8050f6a0cd7a7b9359ca7522be23382eac47ada9aa693c88cc519d1

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 11:46:32 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:01 GMT
server: AmazonS3
age: 3142
etag: "9e01af82290654e86a004c337a98972b"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 192230
x-amz-cf-id: m-euhJUZyuqDs5papwbmMWcj57gJZZpRORGE9oZhKwZCU0VtnZn63g==

GET
H2 200 ab3c3fdc11d8a5319fde.js Show response
production.cyware.com/social/ 1 MB
1 MB 44ms
10ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74d8bcba84408837591b6a12b342594272aad99a02eafe4a0280e6f8a444dea2

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 03:22:24 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:02 GMT
server: AmazonS3
age: 33390
etag: "204dcdd0e6393cda79bb2e7abea7e11e"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1373863
x-amz-cf-id: 0LgoSJlcMGZNg9ufPhXcJ9bCXnnSYqfxpybhK2UsAQpYRmejskr9kA==

GET
H2 200 464d8f270234eb0b0085.js Show response
production.cyware.com/social/ 283 KB
283 KB 44ms
10ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/464d8f270234eb0b0085.js
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49b453a76c6d7d21b1f181d16536548dbc92ce8632e51f5c04af3c5c3e523a4f

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 23:42:39 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:01 GMT
server: AmazonS3
age: 46575
etag: "a56c34c1e50dc19e1bdbf1c8686cd1f1"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 289481
x-amz-cf-id: aG0ouQ1eej7MYxCCs9QO1vnlhVVk_xqMRHSStMQnsV_rKjUfoVhXGg==

GET
H2 200 20d9a83167db52d23cd4.js Show response
production.cyware.com/social/ 14 KB
14 KB 42ms
8ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/20d9a83167db52d23cd4.js
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a6f5b70c11a59bd2b27a534812185b21e5c2c4a4367a69bf7069ebee21fdd07

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 18:02:25 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:01 GMT
server: AmazonS3
age: 66989
etag: "33c65c9badff270e60ba508134c2911b"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 13840
x-amz-cf-id: wleWOtXnho0HDbrICPmfmPtWGmS7-udBob7jFmA4RffMvKW8POlQPw==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
750 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2e8b49e8529d1acbd9834ac3ea1993ef3d37323bacac1acf2823cfa3939916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Dec 2020 10:45:11 GMT
server: ESF
date: Thu, 17 Dec 2020 12:38:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Dec 2020 12:38:53 GMT

GET
H2 200 37ae63c.svg
production.cyware.com/social/img/ 5 KB
6 KB 8ms
7ms Image
image/svg+xml 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production.cyware.com/social/img/37ae63c.svg
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6aa44d7515541e116c9a091bb0b5a70e4f81728126347261635b5cda6aec1e4

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:59:16 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:06 GMT
server: AmazonS3
age: 59978
etag: "37ae63c6a9fe1cfb6c915056f0bba93a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5434
x-amz-cf-id: E08l125lHx8d1EwkYmW7jyyfJMHkl-aTLq52eDC1daIEwpb7y99PYA==

GET
H2 200 49b2_shutterstock_1097913926.jpg
cyware.com/smart/unsafe/120x130/smart/filters:quality(80)/https://cyware-ent.s3.amazonaws.com/image_bank/ 4 KB
5 KB 241ms
240ms Image
image/jpeg 52.24.100.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cyware.com/smart/unsafe/120x130/smart/filters:quality(80)/https://cyware-ent.s3.amazonaws.com/image_bank/49b2_shutterstock_1097913926.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.100.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-100-176.us-west-2.compute.amazonaws.com

Software

Cyware /

Resource Hash

362a0e2e2456de5b41e7d16ccfe9c8f535c7eeb4b87b57372b1632ef210ea4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
x-content-type-options: nosniff
server: Cyware
etag: "c63030084cfe752cfe17059a2037a9e1e88bbbbc"
x-frame-options: allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
content-type: image/jpeg
cache-control: max-age=315360000, max-age=86400, no-cache, public
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 4587
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c9e0_shutterstock_1470163916.jpg
cyware.com/smart/unsafe/120x130/smart/filters:quality(80)/https://cyware-ent.s3.amazonaws.com/image_bank/ 3 KB
4 KB 262ms
260ms Image
image/jpeg 52.24.100.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cyware.com/smart/unsafe/120x130/smart/filters:quality(80)/https://cyware-ent.s3.amazonaws.com/image_bank/c9e0_shutterstock_1470163916.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.100.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-100-176.us-west-2.compute.amazonaws.com

Software

Cyware /

Resource Hash

96a7314e869a10ee0bee5c01bd194cc6798f808554a4da5c5fd58dbc21710a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
x-content-type-options: nosniff
server: Cyware
etag: "122bd9ee497f7e8f38b42679d3b4a04282e895a1"
x-frame-options: allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
content-type: image/jpeg
cache-control: max-age=315360000, max-age=86400, no-cache, public
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 3556
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6fed3be.svg
production.cyware.com/social/img/ 7 KB
7 KB 9ms
7ms Image
image/svg+xml 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production.cyware.com/social/img/6fed3be.svg
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec6b9513987f66b5903cebdb93bcc616b68f9909f647d3f50b7a6544dcfd9e2f

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 21:54:32 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:07 GMT
server: AmazonS3
age: 53062
etag: "6fed3be0b0fc000ff8c8e5e1220f4687"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7075
x-amz-cf-id: 4JPZcVMr5aAculwNIeg0Snx8XHqp_qpJhpfaWCeAQQq30NXO9Ar0nA==

GET
H2 200 1c7498a.svg
production.cyware.com/social/img/ 6 KB
6 KB 12ms
11ms Image
image/svg+xml 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production.cyware.com/social/img/1c7498a.svg
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 194bf057cf24ac499b27acd6017d5eb780c2ec352c826780e90147ff14e997a2

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 21:54:32 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:06 GMT
server: AmazonS3
age: 53062
etag: "1c7498ab808c1be2cfa222749a6e4165"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5783
x-amz-cf-id: wxP5exHNlbE2EfUSXeRk-BEyVZJF231zxv7D5fEMaZSx6mmuoh-tPQ==

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
530 B 43ms
14ms Script
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=es6%2CPromise%2CMutationObserver%2CIntersectionObserver%2Ces5%2CObject.entries%2CEventSource

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://cyware.com
Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 28423
detected-user-agent: Chrome/83.0.4103
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 16 Dec 2020 17:44:12 GMT
date: Thu, 17 Dec 2020 12:38:54 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 7288424.js Show response
js.hs-scripts.com/ 2 KB
958 B 138ms
120ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7288424.js
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e826d935d47368be20db00e7102b0d5a48c85b4ee9756c3283f673e2806e85fb

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BE0B9C8AFB8D1A54133AB9B7A17E7D526ACBD4F74000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://cyware.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6030b42b7e071e47-FRA
cf-request-id: 07124eef2a00001e4799330000000001
expires: Thu, 17 Dec 2020 12:39:54 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 519 KB
127 KB 55ms
41ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057839035b660b390bcd2dc55ef31b6395fb51eeb55ede9e03139b6b27c9df93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
via: 1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 542
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07124eef2600004a671cae0000000001
last-modified: Thu, 17 Dec 2020 10:00:31 UTC
server: cloudflare
etag: W/"78f37d42d5b121877beb45ea572c1039"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: mdp96hLjDPnkrUpuKzRsu.TiWTgbsFrM
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6030b42b7ae14a67-FRA
x-amz-cf-id: r_E1KuVbW6xHIPkn4RdV8t2Nb0m-hQI7P5dvlkIXpEAJzAs_e3NI0Q==

GET
DATA 200
OK truncated
/ 823 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5636027d157543583d21ae2574222e4b4ff16ebf12d5a70d6f074940195fb92

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 639 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 325bb368e3fc5a1f6ad31c10e3038e41568383733c767ce3d81d88baba391ff8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 657 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e530afcd39959ea41c6c4d2fc2c4fd097b0ae5bed210dcaf8bad0cd60d31a5ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cyware.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:41:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 61036
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 16 Dec 2021 19:41:37 GMT

GET
H2 200 647a323.ttf
production.cyware.com/social/fonts/ 12 KB
12 KB 27ms
8ms Font
binary/octet-stream 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/fonts/647a323.ttf
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8783d5fa087983659871825aaf0c0582509f3fce9174bfbe4d811a6ff04bfb8

Request headers

Origin: https://cyware.com
Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 08:05:52 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
vary: Origin
age: 16383
x-cache: Hit from cloudfront
content-length: 12212
last-modified: Sun, 22 Nov 2020 09:40:02 GMT
server: AmazonS3
etag: "647a3236a1d84b9c369251168a1ff97f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 7inlspEUFmXX6ScRf6zt9yJU6ahr5EgCq4AHKvmJdJMZTZuqpXavFA==

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cyware.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 21:16:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 228169
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 14 Dec 2021 21:16:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2899
date: Thu, 17 Dec 2020 11:50:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 17 Dec 2020 13:50:35 GMT

GET
H2 200 93ca01d.jpg
production.cyware.com/social/img/ 3 KB
4 KB 8ms
8ms Image
image/jpeg 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production.cyware.com/social/img/93ca01d.jpg
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 144f3e783ff9333379de9720b8182e7e1115f51ef29a58059c8be590557b7470

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 22:02:33 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:04 GMT
server: AmazonS3
age: 52582
etag: "93ca01db7b98aec53231108d9a42984a"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3526
x-amz-cf-id: pZQOpe-m_OoqPGrDhA0ciNEWP-jqaBLOa42g1RuSVikUyqBSF62-_g==

GET
H2 200 category-slug-map Show response
cyware.com/api-social/ 2 KB
1 KB 280ms
280ms XHR
application/json 52.24.100.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyware.com/api-social/category-slug-map

Requested by

Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.100.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-100-176.us-west-2.compute.amazonaws.com

Software

Cyware / Express

Resource Hash

3bbc3caa2f3515d496602dc7f4b05045d0d76c573d7ec2ac90af95e8da62fb77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
content-encoding: gzip
etag: W/"97b-oaHxdeUE2UUxkqPjq4nDexjEBV4"
server: Cyware
x-powered-by: Express
x-frame-options: allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, no-cache, public
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 event-types Show response
cyware.com/api-social/ 80 B
542 B 241ms
241ms XHR
application/json 52.24.100.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyware.com/api-social/event-types

Requested by

Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.100.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-100-176.us-west-2.compute.amazonaws.com

Software

Cyware / Express

Resource Hash

1c29911377afb700041f265d91ae3443493511c92e0b7944ad177684f3971fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
content-encoding: gzip
etag: W/"50-vFfRg8QlCC/fLcnjbRRDa4klWqM"
server: Cyware
x-powered-by: Express
x-frame-options: allow-from https://lynxgrc.com https://www.incidentresponse.com https://new.cyware.com https://consortiam.net https://securitycurrent.com
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, no-cache, public
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iStock-149415969.jpg
cyware-ent.s3.amazonaws.com/image_bank/ 611 KB
611 KB 762ms
210ms Image
image/jpeg 52.218.204.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyware-ent.s3.amazonaws.com/image_bank/iStock-149415969.jpg
Requested by: Host: cyware.com
URL: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.204.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf14630e55d7f5bfb8c32d7dee628dca8b518c7e4882e1c1bc967a54bdd35eb8

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 17 Dec 2020 12:38:55 GMT
Last-Modified: Tue, 11 Jul 2017 18:42:19 GMT
Server: AmazonS3
x-amz-request-id: 2B3A88CC42E9002C
ETag: "066d4998dbd8b3cf123267ef89a6ff52"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 625653
x-amz-id-2: dEMs0pziRtp+2bRk1SyEvUfsk71U+8uMTjJPo9mc6qcsacBITxEcsFKEkU4zk8R8puEAMXRIunE=

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 29ms
12ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7288424.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd424dd1fef58803d5ddf92c41c2e9c73b330c22e17230e0624b1692fa386b2

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
via: 1.1 ac28147bf6a75debb0811f62b6224e6f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 512
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.219/bundles/pixels-release.js&cfRay=6030a7ab9872dfdb-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07124ef066000005e931ab5000000001
last-modified: Wed, 16 Dec 2020 04:07:59 UTC
server: cloudflare
etag: W/"5fc723fa243f8332f946d23289dfa414"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vmAL7dogmm7dgIudttBlh0K9o0nB7c2g
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6030b42d6da105e9-FRA
x-amz-cf-id: jpm7XRiSDrodEALFSa1Q6jGwl5bgHDmHWg2UiJgXm1eJwhkrK0EOIg==

GET
H2 200 7288424.js Show response
js.hs-analytics.net/analytics/1608208500000/ 60 KB
18 KB 39ms
24ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1608208500000/7288424.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7288424.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c8357d43b17f74ba2e95fb5843f1ddf40af725b88918e9a78e9037b7c474b5

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 165
x-amz-server-side-encryption: AES256
x-amz-request-id: 39FE8E1163CDA3A0
x-amz-id-2: 1r0SYhauveMPB9DNykvuVUfaui5tObyg//LAy1WFX7ZwVvuvNpgU0f0GvblWDrIdZgbujAnZeBY=
last-modified: Mon, 14 Dec 2020 18:33:21 GMT
server: cloudflare
etag: W/"1da31c2f2fd37210942a98bd2c61987d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 07124ef06500000eab261cf000000001
cf-ray: 6030b42d6a130eab-FRA
expires: Thu, 17 Dec 2020 12:41:09 GMT

GET
H2 200 7288424.js Show response
js.hs-banner.com/ 51 KB
13 KB 42ms
26ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7288424.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7288424.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aad91872691380c16ed223c57b1948683bb1206665337e554029011257441e1

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=7ooSEQ==, md5=TnOVpkc1eKIiKo/eY2vSkw==
date: Thu, 17 Dec 2020 12:38:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 165
x-guploader-uploadid: ABg5-UyyAsF_f6DUrPW9zZxdtpQ4qSyqhcaUDhbb27s-9v5qjK6UOj3uZLs39-XsovOFRTx4YV008rfVZFEFsKcwYayb_ymiTA
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 07124ef06d00002be94d19c000000001
timing-allow-origin: *
last-modified: Wed, 09 Dec 2020 21:01:09 GMT
server: cloudflare
etag: W/"4e7395a6473578a2222a8fde636bd293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1607547669297017
access-control-allow-origin: https://cyware.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 52708
cf-ray: 6030b42d7b2c2be9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 17 Dec 2020 12:41:09 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 87 KB
25 KB 56ms
37ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7288424.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413

Request headers

Origin: https://cyware.com
Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
via: 1.1 4638ed8bcd9a9c4a4ffe655049a6e058.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 53396
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.206/bundles/project.js&cfRay=602b9c8f4b472bd6-FRA
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07124ef06a0000c2fe43a99000000001
cf-ray: 6030b42d7e80c2fe-FRA
last-modified: Wed, 18 Nov 2020 03:17:23 UTC
server: cloudflare
etag: W/"8009c15ab0ddd537e87c8961e3793907"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: vK9VzhfTTqVFyznSA1saY0pwTd8plNRY
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: z_XJoEXjFBRP2yW5xGHZ-bWoRyrd78UXWjPjlgZHT_LtsEKFPLumSQ==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
386 B 46ms
14ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=835718161&t=pageview&_s=1&dl=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&dp=%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&ul=en-us&de=UTF-8&dt=SideWinder%20APT%3A%20Active%20and%20Targeting%20South-Asian%20Countries%20%7C%20Cyware%20Alerts%20-%20Hacker%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=862689857&gjid=370990889&cid=455257397.1608208734&tid=UA-74369186-1&_gid=575749863.1608208734&_r=1&_slc=1&z=1848612708

Requested by

Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Dec 2020 12:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4f96684999e450d0bab7.js Show response
production.cyware.com/social/ 21 KB
21 KB 10ms
10ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/4f96684999e450d0bab7.js
Requested by: Host: production.cyware.com
URL: https://production.cyware.com/social/d774a595170355335949.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dab3dc392b427fa80a47eb075f9c3d5c5485f203cdd68e0bf06b9185bffbc14d

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 23:53:43 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:01 GMT
server: AmazonS3
age: 45912
etag: "970f4da6d022de65dc2dfeed327ceae3"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 21620
x-amz-cf-id: eKFJLpyF6EF3D8y74GEqgwAINKlDRuvQETrJ9dYuD_yx3dmKzjL3xQ==

GET
H2 200 d5ecacc692abc5131009.js Show response
production.cyware.com/social/ 16 KB
16 KB 9ms
8ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/d5ecacc692abc5131009.js
Requested by: Host: production.cyware.com
URL: https://production.cyware.com/social/d774a595170355335949.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8336f858ea70793d6472fc6b485f6c3860422eeb72d68fc8700c5d9ecd9c9623

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 21:55:12 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:02 GMT
server: AmazonS3
age: 53023
etag: "5abd538c146b6785888ce11383060509"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 15928
x-amz-cf-id: 7ZSLUT_8eFZ3HjGRoO5vQtxa2qkQrtQ06JjIBTR-ZLXcrc4UwGaXlA==

GET
H2 200 81fe404f670a24fa71fa.js Show response
production.cyware.com/social/ 5 KB
5 KB 8ms
8ms Script
application/javascript 2600:9000:206f:a000:1:d92a:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.cyware.com/social/81fe404f670a24fa71fa.js
Requested by: Host: production.cyware.com
URL: https://production.cyware.com/social/d774a595170355335949.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:1:d92a:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5181ce795e6e315c32deb6862f1ae2ebbd7099a5a698ee66a1ccd731242e606

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:27:16 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Nov 2020 09:40:01 GMT
server: AmazonS3
age: 79899
etag: "3a7d6402de48a6998c4948c8eb82b9a7"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5056
x-amz-cf-id: DWRF5GDh_ocXDYUQI5l6AYdI9asdYFFldv_fWpZd0QMMej94nw3ssw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 42ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-74369186-1&cid=455257397.1608208734&jid=862689857&gjid=370990889&_gid=575749863.1608208734&_u=aEBAAEAAEAAAAC~&z=1205078469

Requested by

Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Dec 2020 12:38:54 GMT
content-type: text/plain
access-control-allow-origin: https://cyware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
708 B 124ms
109ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7288424&utk=

Requested by

Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea17086828c522aa1ef196dec0bd559e97fd7806af1a26639d71b843e11885a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07124ef0b100004aa49d074000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cyware.com
access-control-allow-credentials: false
cf-ray: 6030b42defb54aa4-FRA
access-control-allow-headers: *

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
589 B 133ms
118ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B358B88CFC3E52276D38CF6532B1A0E6EAC383240000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6030b42eb87d325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
cf-request-id: 07124ef1320000325caa94d000000001

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
593 B 41ms
26ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=7288424&pu=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&t=SideWinder+APT%3A+Active+and+Targeting+South-Asian+Countries+%7C+Cyware+Alerts+-+Hacker+News&cts=1608208735887&vi=abd2963c59129b090279189ce7ecb861&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 6030b4376d191f3d-FRA
date: Thu, 17 Dec 2020 12:38:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 07124ef6a000001f3d60168000000001
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 132 B
751 B 127ms
112ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7288424

Requested by

Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42244f0e5c3f64fe7873c0d0788d1e7dd358069c913224b23dc07aaccacbc418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07124ef6a1000005f59a82f000000001
server: cloudflare
x-trace: 2B4A8BE77343A0D839988FBC4C2C48EC041EF6F275000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cyware.com
access-control-allow-credentials: false
cf-ray: 6030b437690b05f5-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 648ms
20ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 12:38:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=84254
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 41ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-712433333

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72a74c3c89099195ec244fdfdf3d8df2a053b29a9089009a52619a8b07f23ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38970
x-xss-protection: 0
last-modified: Thu, 17 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Dec 2020 12:38:56 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 104ms
38ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-712433333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Dec 2020 12:38:56 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/712433333/ 3 KB
2 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712433333/?random=1608208736193&cv=9&fst=1608208736193&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&tiba=SideWinder%20APT%3A%20Active%20and%20Targeting%20South-Asian%20Countries%20%7C%20Cyware%20Alerts%20-%20Hacker%20News&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77fc5afe13eebd7aa164a614d098b3591c5beae32233eacd73a403039edc4119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Dec 2020 12:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/712433333/ 42 B
324 B 20ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/712433333/?random=1608208736193&cv=9&fst=1608206400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&tiba=SideWinder%20APT%3A%20Active%20and%20Targeting%20South-Asian%20Countries%20%7C%20Cyware%20Alerts%20-%20Hacker%20News&async=1&fmt=3&is_vtc=1&random=4274323&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Dec 2020 12:38:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/712433333/ 42 B
552 B 38ms
19ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/712433333/?random=1608208736193&cv=9&fst=1608206400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&tiba=SideWinder%20APT%3A%20Active%20and%20Targeting%20South-Asian%20Countries%20%7C%20Cyware%20Alerts%20-%20Hacker%20News&async=1&fmt=3&is_vtc=1&random=4274323&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Dec 2020 12:38:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 40ms
39ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 12:38:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=64362
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2232740&time=1608208736710&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D8897...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2232740%26time%3D1608208736710%26url%3Dhttps%253A%252F%252Fcyware.com%252Fnews%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2232740&time=1608208736710&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D8897...

0
296 B

110ms
109ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2232740&time=1608208736710&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cyware.com/news/sidewinder-apt-active-and-targeting-south-asian-countries-70764cdf?_hsmi=88974744&_hsenc=p2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 12:38:57 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: aSlnW1OBURZQLALbiSsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
content-length: 0
x-li-uuid: gDwrV1OBURagqFX/GSsAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: C61C62BF8D51458591146E786267CEE1 Ref B: FRAEDGE1311 Ref C: 2020-12-17T12:38:56Z
x-frame-options: sameorigin
date: Thu, 17 Dec 2020 12:38:56 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2232740&time=1608208736710&url=https%3A%2F%2Fcyware.com%2Fnews%2Fsidewinder-apt-active-and-targeting-south-asian-countries-70764cdf%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8bZrIztay64RtM2rUC3VG-XGgOASVyrlbnCDZO8l8ZyPOrsvsek7eEsUW4BHkP6SzON8JtalzDjekP16vSL5R10qzl3KJFmDiDzdXZi1ToYpug1Hc&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 / Show response
debugger.cyware.io/api/14/store/ 41 B
242 B 423ms
130ms Fetch
application/json 3.6.57.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://debugger.cyware.io/api/14/store/?sentry_key=9c07e881c5374efaaa34073581390682&sentry_version=7
Requested by: Host: production.cyware.com
URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.6.57.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-6-57-28.ap-south-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a5e306dddfbeecdcb52764c28da2d2239a5efd6c59737b03bd4ff90cc0b9aca8

Request headers

Referer: https://cyware.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://cyware.com
date: Thu, 17 Dec 2020 12:39:06 GMT
server: nginx/1.14.0 (Ubuntu)
content-type: application/json
content-length: 41
vary: Origin
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyware.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyware.com/	1970-01-20 00:05:04	Name: __hstc Value: 86885063.abd2963c59129b090279189ce7ecb861.1608208735884.1608208735884.1608208735884.1
.cyware.com/	1970-01-20 00:05:04	Name: hubspotutk Value: abd2963c59129b090279189ce7ecb861
.cyware.com/	1970-01-19 14:44:55	Name: _gid Value: GA1.2.575749863.1608208734
.cyware.com/	1970-01-20 08:14:40	Name: _ga Value: GA1.2.455257397.1608208734
.cyware.com/	1970-01-19 14:43:30	Name: __hssc Value: 86885063.1.1608208735884
.cyware.com/	1970-01-19 14:43:28	Name: _gat Value: 1
cyware.com/	1969-12-31 23:59:59	Name: auth.strategy Value: local

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VV_RPr5Flw9QN25DlMFYwvNtW4sKGqD4kJkv3MNrWnS2-HwrV1-WJV7CgNFMW4DjFTR3NBwljW87DNBf1LWRS0W6Pl_lL69zRjrN4H3ctF9yh_BW2VS1Xk1lhq8VVllhrp2PWNZ-VKZgyR813G5fW5wWm-w19thyFN3RdFfhl3PNWVhZWxj3TWgwnW2r0LRs61dP05W8pMCNG2M-sgRW7Nf9xW2YgdqDW3-3QxN1t4y4dW5nhLbx8s8WLvVWqNjY68ygHsW1p6Bk24SpTywW7p72ZT8Vh2LVW1Drw5W5wC3_TW1x33BZ8V3zHWW6KvcXV2dP0vvW5PJSrJ643gjKW6fNgZK8bPCnLW3HBc1f5XWJYXVDXwxd48Tc6hW7-VDDv6RHPhw3jSn1(Line 13) Message: toS
console-api	log	URL: https://production.cyware.com/social/ab3c3fdc11d8a5319fde.js(Line 2) Message: default

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cyware-ent.s3.amazonaws.com
cyware.com
debugger.cyware.io
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
info.silobreaker.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
polyfill.io
production.cyware.com
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
199.60.103.254
216.58.208.34
2600:9000:206f:a000:1:d92a:12c0:93a1
2606:4700::6810:5805
2606:4700::6811:43b0
2606:4700::6811:72b0
2606:4700::6811:83ab
2606:4700::6811:b749
2606:4700::6811:c8cc
2606:4700::6811:d2cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:814::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200e
2a00:1450:4001:825::2002
2a00:1450:400c:c0c::9d
2a02:26f0:6c00:28c::25ea
2a04:4e42:200::621
2a05:f500:10:101::b93f:9105
3.6.57.28
52.218.204.226
52.24.100.176
057839035b660b390bcd2dc55ef31b6395fb51eeb55ede9e03139b6b27c9df93
0ea17086828c522aa1ef196dec0bd559e97fd7806af1a26639d71b843e11885a
144f3e783ff9333379de9720b8182e7e1115f51ef29a58059c8be590557b7470
194bf057cf24ac499b27acd6017d5eb780c2ec352c826780e90147ff14e997a2
1a6f5b70c11a59bd2b27a534812185b21e5c2c4a4367a69bf7069ebee21fdd07
1c29911377afb700041f265d91ae3443493511c92e0b7944ad177684f3971fd3
2cd424dd1fef58803d5ddf92c41c2e9c73b330c22e17230e0624b1692fa386b2
325bb368e3fc5a1f6ad31c10e3038e41568383733c767ce3d81d88baba391ff8
362a0e2e2456de5b41e7d16ccfe9c8f535c7eeb4b87b57372b1632ef210ea4f9
36c8357d43b17f74ba2e95fb5843f1ddf40af725b88918e9a78e9037b7c474b5
3bbc3caa2f3515d496602dc7f4b05045d0d76c573d7ec2ac90af95e8da62fb77
3d2e8b49e8529d1acbd9834ac3ea1993ef3d37323bacac1acf2823cfa3939916
3e433016348890b3b3d700e08eece1d3d594666360640e134124bf4668c546ef
42244f0e5c3f64fe7873c0d0788d1e7dd358069c913224b23dc07aaccacbc418
49b453a76c6d7d21b1f181d16536548dbc92ce8632e51f5c04af3c5c3e523a4f
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72a74c3c89099195ec244fdfdf3d8df2a053b29a9089009a52619a8b07f23ab5
74d8bcba84408837591b6a12b342594272aad99a02eafe4a0280e6f8a444dea2
77fc5afe13eebd7aa164a614d098b3591c5beae32233eacd73a403039edc4119
7aad91872691380c16ed223c57b1948683bb1206665337e554029011257441e1
8336f858ea70793d6472fc6b485f6c3860422eeb72d68fc8700c5d9ecd9c9623
96a7314e869a10ee0bee5c01bd194cc6798f808554a4da5c5fd58dbc21710a08
a5e306dddfbeecdcb52764c28da2d2239a5efd6c59737b03bd4ff90cc0b9aca8
a6d68a7cb4bae99cc7609396c43838a1e77d1137f8a84234703b30ef07def11a
a71d2ac931ae65101358dc45c6e49d6201ecafc8d9f492139880341aac780f5f
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8783d5fa087983659871825aaf0c0582509f3fce9174bfbe4d811a6ff04bfb8
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bf14630e55d7f5bfb8c32d7dee628dca8b518c7e4882e1c1bc967a54bdd35eb8
c5181ce795e6e315c32deb6862f1ae2ebbd7099a5a698ee66a1ccd731242e606
c5636027d157543583d21ae2574222e4b4ff16ebf12d5a70d6f074940195fb92
d16896edf8050f6a0cd7a7b9359ca7522be23382eac47ada9aa693c88cc519d1
d6aa44d7515541e116c9a091bb0b5a70e4f81728126347261635b5cda6aec1e4
dab3dc392b427fa80a47eb075f9c3d5c5485f203cdd68e0bf06b9185bffbc14d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e530afcd39959ea41c6c4d2fc2c4fd097b0ae5bed210dcaf8bad0cd60d31a5ba
e826d935d47368be20db00e7102b0d5a48c85b4ee9756c3283f673e2806e85fb
ec6b9513987f66b5903cebdb93bcc616b68f9909f647d3f50b7a6544dcfd9e2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

cyware.com Open in urlscan Pro 52.24.100.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

82 %IPv6

24 Domains

28 Subdomains

28 IPs

6 Countries

2869 kBTransfer

3757 kBSize

8 Cookies

11 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cyware.com Open in urlscan Pro
52.24.100.176 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

82 %
IPv6

24
Domains

28
Subdomains

28
IPs

6
Countries

2869 kB
Transfer

3757 kB
Size

8
Cookies

46 HTTP transactions
3 data transactions