www.flashpoint-intel.com Open in urlscan Pro
2606:4700::6810:92e4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Submission: On February 22 via api (February 22nd 2022, 3:17:16 pm UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 78 HTTP transactions. The main IP is 2606:4700::6810:92e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.flashpoint-intel.com. The Cisco Umbrella rank of the primary domain is 867693.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 18th 2020. Valid for: 2 years.

This is the only time www.flashpoint-intel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	2606:4700::68... 2606:4700::6810:92e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba08	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 1	143.204.98.27 143.204.98.27	16509 (AMAZON-02) (AMAZON-02)
8	143.204.98.7 143.204.98.7	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.24 108.174.10.24	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
2	75.2.88.188 75.2.88.188	16509 (AMAZON-02) (AMAZON-02)
1	34.255.23.179 34.255.23.179	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
1	54.229.161.68 54.229.161.68	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	52.202.69.186 52.202.69.186	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	15.197.143.135 15.197.143.135	16509 (AMAZON-02) (AMAZON-02)
78	21

46 2606:4700::6810:92e4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.flashpoint-intel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba08 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.27 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-27.fra50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.98.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:22::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.24 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-24.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.88.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.23.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-23-179.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.161.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-161-68.eu-west-1.compute.amazonaws.com

ws34.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.143.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	flashpoint-intel.com www.flashpoint-intel.com — Cisco Umbrella Rank: 867693	10 MB
10	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 1943 downloads.intercomcdn.com — Cisco Umbrella Rank: 22021	494 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 574 script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809 in.hotjar.com — Cisco Umbrella Rank: 1615 ws34.hotjar.com — Cisco Umbrella Rank: 58477	67 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	4 KB
3	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 1922 api-iam.intercom.io — Cisco Umbrella Rank: 2489	4 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3601	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	3 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 311	716 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	14 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2057	257 B
1	google.de www.google.de — Cisco Umbrella Rank: 6342	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67	448 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 7499	477 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	61 KB
78	16

	Domain	Requested by
46	www.flashpoint-intel.com	www.flashpoint-intel.com
8	js.intercomcdn.com	www.flashpoint-intel.com widget.intercom.io js.intercomcdn.com
2	downloads.intercomcdn.com	js.intercomcdn.com
2	pi.pardot.com	www.flashpoint-intel.com pi.pardot.com
2	api-iam.intercom.io	js.intercomcdn.com
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.flashpoint-intel.com
2	snap.licdn.com	www.flashpoint-intel.com snap.licdn.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.flashpoint-intel.com
1	ws34.hotjar.com	www.flashpoint-intel.com
1	vc.hotjar.io	www.flashpoint-intel.com
1	in.hotjar.com	www.flashpoint-intel.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.de	www.flashpoint-intel.com
1	www.google.com	www.flashpoint-intel.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.flashpoint-intel.com
1	px4.ads.linkedin.com	www.flashpoint-intel.com
1	www.linkedin.com	1 redirects
1	ws.zoominfo.com	www.flashpoint-intel.com
1	static.hotjar.com	www.googletagmanager.com
1	widget.intercom.io	1 redirects
1	www.googletagmanager.com	www.flashpoint-intel.com
78	24

This site contains links to these domains. Also see Links.

Domain
go.flashpoint-intel.com
partners.flashpoint-intel.com
www.linkedin.com
twitter.com
www.facebook.com
www.cybercom.mil
www.justice.gov

Subject Issuer	Validity	Valid
flashpoint-intel.com DigiCert SHA2 Secure Server CA	`2020-08-18` - `2022-10-26`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.intercom.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
intercom-attachments-10.com Amazon	`2021-09-07` - `2022-10-06`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Frame ID: 057545B67C71A741390EC93BF3554AD6
Requests: 67 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7651dd45.js
Frame ID: 499AEDED950A9BA30EBF8F5B03F565B9
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: BCCF3F8E1382E96DEE42A83ADCCCA4CE
Requests: 1 HTTP requests in this frame

Frame: https://downloads.intercomcdn.com/i/o/288682/b6d0d1fa5d015c82aaa5951c/39df927405441a85e75b079fbb116bd9.png
Frame ID: 12174BB62D649D610F9977B96E7ED63C
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: C61844E09981A06640B3CFA26B065223
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MuddyWater: Who's Behind the Iranian Cyber Threat Actor Group?

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

78
Requests

97 %
HTTPS

42 %
IPv6

16
Domains

24
Subdomains

21
IPs

4
Countries

11101 kB
Transfer

14512 kB
Size

22
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://go.flashpoint-intel.com/trial/30days
Title: Start a Free Trial

Search URL Search Domain Scan URL

URL: https://partners.flashpoint-intel.com/
Title: Become a Partner Interested in joining one of our Partner Programs?

Search URL Search Domain Scan URL

URL: https://go.flashpoint-intel.com/access/collective-intelligence-report
Title: image/svg+xml image/svg+xml Subscribe

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor&title=Who%E2%80%99s%20Behind%20Iranian%20Cyber%20Threat%20Actor%20Group%20MuddyWater?&summary=&source=

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=%2F&text=Who%E2%80%99s+Behind+Iranian+Cyber+Threat+Actor+Group+MuddyWater%3F%20https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?p[url]=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor

Search URL Search Domain Scan URL

URL: https://www.cybercom.mil/Media/News/Article/2897570/iranian-intel-cyber-suite-of-malware-uses-open-source-tools/
Title: attributed

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-nj/pr/two-iranian-nationals-charged-cyber-theft-and-defacement-campaign-against-computer
Title: indicted by the US Department of Justice

Search URL Search Domain Scan URL

URL: https://go.flashpoint-intel.com/access/blog/trial90
Title: Sign up for a free trial

Search URL Search Domain Scan URL

URL: https://go.flashpoint-intel.com/blog/request-a-demo/
Title: request a demo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/flashpoint-intel/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/flashpointintel
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/flashpointintel/
Title: Facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://widget.intercom.io/widget/h96kfhua HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D287753%26time%3D1645543030286%26url%3Dhttps%253A%252F%252Fwww.flashpoint-intel.com%252Fblog%252Fmuddywater-iranian-cyber-threat-actor%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&liSync=true&e_ipv6=AQKfan-5XhWQ9AAAAX8iAgBgPsC8WxxTtcnDD6X4fKppz9nRWUyevd5pc0PdCCijWsvBmKmUqA

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/ 309 KB
70 KB 613ms
553ms Document
text/html 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852f259343b75ead0b3f69c905a0f93105ff202e8fdcfaa0fd257be35682d3f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=600
Content-Security-Policy: frame-ancestors 'none'
Link: <https://www.flashpoint-intel.com/wp-json/>; rel="https://api.w.org/" <https://www.flashpoint-intel.com/wp-json/wp/v2/posts/12453>; rel="alternate"; type="application/json" <https://www.flashpoint-intel.com/?p=12453>; rel=shortlink
Permissions-Policy: geolocation=(self "https://flashpoint-intel.com") microphone=() camera=()
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=15552000
Traceparent: 00-4d982e7951b64e09ab92807485e2db66-a6ff591ffa490f70-00
X-Cloud-Trace-Context: 4d982e7951b64e09ab92807485e2db66/12033434723235204976;o=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-4fsk2
X-Styx-Req-Id: 80cae0df-93f2-11ec-9bd9-92f7ed4c6de9
X-Xss-Protection: 1; mode=block
X-Served-By: cache-mdw17341-MDW, cache-mxp6958-MXP
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1645543029.314792,VS0,VE473
Vary: Accept-Encoding, Cookie, Cookie
Age: 0
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 6e192dfcdb520e0e-MXP
Content-Encoding: gzip

GET
H/1.1 200
OK all.min.css
www.flashpoint-intel.com/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/ 46 KB
12 KB 52ms
50ms Stylesheet
text/css 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/all.min.css?ver=1645480350

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7555
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-vsrf4
X-Cache: HIT, HIT
X-Cloud-Trace-Context: f674084df82643e789f7c29acca1d074/8490823322077043525;o=0
Connection: keep-alive
Content-Length: 11700
X-Served-By: cache-mdw17376-MDW, cache-mxp6920-MXP
Last-Modified: Sat, 19 Feb 2022 17:52:31 GMT
Server: cloudflare
Traceparent: 00-f674084df82643e789f7c29acca1d074-75d576d33b011b45-00
X-Timer: S1645535474.159754,VS0,VE2
Etag: W/"62112e5f-b752"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:09 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e008b2d0e0e-MXP
X-Styx-Req-Id: 2613b4ee-9361-11ec-b1b9-5ecf98a6968c
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK style.min.css
www.flashpoint-intel.com/wp-includes/css/dist/block-library/ 77 KB
15 KB 85ms
42ms Stylesheet
text/css 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 174456
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-hq6h2
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 8d9d9ec0db7e42f9b0830913c0666aea/2590019246103492873;o=0
Connection: keep-alive
Content-Length: 14094
X-Served-By: cache-mdw17322-MDW, cache-mxp6975-MXP
Last-Modified: Fri, 11 Feb 2022 01:46:00 GMT
Server: cloudflare
Traceparent: 00-8d9d9ec0db7e42f9b0830913c0666aea-23f198c8256c7909-00
X-Timer: S1645368573.403558,VS0,VE1
Etag: W/"6205bfd8-1357b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:09 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e00cb453742-MXP
X-Styx-Req-Id: 68ebc9d3-8adc-11ec-867e-aa876aa2fc93
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK blocks.style.build.css
www.flashpoint-intel.com/wp-content/plugins/atomic-blocks/dist/ 44 KB
9 KB 180ms
135ms Stylesheet
text/css 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/plugins/atomic-blocks/dist/blocks.style.build.css?ver=1645480350

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aea74fa8de4d5a91fd7de7396b304a6e180d6395b8662e2932092d7138a40ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4231
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-ndqlg
X-Cache: HIT, HIT
X-Cloud-Trace-Context: d0c60c9ac291454f853638380e40868f/18099556710849985565;o=0
Connection: keep-alive
Content-Length: 8557
X-Served-By: cache-mdw17346-MDW, cache-mxp6946-MXP
Last-Modified: Mon, 21 Feb 2022 21:52:30 GMT
Server: cloudflare
Traceparent: 00-d0c60c9ac291454f853638380e40868f-fb2e8aeed6403c1d-00
X-Timer: S1645538798.409397,VS0,VE107
Etag: W/"6214099e-af72"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:09 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e00c8410e26-MXP
X-Styx-Req-Id: 262b904b-9361-11ec-ae0a-8abdc849e2cd
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK main_1cc42a5a.css
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/ 583 KB
66 KB 92ms
46ms Stylesheet
text/css 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0febc76c1002f79d0923f61f9265c68edfceb783b5379f7f5345bf993c0d12c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 158586
X-Pantheon-Styx-Hostname: styx-fe2-b-84558bcd68-wmx8t
X-Cache: MISS, HIT
X-Cloud-Trace-Context: ea67c67c42474479b9eb2571d1d8e6c3/17848768336573580094;o=0
Connection: keep-alive
Content-Length: 67087
X-Served-By: cache-mdw17369-MDW, cache-mxp6932-MXP
Last-Modified: Wed, 19 Jan 2022 07:24:15 GMT
Server: cloudflare
Traceparent: 00-ea67c67c42474479b9eb2571d1d8e6c3-f7b3903c3bb5433e-00
X-Timer: S1645384444.787751,VS0,VE3
Etag: W/"61e7bc9f-91d3b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:09 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e00cc22839d-MXP
X-Styx-Req-Id: 6a8c4ee8-7903-11ec-a0f1-a6bcc005142a
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery.min.js Show response
www.flashpoint-intel.com/wp-includes/js/jquery/ 87 KB
36 KB 95ms
46ms Script
application/x-javascript 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 110941
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-2fghz
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 62b59787cdd14e6888ab18c9de4380bf/2939008717772974100;o=0
Connection: keep-alive
Content-Length: 36052
X-Served-By: cache-mdw17368-MDW, cache-mxp6950-MXP
Last-Modified: Tue, 08 Feb 2022 17:54:23 GMT
Server: cloudflare
Traceparent: 00-62b59787cdd14e6888ab18c9de4380bf-28c974db76a26814-00
X-Timer: S1645432089.817268,VS0,VE2
Etag: W/"6202ae4f-15db1"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:09 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e00deb6374b-MXP
X-Styx-Req-Id: d5cb99ad-899c-11ec-ab81-8a09d522465a
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.flashpoint-intel.com/wp-includes/js/jquery/ 11 KB
5 KB 151ms
101ms Script
application/x-javascript 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 110941
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-wmswh
X-Cache: MISS, HIT
X-Cloud-Trace-Context: 6575f08a2c3c47f1812c04914b9fcd35/1577999923837911882;o=0
Connection: keep-alive
Content-Length: 4565
X-Served-By: cache-mdw17348-MDW, cache-mxp6962-MXP
Last-Modified: Sun, 06 Feb 2022 20:08:00 GMT
Server: cloudflare
Traceparent: 00-6575f08a2c3c47f1812c04914b9fcd35-15e62e91f3f3c34a-00
X-Timer: S1645432089.802013,VS0,VE2
Etag: W/"62002aa0-2bd8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:09 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e00dfac59dd-MXP
X-Styx-Req-Id: 6ba723c4-88a2-11ec-97a6-0ec25f63667b
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK team-01_dde467a5.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 90 KB
91 KB 54ms
53ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-01_dde467a5.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe86959772a2362a4e6a685bed0df2f2629761362f3f2cf35a779e54546395d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 174456
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 4ecb39da36164eb991859663f6469c1d/15762704453586671955;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 92112
X-Served-By: cache-mdw17320-MDW, cache-mxp6973-MXP
Last-Modified: Mon, 31 Jan 2022 19:23:19 GMT
Server: cloudflare
Traceparent: 00-4ecb39da36164eb991859663f6469c1d-dac0602fa7805953-00
X-Timer: S1645368574.091471,VS0,VE3
Etag: "61f83727-167d0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 38bd93fd-844d-11ec-9c08-92a9df764454
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e01bf05839d-MXP
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-znj2x

GET
H/1.1 200
OK team-02_796bb7a8.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 120 KB
121 KB 62ms
60ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-02_796bb7a8.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b5347eb3e2c9fe004a0d59df4bc4506b8c5316ba3511826546a96bdc457472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 357440
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 6baff11b4165412fab5f89e5e18f0fc0/16940163843714581314;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 122575
X-Served-By: cache-mdw17367-MDW, cache-mxp6967-MXP
Last-Modified: Mon, 07 Feb 2022 06:39:55 GMT
Server: cloudflare
Traceparent: 00-6baff11b4165412fab5f89e5e18f0fc0-eb178d4355860342-00
X-Timer: S1645185591.647787,VS0,VE3
Etag: "6200bebb-1decf"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 2dffd65f-889b-11ec-867e-aa876aa2fc93
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e01c8dc374b-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-hq6h2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
61 KB 64ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FRCGD4

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e12b2cd83ce1e240ac05e403c9656c619063d139029773044e0d6c65f3f3d57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:17:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61551
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Feb 2022 15:17:10 GMT

GET
H/1.1 200
OK team-03_739f5f44.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 110 KB
111 KB 72ms
70ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-03_739f5f44.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8820976d75ce377cacb5eda2b581c8ddbfc02c90a6577da0090af0f95f4eb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 158587
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 173580c5ad4b4461be86a6f1c055363e/8256704861051909451;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 112640
X-Served-By: cache-mdw17327-MDW, cache-mxp6979-MXP
Last-Modified: Thu, 17 Feb 2022 03:54:49 GMT
Server: cloudflare
Traceparent: 00-173580c5ad4b4461be86a6f1c055363e-7295b553423d754b-00
X-Timer: S1645384444.888124,VS0,VE3
Etag: "620dc709-1b800"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 7fd7d736-903a-11ec-88f4-3e635db8b1af
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e01bda33742-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-mdcdv

GET
H/1.1 200
OK team-05_ed5037a7.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 75 KB
76 KB 51ms
50ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-05_ed5037a7.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b962d3e7f9a65e260688706ef7dc664b05756a0d3dfac3470fc4d36aff5a1282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 230973
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 6d4bdf98c6d846e38348374e18611725/3230016531374156580;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 76750
X-Served-By: cache-mdw17341-MDW, cache-mxp6960-MXP
Last-Modified: Tue, 01 Feb 2022 01:23:55 GMT
Server: cloudflare
Traceparent: 00-6d4bdf98c6d846e38348374e18611725-2cd352ec03322b24-00
X-Timer: S1645312057.472045,VS0,VE88
Etag: "61f88bab-12bce"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: a4e91e1d-8442-11ec-8c2f-7a0916e9ff64
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e01bdab0e0e-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-pvhmk

GET
H/1.1 200
OK team-06_b2f0bafe.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 87 KB
88 KB 373ms
149ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-06_b2f0bafe.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f02dce8388e9b24ba79a29199af79c94c5cf558c14953384bf2a69bd50d80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 158586
X-Cache: HIT, HIT
X-Cloud-Trace-Context: bf8804d4f835417db6e61554b013ed33/16211289531209846584;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 88629
X-Served-By: cache-mdw17349-MDW, cache-mxp6920-MXP
Last-Modified: Tue, 25 Jan 2022 18:57:42 GMT
Server: cloudflare
Traceparent: 00-bf8804d4f835417db6e61554b013ed33-e0fa11f002c58f38-00
X-Timer: S1645384444.000499,VS0,VE3
Etag: "61f04826-15a35"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: a36f40bd-7eeb-11ec-b64f-82398fc421b3
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e038d98374b-MXP
X-Pantheon-Styx-Hostname: styx-fe2-a-d77fd7799-v62rc

GET
H/1.1 200
OK team-16_a9fd964a.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 217 KB
218 KB 221ms
71ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-16_a9fd964a.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5742f6de43f504d7e3dd7826bf9e163a56d972de652f55c1086e4f2ac6b07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 230973
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 90234cb3a0fb41be891d3de8cd14bb31/9507017826672320014;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 222680
X-Served-By: cache-mdw17341-MDW, cache-mxp6932-MXP
Last-Modified: Wed, 02 Feb 2022 17:22:24 GMT
Server: cloudflare
Traceparent: 00-90234cb3a0fb41be891d3de8cd14bb31-83efb657d01c1e0e-00
X-Timer: S1645312058.965696,VS0,VE3
Etag: "61fabdd0-365d8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 72d7131b-848a-11ec-a945-26aabb7f4d8f
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e030c28374b-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-csqbs

GET
H/1.1 200
OK team-12_df9baa73.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 183 KB
184 KB 311ms
48ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-12_df9baa73.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c4c5352482c0956c44b18de24e30c594135c2e0f5604eb2ca06f1c76184fea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 158586
X-Cache: HIT, HIT
X-Cloud-Trace-Context: cdcec698c80d486f837c408d76d7cbb0/4158957875641382397;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 187137
X-Served-By: cache-mdw17370-MDW, cache-mxp6923-MXP
Last-Modified: Sun, 13 Feb 2022 06:38:22 GMT
Server: cloudflare
Traceparent: 00-cdcec698c80d486f837c408d76d7cbb0-39b796271d6af5fd-00
X-Timer: S1645384444.102936,VS0,VE3
Etag: "6208a75e-2db01"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: fb0317fa-8d69-11ec-867e-aa876aa2fc93
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e03ccd5839d-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-hq6h2

GET
H/1.1 200
OK team-09_b7e51625.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 52 KB
53 KB 196ms
58ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-09_b7e51625.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6126ddee9ed041caa389e70809079287aef87d3007f40ffe25a4f8aa0f77d138

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 3849
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 54b4fc37d0454fcb8ab15aeba483bd03/2367653451522904451;o=0
X-Cache-Hits: 1, 19
Connection: keep-alive
Content-Length: 52846
X-Served-By: cache-mdw17347-MDW, cache-mxp6939-MXP
Last-Modified: Wed, 02 Feb 2022 17:22:24 GMT
Server: cloudflare
Traceparent: 00-54b4fc37d0454fcb8ab15aeba483bd03-20db984511401183-00
X-Timer: S1645539182.889889,VS0,VE1
Etag: "61fabdd0-ce6e"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 77783690-856d-11ec-9cdd-ba6b4cf7063b
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e02faaa839d-MXP
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-8nl9r

GET
H/1.1 200
OK team-10_c247b8d7.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 63 KB
64 KB 182ms
99ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-10_c247b8d7.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d39b5d476a9b3934a9a9c6995c58726f77a57d8d75df6d0c600a2d5e6ab9cb26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-mxfq4
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 5335bb517f114216acf68a41a687a2cc/18095894397594945537;o=0
Connection: keep-alive
Content-Length: 64711
X-Served-By: cache-mdw17354-MDW, cache-mxp6962-MXP
Last-Modified: Mon, 07 Feb 2022 06:39:55 GMT
Server: cloudflare
Traceparent: 00-5335bb517f114216acf68a41a687a2cc-fb21881415a0c801-00
X-Timer: S1645543030.249866,VS0,VE2
Etag: "6200bebb-fcc7"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: ce88858e-88b6-11ec-9102-1ebc0f368443
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e02abc30e26-MXP
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK team-11_1cc22301.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 68 KB
69 KB 345ms
45ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-11_1cc22301.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bb5eb7ce570818793475248d974bac20b13c01704fd507b3b61aa69c731a5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 167869
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 111d271408f44565952d8c4a199b9fba/17202575087799974028;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 69568
X-Served-By: cache-mdw17328-MDW, cache-mxp6942-MXP
Last-Modified: Tue, 08 Feb 2022 05:07:25 GMT
Server: cloudflare
Traceparent: 00-111d271408f44565952d8c4a199b9fba-eebbd2e6324d388c-00
X-Timer: S1645375162.960065,VS0,VE2
Etag: "6201fa8d-10fc0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 57a2331f-893e-11ec-867e-aa876aa2fc93
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e03fe070e26-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-hq6h2

GET
H/1.1 200
OK team-13_5268a2a1.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 3 MB
3 MB 386ms
73ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-13_5268a2a1.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffab7a77a38e0a2b06cab1b19ddf3c532d18d6ad776e44c3c92817e89a69ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 174453
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 5d927d74b9b5412e90f9201a9460ff08/5559828404129032532;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 3661159
X-Served-By: cache-mdw17324-MDW, cache-mxp6950-MXP
Last-Modified: Sat, 19 Feb 2022 17:52:32 GMT
Server: cloudflare
Traceparent: 00-5d927d74b9b5412e90f9201a9460ff08-4d287a79f03ce954-00
X-Timer: S1645368577.030287,VS0,VE196
Etag: "62112e60-37dd67"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: efab70ab-91bb-11ec-a750-26ee24a5d31a
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e040d88839d-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-zlf6l

GET
H/1.1 200
OK team-p2_3cc5518f.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 215 KB
216 KB 276ms
93ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-p2_3cc5518f.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

583025bcc143a77dd913f511e8238c3ba1cd48e964ee3e6de12785da07562c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-pvh5n
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 94109184a5f1458bbe3c5ce0e1693796/7923845336985539200;o=0
Connection: keep-alive
Content-Length: 220520
X-Served-By: cache-mdw17328-MDW, cache-mxp6959-MXP
Last-Modified: Sun, 06 Feb 2022 20:08:00 GMT
Server: cloudflare
Traceparent: 00-94109184a5f1458bbe3c5ce0e1693796-6df7275a06289280-00
X-Timer: S1645543030.342117,VS0,VE2
Etag: "62002aa0-35d68"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: f27e6ee1-8891-11ec-ba21-225dbba3b756
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e033cc10e26-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK team-17_aa8ef4f4.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 14 KB
15 KB 149ms
58ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-17_aa8ef4f4.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f16563c7430e464d17e45e6847b9ee31d079ca9ada4003fa16a08d194a51701

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 861719
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 895e346dea934c84a2a0299eddc98155/5355337583426400956;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 14019
X-Served-By: cache-mdw17335-MDW, cache-mxp6975-MXP
Last-Modified: Mon, 24 Jan 2022 16:24:55 GMT
Server: cloudflare
Traceparent: 00-895e346dea934c84a2a0299eddc98155-4a51fb28886df2bc-00
X-Timer: S1644681311.227242,VS0,VE1
Etag: "61eed2d7-36c3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 476adf34-7dea-11ec-a50a-ae84e7b00756
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e02ab20374b-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-7cccddbd66-hbmrf

GET
H/1.1 200
OK team-18_4191458c.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 144 KB
145 KB 280ms
59ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-18_4191458c.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1c8c5c9dd5cbf22ff891fc530190665150f7c5a741d7a12084b09a8e8ea8fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 168484
X-Cache: HIT, HIT
X-Cloud-Trace-Context: fdf890d0eea5429fb3e5c9bd192fc77e/3917833871815377341;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 147140
X-Served-By: cache-mdw17334-MDW, cache-mxp6967-MXP
Last-Modified: Tue, 25 Jan 2022 18:57:43 GMT
Server: cloudflare
Traceparent: 00-fdf890d0eea5429fb3e5c9bd192fc77e-365ef1261a8c81bd-00
X-Timer: S1645374547.778402,VS0,VE3
Etag: "61f04827-23ec4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: a5ed8743-7eeb-11ec-9163-56074e28941c
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e0379600e0e-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-7cccddbd66-df2mq

GET
H/1.1 200
OK team-15_6b0ac516.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 119 KB
120 KB 259ms
63ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-15_6b0ac516.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

459ed44f1fb10c33b879bf62d34792c580eebadbd74d1085bcaa6cefc3912272

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 168484
X-Cache: HIT, HIT
X-Cloud-Trace-Context: e61030488f844e349ce3d24e58904abb/13472569270633039350;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 121596
X-Served-By: cache-mdw17359-MDW, cache-mxp6973-MXP
Last-Modified: Tue, 15 Feb 2022 09:24:59 GMT
Server: cloudflare
Traceparent: 00-e61030488f844e349ce3d24e58904abb-baf82e5ef3ed05f6-00
X-Timer: S1645374547.820437,VS0,VE2
Etag: "620b716b-1dafc"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 60d7763e-8f5e-11ec-b1b9-5ecf98a6968c
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e035bb8839d-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-vsrf4

GET
H/1.1 200
OK team-14_ba3b9cba.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 1 MB
1 MB 331ms
48ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/team-14_ba3b9cba.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

811c67d5fb1a9f572a6da82f523b749f3fbd74d29444945b1b7c2e09faaac2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 174452
X-Cache: HIT, MISS
X-Cloud-Trace-Context: ac9fd6a9b212464ebbf3794ac8fcdc99/8998594030773019944;o=0
X-Cache-Hits: 1, 0
Connection: keep-alive
Content-Length: 1451271
X-Served-By: cache-mdw17340-MDW, cache-mxp6932-MXP
Last-Modified: Sun, 20 Feb 2022 07:07:34 GMT
Server: cloudflare
Traceparent: 00-ac9fd6a9b212464ebbf3794ac8fcdc99-7ce16d982a2d2528-00
X-Timer: S1645368578.399681,VS0,VE148
Etag: "6211e8b6-162507"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: ab88853a-922b-11ec-ae0a-8abdc849e2cd
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e03eae93742-MXP
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-ndqlg

GET
H/1.1 200
OK board-05_83e1aba9.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 123 KB
124 KB 360ms
71ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/board-05_83e1aba9.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b967a0ee6d98086ba75f2953596bb4221ea54fa1321a2252d14e6d5a6e5bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-pvh5n
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 0ef3ec3cc15f49e09eb444b64afbed22/16304823296392071329;o=0
Connection: keep-alive
Content-Length: 126315
X-Served-By: cache-mdw17361-MDW, cache-mxp6955-MXP
Last-Modified: Mon, 31 Jan 2022 19:23:19 GMT
Server: cloudflare
Traceparent: 00-0ef3ec3cc15f49e09eb444b64afbed22-e2465e66c2f688a1-00
X-Timer: S1645543030.425606,VS0,VE3
Etag: "61f83727-1ed6b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: a5431fc0-8442-11ec-ba21-225dbba3b756
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e03ea340e0e-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK board-02_3e3701c8.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 111 KB
112 KB 376ms
68ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/board-02_3e3701c8.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aac9b5730a218deb9e6fe546d20613159a6875e86e0e3c1956792a98572d3c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 158586
X-Cache: HIT, HIT
X-Cloud-Trace-Context: c720e51b220240208f02e56fb14c3af1/4357701403809984574;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 113520
X-Served-By: cache-mdw17379-MDW, cache-mxp6982-MXP
Last-Modified: Tue, 08 Feb 2022 05:07:25 GMT
Server: cloudflare
Traceparent: 00-c720e51b220240208f02e56fb14c3af1-3c79aa56b350b03e-00
X-Timer: S1645384444.244044,VS0,VE3
Etag: "6201fa8d-1bb70"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 6794ca50-8a48-11ec-8eb2-82766250eaa0
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e0409a759dd-MXP
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-5dwfp

GET
H/1.1 200
OK board-03_9267ceaf.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 137 KB
138 KB 303ms
52ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/board-03_9267ceaf.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

148cd6d30f6954020f949f1a6302610d3a11e3aca07e281cd249a0f679aacea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 158586
X-Cache: HIT, HIT
X-Cloud-Trace-Context: b8dab03f4b6247cabf079134c9963dcc/2253678445226298498;o=0
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 140758
X-Served-By: cache-mdw17366-MDW, cache-mxp6931-MXP
Last-Modified: Sun, 16 Jan 2022 14:39:35 GMT
Server: cloudflare
Traceparent: 00-b8dab03f4b6247cabf079134c9963dcc-1f46ac9afdab0c82-00
X-Timer: S1645384444.385781,VS0,VE3
Etag: "61e42e27-225d6"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 755cdda7-7722-11ec-b339-c2d75d2bcff5
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e03a88c59dd-MXP
X-Pantheon-Styx-Hostname: styx-fe2-a-54cb89b9bf-fs7rw

GET
H/1.1 200
OK board-01_74cf885f.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 131 KB
132 KB 189ms
94ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/board-01_74cf885f.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a62fbaefa86e2168c98707a24025fa3b168710084d1db20c5de4618d94fd7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 230971
X-Cache: MISS, HIT
X-Cloud-Trace-Context: 6c9253dfe4794d8f97c3a66e77dc728b/3437681218484772014;o=0
X-Cache-Hits: 0, 1
Connection: keep-alive
Content-Length: 134510
X-Served-By: cache-mdw17342-MDW, cache-mxp6976-MXP
Last-Modified: Mon, 07 Feb 2022 06:39:55 GMT
Server: cloudflare
Traceparent: 00-6c9253dfe4794d8f97c3a66e77dc728b-2fb518dac6d11cae-00
X-Timer: S1645312060.507446,VS0,VE2
Etag: "6200bebb-20d6e"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 5a5be389-88c0-11ec-867e-aa876aa2fc93
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e02bda859dd-MXP
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-hq6h2

GET
H/1.1 200
OK board-06_d47cfbf0.jpg
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/ 74 KB
75 KB 136ms
51ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/sections/about/board-06_d47cfbf0.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f954a07853af21b33239fbb81226eb3a6239434d676a376a5bfffd48931e99c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 158586
X-Cache: HIT, HIT
X-Cloud-Trace-Context: a392d8ed65dd4b1c9d5171479f02790e/11491220695430470121;o=0
X-Cache-Hits: 2, 1
Connection: keep-alive
Content-Length: 76194
X-Served-By: cache-mdw17358-MDW, cache-mxp6952-MXP
Last-Modified: Sun, 13 Feb 2022 05:06:24 GMT
Server: cloudflare
Traceparent: 00-a392d8ed65dd4b1c9d5171479f02790e-9f790456e2c019e9-00
X-Timer: S1645384444.482115,VS0,VE2
Etag: "620891d0-129a2"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 2922aa97-8d37-11ec-9bd9-92f7ed4c6de9
Cf-Bgj: h2pri
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e02a99a839d-MXP
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-4fsk2

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.flashpoint-intel.com/wp-includes/js/ 18 KB
7 KB 77ms
76ms Script
application/x-javascript 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-mdcdv
X-Cache: HIT, HIT
X-Cloud-Trace-Context: eadce04352ed4e02942760e2faf9b4ad/2407321879700574997;o=0
Connection: keep-alive
Content-Length: 5714
X-Served-By: cache-mdw17347-MDW, cache-mxp6977-MXP
Last-Modified: Tue, 15 Feb 2022 12:09:00 GMT
Server: cloudflare
Traceparent: 00-eadce04352ed4e02942760e2faf9b4ad-2168867ebb941315-00
X-Timer: S1645543030.487913,VS0,VE2
Etag: W/"620b97dc-4705"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e044e9f0e26-MXP
X-Styx-Req-Id: fc50661d-8eb0-11ec-88f4-3e635db8b1af
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK Karimi-LI-screenshot-1-768x718.jpg
www.flashpoint-intel.com/wp-content/uploads/2022/01/ 51 KB
52 KB 61ms
61ms Image
image/jpeg 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/uploads/2022/01/Karimi-LI-screenshot-1-768x718.jpg

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a505bb635246bbb2528b905f5f44d13076f381a7b19537b1d2e3ea800569e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-2fghz
X-Cache: MISS, HIT
X-Cloud-Trace-Context: e6b6d24039054e16a11148c9f42b4b02/1045186269433300195;o=0
Connection: keep-alive
Content-Length: 52497
X-Served-By: cache-mdw17383-MDW, cache-mxp6937-MXP
Last-Modified: Fri, 21 Jan 2022 14:55:17 GMT
Server: cloudflare
Traceparent: 00-e6b6d24039054e16a11148c9f42b4b02-0e813f5fd9b004e3-00
X-Timer: S1645543030.494677,VS0,VE2
Etag: "61eac955-cd11"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
X-Styx-Req-Id: 4b9b2587-8a71-11ec-ab81-8a09d522465a
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e045b710e0e-MXP
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK email-decode.min.js Show response
www.flashpoint-intel.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 27ms
26ms Script
application/javascript 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 13:46:32 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: W/"620d0038-4d7"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 6e192e01799f59dd-MXP
Expires: Thu, 24 Feb 2022 15:17:09 GMT

GET
H/1.1 200
OK dismiss.js Show response
www.flashpoint-intel.com/wp-content/plugins/atomic-blocks/dist/assets/js/ 923 B
1 KB 64ms
64ms Script
application/x-javascript 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/plugins/atomic-blocks/dist/assets/js/dismiss.js?ver=1645480350

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91690ac97c038313496895a305a808da41d7702f5568ebc6b34a4c3cdd549961

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-4fsk2
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 0962b384fe6b4c53a8972873edd9f1ff/3747770181176117544;o=0
Connection: keep-alive
Content-Length: 489
X-Served-By: cache-mdw17362-MDW, cache-mxp6925-MXP
Last-Modified: Mon, 21 Feb 2022 21:52:30 GMT
Server: cloudflare
Traceparent: 00-0962b384fe6b4c53a8972873edd9f1ff-3402c11f8ccdc928-00
X-Timer: S1645543030.061916,VS0,VE2
Etag: W/"6214099e-39b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e01a9f40e26-MXP
X-Styx-Req-Id: 26c2271b-9361-11ec-9bd9-92f7ed4c6de9
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK main_1cc42a5a.js Show response
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/scripts/ 1 MB
326 KB 118ms
117ms Script
application/x-javascript 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/scripts/main_1cc42a5a.js

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2cc4b8751dda98a57c189a3a63ede2e221bf4dd8d9f30cc4f929b46aa8e03c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 158587
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-csqbs
X-Cache: HIT, HIT
X-Cloud-Trace-Context: f4dbc8e3d126481e870fa74c16cd251b/3014867980373044907;o=0
Connection: keep-alive
Content-Length: 332430
X-Served-By: cache-mdw17371-MDW, cache-mxp6974-MXP
Last-Modified: Sat, 05 Feb 2022 23:07:13 GMT
Server: cloudflare
Traceparent: 00-f4dbc8e3d126481e870fa74c16cd251b-29d6f67466d5aeab-00
X-Timer: S1645384444.728506,VS0,VE3
Etag: W/"61ff0321-13de17"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e01ba9759dd-MXP
X-Styx-Req-Id: f350fe60-8891-11ec-a945-26aabb7f4d8f
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK bg-noise_d29260fb.png
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/ 8 KB
8 KB 250ms
59ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/bg-noise_d29260fb.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fffd7948aeeaa68d842c3781f368d8f78cf1c5bc8a5498b7b89bc73e203ec381

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 4388004
X-Pantheon-Styx-Hostname: styx-fe2-b-75d6cc764-pcbkb
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7700
X-Served-By: cache-mdw17382-MDW, cache-mxp6950-MXP
Last-Modified: Sun, 14 Nov 2021 21:09:11 GMT
Server: cloudflare
X-Timer: S1641155026.472939,VS0,VE3
Etag: "61917af7-1e14"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: 9b273561-4692-11ec-a363-2eae4f4b1717
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e034f7659dd-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK grid-bg_6569abd3.png
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/ 623 KB
624 KB 142ms
63ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/grid-bg_6569abd3.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b87acaf5cef8e4e4dd5a348e9cbc49d79478c0f688abfd67263d290f0a2200c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 319692
X-Pantheon-Styx-Hostname: styx-fe2-a-54cb89b9bf-w2t5g
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 542cf323096144cc8609b3bcdd9b494d/5341581743725368489;o=0
Connection: keep-alive
Content-Length: 637792
X-Served-By: cache-mdw17379-MDW, cache-mxp6974-MXP
Last-Modified: Mon, 17 Jan 2022 00:43:49 GMT
Server: cloudflare
Traceparent: 00-542cf323096144cc8609b3bcdd9b494d-4a211c4b857654a9-00
X-Timer: S1645223339.701616,VS0,VE4
Etag: "61e4bbc5-9bb60"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: 9d9bb903-774d-11ec-a174-06a61b358f55
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e029f913742-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK waves-bg_16cb8613.png
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/ 80 KB
81 KB 220ms
148ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/waves-bg_16cb8613.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a377ea42f7d8f53ead12fafdcd15c95d61dbf5d3acbcfd4e07fcad6a8284a6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-vsrf4
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 3e9211b99ab64c6f9910c97a804ab82b/10935179757399319791;o=0
Connection: keep-alive
Content-Length: 81538
X-Served-By: cache-mdw17326-MDW, cache-mxp6922-MXP
Last-Modified: Sun, 06 Feb 2022 20:08:00 GMT
Server: cloudflare
Traceparent: 00-3e9211b99ab64c6f9910c97a804ab82b-97c1900d62d424ef-00
X-Timer: S1645543030.287341,VS0,VE2
Etag: "62002aa0-13e82"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: f3c981f4-8891-11ec-b1b9-5ecf98a6968c
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e028f410e0e-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK cta-grid-bg_85da3cf5.png
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/ 80 KB
81 KB 55ms
55ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/images/common/cta-grid-bg_85da3cf5.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8dfc02f714c60826bdc05ad11a9ce0c7c65575044167e060c3d5ed6fabb1483

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 158585
X-Pantheon-Styx-Hostname: styx-fe2-b-84558bcd68-4557j
X-Cache: HIT, HIT
X-Cloud-Trace-Context: fecc83ecf8b444399c05ca5300085b95/9235940647369300452;o=0
Connection: keep-alive
Content-Length: 81782
X-Served-By: cache-mdw17363-MDW, cache-mxp6929-MXP
Last-Modified: Sat, 15 Jan 2022 22:24:04 GMT
Server: cloudflare
Traceparent: 00-fecc83ecf8b444399c05ca5300085b95-802ca715ad09d9e4-00
X-Timer: S1645384445.037921,VS0,VE3
Etag: "61e34984-13f76"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: 9bb74289-767a-11ec-9a50-aeb17b54446d
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e047f94374b-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK Rajdhani-SemiBold_9bbda887.woff2
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/ 104 KB
105 KB 102ms
68ms Font
font/woff2 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/Rajdhani-SemiBold_9bbda887.woff2

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8540d8024996623093ca2d795826820af880c52181391a20a52a08c9c5ec4e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
Origin: https://www.flashpoint-intel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-csqbs
X-Cache: HIT, HIT
X-Cloud-Trace-Context: a977f560d7fe42d7a8e87af124ad61ad/180120260394026519;o=0
Connection: keep-alive
Content-Length: 106924
X-Served-By: cache-mdw17377-MDW, cache-mxp6976-MXP
Last-Modified: Tue, 01 Feb 2022 01:23:55 GMT
Server: cloudflare
Traceparent: 00-a977f560d7fe42d7a8e87af124ad61ad-027fea6c29a30617-00
X-Timer: S1645543030.130164,VS0,VE3
Etag: "61f88bab-1a1ac"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e020a9a0e26-MXP
X-Styx-Req-Id: 76471d5f-8351-11ec-a945-26aabb7f4d8f
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK Rajdhani-Medium_5190bfe2.woff2
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/ 101 KB
102 KB 108ms
74ms Font
font/woff2 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/Rajdhani-Medium_5190bfe2.woff2

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32cb51550dbb2f7398b2d4c2e630e102188aafb0ee7235254cfcee7e544dce47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
Origin: https://www.flashpoint-intel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-pvh5n
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 5818f2c566a84fe8a0393023fd602de6/10468650397772349151;o=0
Connection: keep-alive
Content-Length: 103656
X-Served-By: cache-mdw17379-MDW, cache-mxp6964-MXP
Last-Modified: Fri, 04 Feb 2022 07:39:43 GMT
Server: cloudflare
Traceparent: 00-5818f2c566a84fe8a0393023fd602de6-91481e124cf8fedf-00
X-Timer: S1645543030.139580,VS0,VE3
Etag: "61fcd83f-194e8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e020e4a0e0e-MXP
X-Styx-Req-Id: 67adcf15-85bd-11ec-ba21-225dbba3b756
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK AcuminPro-ExtraLight_28446bce.woff2
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/ 29 KB
30 KB 124ms
70ms Font
font/woff2 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/AcuminPro-ExtraLight_28446bce.woff2

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad7f1d0afe5545c00d62a53b36ffc3f5f27f8096507100691eb5a73e332be60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
Origin: https://www.flashpoint-intel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 355404
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-8nl9r
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 4091166322934a338094e205fa01f778/11170738919280949636;o=0
Connection: keep-alive
Content-Length: 29636
X-Served-By: cache-mdw17380-MDW, cache-mxp6940-MXP
Last-Modified: Tue, 01 Feb 2022 01:23:55 GMT
Server: cloudflare
Traceparent: 00-4091166322934a338094e205fa01f778-9b066fdcaa5f3984-00
X-Timer: S1645187627.949586,VS0,VE2
Etag: "61f88bab-73c4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e02283e839d-MXP
X-Styx-Req-Id: cc1363e1-8302-11ec-9cdd-ba6b4cf7063b
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK AcuminPro-Light_1d7b595e.woff2
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/ 29 KB
30 KB 130ms
67ms Font
font/woff2 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/AcuminPro-Light_1d7b595e.woff2

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df53b9ba517dac445ab434def6c69d6cf3e0145ba9e5273a4cdef0789ca48a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
Origin: https://www.flashpoint-intel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 110941
X-Pantheon-Styx-Hostname: styx-fe2-b-7cccddbd66-df2mq
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 73716c16e46446c9881ca07856658c30/16952143214790559718;o=0
Connection: keep-alive
Content-Length: 29836
X-Served-By: cache-mdw17363-MDW, cache-mxp6948-MXP
Last-Modified: Thu, 20 Jan 2022 02:21:52 GMT
Server: cloudflare
Traceparent: 00-73716c16e46446c9881ca07856658c30-eb421c700323c7e6-00
X-Timer: S1645432089.179346,VS0,VE2
Etag: "61e8c740-748c"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e0239fa374b-MXP
X-Styx-Req-Id: caac91c8-79f1-11ec-9163-56074e28941c
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK Rajdhani-Regular_3f7883f9.woff2
www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/ 99 KB
100 KB 116ms
46ms Font
font/woff2 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/fonts/Rajdhani-Regular_3f7883f9.woff2

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

864f342f0b80aeb294de1f664e0d936fdbe6d231ea8d0998fafb0543cd27ce86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.flashpoint-intel.com/wp-content/themes/flashpoint/dist/styles/main_1cc42a5a.css
Origin: https://www.flashpoint-intel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 98732
X-Pantheon-Styx-Hostname: styx-fe2-b-84558bcd68-lwsm2
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 3feea1cbb092412ca7c43e9b93bb23a7/2410850595487976465;o=0
Connection: keep-alive
Content-Length: 101816
X-Served-By: cache-mdw17349-MDW, cache-mxp6980-MXP
Last-Modified: Wed, 19 Jan 2022 07:24:15 GMT
Server: cloudflare
Traceparent: 00-3feea1cbb092412ca7c43e9b93bb23a7-21750fd7e6998c11-00
X-Timer: S1645444299.626025,VS0,VE2
Etag: "61e7bc9f-18db8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e024ef33742-MXP
X-Styx-Req-Id: 12e3796b-78fd-11ec-85dc-028a7efef697
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK CTA_Threat_Actor_Guide_800x222-1.png
www.flashpoint-intel.com/wp-content/uploads/2022/01/ 139 KB
140 KB 98ms
98ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/uploads/2022/01/CTA_Threat_Actor_Guide_800x222-1.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd0b35f3229d181b611e54ba82f824bb2a7ffcee4637f53c2f7c7c52cfca663

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-vsrf4
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 277534e718d74c03a44dc94a52e7369d/12598928908001842445;o=0
Connection: keep-alive
Content-Length: 142235
X-Served-By: cache-mdw17347-MDW, cache-mxp6971-MXP
Last-Modified: Fri, 21 Jan 2022 15:20:51 GMT
Server: cloudflare
Traceparent: 00-277534e718d74c03a44dc94a52e7369d-aed86316ffd9950d-00
X-Timer: S1645543031.545848,VS0,VE3
Etag: "61eacf53-22b9b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: 838a1554-858e-11ec-b1b9-5ecf98a6968c
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e047b1b59dd-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK Blog_CTI_Pillar_1200x628.png
www.flashpoint-intel.com/wp-content/uploads/2022/02/ 405 KB
406 KB 39ms
39ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/uploads/2022/02/Blog_CTI_Pillar_1200x628.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef8881a38946feee4c28e3e72cdc7671d33f869462d7c7e5a87b2c0fe7163f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 3836
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-zk7zw
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 7b67d54dbaf548feae587ade15ab0cf7/157295687345521158;o=0
Connection: keep-alive
Content-Length: 414506
X-Served-By: cache-mdw17366-MDW, cache-mxp6925-MXP
Last-Modified: Fri, 18 Feb 2022 18:32:25 GMT
Server: cloudflare
Traceparent: 00-7b67d54dbaf548feae587ade15ab0cf7-022ed39820ee4206-00
X-Timer: S1645539195.681182,VS0,VE3
Etag: "620fe639-6532a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: 64ee57e7-93df-11ec-b637-f664f5746c29
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e04cc220e0e-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK Blog_Donbas_1200x628.png
www.flashpoint-intel.com/wp-content/uploads/2022/02/ 596 KB
597 KB 215ms
215ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/uploads/2022/02/Blog_Donbas_1200x628.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6020b451f3d6cf682fbffeb8190e69bcf563084474d5ff5ce0ac72dc43e88d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: MISS
X-Pantheon-Styx-Hostname: styx-fe2-a-55bcb968f4-cb89b
X-Cache: HIT, MISS
X-Cloud-Trace-Context: 7a087931f64a47959c636c1b5cff778d/6633222431911864615;o=0
Connection: keep-alive
Content-Length: 610455
X-Served-By: cache-mdw17336-MDW, cache-mxp6936-MXP
Last-Modified: Tue, 22 Feb 2022 14:41:52 GMT
Server: cloudflare
Traceparent: 00-7a087931f64a47959c636c1b5cff778d-5c0df0a852426927-00
X-Timer: S1645543031.587711,VS0,VE123
Etag: "6214f630-95097"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: 9a380171-93ed-11ec-bb7c-ca75a2f2d31e
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e04cf9b0e26-MXP
X-Cache-Hits: 2, 0

GET
H/1.1 200
OK Blog_Russia_Cybercrime_LE_1200x628-1.png
www.flashpoint-intel.com/wp-content/uploads/2022/02/ 379 KB
380 KB 58ms
58ms Image
image/png 2606:4700::6810:92e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flashpoint-intel.com/wp-content/uploads/2022/02/Blog_Russia_Cybercrime_LE_1200x628-1.png

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:92e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f37deb9d7778387a3b43990ab67781d261cfd9c22e02c74df0bbc30d15498aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Via: 1.1 varnish, 1.1 varnish
CF-Cache-Status: HIT
Age: 168483
X-Pantheon-Styx-Hostname: styx-fe2-b-d8dd6bb59-vsrf4
X-Cache: HIT, HIT
X-Cloud-Trace-Context: 7a500d2b930b41ce8e1067bcc0d4ce35/1002427865125251541;o=0
Connection: keep-alive
Content-Length: 387905
X-Served-By: cache-mdw17326-MDW, cache-mxp6956-MXP
Last-Modified: Mon, 14 Feb 2022 20:07:39 GMT
Server: cloudflare
Traceparent: 00-7a500d2b930b41ce8e1067bcc0d4ce35-0de956d50dbe69d5-00
X-Timer: S1645374547.313705,VS0,VE4
Etag: "620ab68b-5eb41"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
X-Styx-Req-Id: c6fd7a81-8dd1-11ec-b1b9-5ecf98a6968c
Expires: Thu, 23 Feb 2023 15:17:10 GMT
Cache-Control: public, max-age=31622400
Accept-Ranges: bytes
CF-RAY: 6e192e04c865374b-MXP
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 55ms
16ms Script
application/x-javascript 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=55927
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FRCGD4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6137
date: Tue, 22 Feb 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 15:34:53 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/h96kfhua
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

27ms
7ms

Script
application/javascript

143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: H2
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa75b2aac5b3950f831d191d42cefbbe7536e885753ffc6363ceca3699ea61b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Feb 2022 15:12:35 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 10:12:25 GMT
server: AmazonS3
age: 276
etag: "52e60605444aa9a85dfeb98eb2f850df"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6086
x-amz-cf-id: 0FcnDPRne-FgzXZdFGAEbcapm7qCFJuJez4Dodrec9fZpyC9K94S6w==

Redirect headers

date: Mon, 24 Jan 2022 07:30:21 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
server: AmazonS3
age: 2533609
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: ItLNmh8DCgBSETCNk5Z7-V3IqScmlFUjyhkUCNNtgHYxq95Cv1AsSQ==

GET
H2 200 hotjar-2611559.js Show response
static.hotjar.com/c/ 5 KB
3 KB 58ms
39ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2611559.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FRCGD4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

9b582e6da064c0206cce17ed789a8496db3d7ac430ba56cb15319d35c277eb5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/9ecc64cd448de9d2dff21d1e62ad1ac1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: QmNV4zZKKTUzz_rFulbndwZn_gT82NUAOTe6UtPNwNbqyreNNGfNog==
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)

GET
H2 200 GdDKTZK0eBuOJMsrUCDX Show response
ws.zoominfo.com/pixel/ 0
477 B 265ms
225ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/GdDKTZK0eBuOJMsrUCDX

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:17:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6e192e029cf43754-MXP
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 16ms
15ms Script
application/x-javascript 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=65861
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 18ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=379257467&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&ul=en-us&de=UTF-8&dt=MuddyWater%3A%20Who%27s%20Behind%20the%20Iranian%20Cyber%20Threat%20Actor%20Group%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=727747234&gjid=2082372483&cid=1226924229.1645543030&tid=UA-65221924-1&_gid=1647222359.1645543030&_r=1&gtm=2wg2g05FRCGD4&z=1356719171

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:17:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flashpoint-intel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D287753%26time%3D1645543030286%26url%3Dhttps%253A%252F%252Fwww.flashpoint-intel.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&liSync=true&e_ipv6=AQKfan-...

0
545 B

464ms
148ms

Image
application/javascript

108.174.10.24
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&liSync=true&e_ipv6=AQKfan-5XhWQ9AAAAX8iAgBgPsC8WxxTtcnDD6X4fKppz9nRWUyevd5pc0PdCCijWsvBmKmUqA
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: HTTP/1.1
Server: 108.174.10.24 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-24.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:11 GMT
Connection: keep-alive
NEL: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
Server: Play
LinkedIn-Action: 1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-ltx1
X-LI-Proto: http/1.1
X-Li-Pop: prod-ltx1-x
Content-Type: application/javascript
content-length: 0
X-LI-UUID: AAXYnNfYjxFwcygZ0BdNHg==

Redirect headers

date: Tue, 22 Feb 2022 15:17:10 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AD0BCCD4ADFF40CC8177215ACBE94EC4 Ref B: VIEEDGE1214 Ref C: 2022-02-22T15:17:10Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=287753&time=1645543030286&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&liSync=true&e_ipv6=AQKfan-5XhWQ9AAAAX8iAgBgPsC8WxxTtcnDD6X4fKppz9nRWUyevd5pc0PdCCijWsvBmKmUqA
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXYnNfRPlP8jyJgpvWOhw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-65221924-1&cid=1226924229.1645543030&jid=727747234&gjid=2082372483&_gid=1647222359.1645543030&_u=YEBAAEAAAAAAAC~&z=1278977590

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Feb 2022 15:17:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.flashpoint-intel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.7d6d0311dc6eb2c0bc38.js Show response
script.hotjar.com/ 235 KB
62 KB 35ms
17ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d6d0311dc6eb2c0bc38.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2611559.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

01dfdc130cd3e3b7ed01572613ea6552ab9819ca803c688076f850d06aa627a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 14:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 435904
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62769
access-control-allow-origin: *
last-modified: Thu, 17 Feb 2022 14:12:00 GMT
etag: "fb6a0182102480f4b418874ee97e7e39"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: t43lluFgVd8f8ERuGIre0pQK2v7Ri3ftETKQTvhoF49nSkiuY-uXNg==

GET
H2 200 frame-modern.7651dd45.js Show response
js.intercomcdn.com/ Frame 499A 296 KB
80 KB 16ms
15ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.7651dd45.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/h96kfhua
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c34881f78f12ad368155e0a38c2a520bdcfcdd493e7111c6452c952fc301fc8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Feb 2022 14:12:35 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 10:11:16 GMT
server: AmazonS3
age: 3876
etag: "1c867159a82910aa9346d80acd212e8d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 81188
x-amz-cf-id: Z7fvshkopamx65ttPh3loj0I1skJzHKnU6LG90grnTa0Nx88IBBQyA==

GET
H2 200 vendor-modern.43c9bd6f.js Show response
js.intercomcdn.com/ Frame 499A 127 KB
39 KB 28ms
28ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.43c9bd6f.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/h96kfhua
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8316bc630bdccc2ee1efe92cb58c54e574916b30a027a3dc1a404bc0213a77a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Feb 2022 14:26:50 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 12:25:47 GMT
server: AmazonS3
age: 3020
etag: "383ddc986b0127f2f7302cd74686d80c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 39547
x-amz-cf-id: L6AY-3OKlkDZMSldAnZciaCO4-MO8cs75ATTi8R8ggvXu7Kjk1O9MQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 65ms
32ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65221924-1&cid=1226924229.1645543030&jid=727747234&_u=YEBAAEAAAAAAAC~&z=299150660

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:17:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 68ms
35ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65221924-1&cid=1226924229.1645543030&jid=727747234&_u=YEBAAEAAAAAAAC~&z=299150660

Requested by

Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:17:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame BCCF 2 KB
1 KB 31ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2611559.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cvdPN3YcXtIr_CA3M7scAGIc2rPy3qCpkXrU5H8u6HA2raUC4ezYqQ==
age: 1578304

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 499A 6 KB
3 KB 1006ms
815ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7651dd45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

978620da2f1cfa6e85523f9c9ea2773e04e77518f0306050b7b8e46b83bc1013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Feb 2022 15:17:11 GMT
content-encoding: gzip
x-ami-version: ami-028abf1702a0efe13
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0007vpaku7ggu57ehju0
x-runtime: 0.702801
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"978620da2f1cfa6e85523f9c9ea2773e"
x-ratelimit-remaining: 13332
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.flashpoint-intel.com
x-intercom-version: b1fdf0fb7916a82aec90be335ba62dd702a136c6
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1645543040
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2611559/ 146 B
323 B 95ms
36ms XHR
application/json 34.255.23.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2611559/visit-data?sv=7
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-23-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 15:17:10 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2611559 Show response
vc.hotjar.io/sessions/ 0
257 B 89ms
35ms XHR
text/plain 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2611559?s=0.25&r=0.22343970307660355
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:17:10 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: LoMi2nRnKvnRZ7bpuCtB_094jcHE3FXzf8bdBkfbfueA2Ej3IPwdRQ==

POST
H2 200 content Show response
ws34.hotjar.com/api/v2/sites/2611559/recordings/ 66 B
259 B 276ms
92ms XHR
application/json 54.229.161.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws34.hotjar.com/api/v2/sites/2611559/recordings/content
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.161.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-161-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5aaec058763c127dc2d606409cd7e5dfc91e0423ebe91ede5161eab3a0136c8

Request headers

Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 15:17:11 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 23ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
x-amz-request-id: ZJZ8DEKMJ3A4VPH4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: 7my93Pb+pwy46J2g7B4gW88FogJgA3oZ6A11jyZpawLdIi72OMH6VXwF6CxHsbE2twp2o500YsI=
x-served-by: cache-hhn4022-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1645543031.449786,VS0,VE0
date: Tue, 22 Feb 2022 15:17:11 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 14496

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 404ms
102ms Script
application/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.flashpoint-intel.com
URL: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:17:11 GMT
content-encoding: gzip
X-Pardot-Route: 8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
last-modified: Mon, 21 Feb 2022 18:58:32 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 1950
expires: Thu, 22 Feb 2024 15:17:11 GMT

GET
H/1.1 200
OK cac2eb208b Show response
bam-cell.nr-data.net/1/ 49 B
716 B 564ms
541ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/cac2eb208b?a=69275271&v=1215.1253ab8&to=bgYHYxZXCEpQWkRZX1dMMEUNGUlQX11VSB5JCxU%3D&rst=2278&ck=1&ref=https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/&ap=340&be=649&fe=2245&dc=1100&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1645543029186,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:15,%22c%22:15,%22s%22:31,%22ce%22:61,%22rq%22:61,%22rp%22:613,%22rpe%22:648,%22dl%22:632,%22di%22:1099,%22ds%22:1099,%22de%22:1100,%22dc%22:2244,%22l%22:2244,%22le%22:2247%7D,%22navigation%22:%7B%7D%7D&fp=924&fcp=924&at=QkEEFV5NG0Q%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:17:12 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6e192e0aca8f6937-FRA

GET
H2 200 39df927405441a85e75b079fbb116bd9.png
downloads.intercomcdn.com/i/o/288682/b6d0d1fa5d015c82aaa5951c/ 21 KB
21 KB 379ms
183ms Image
image/png 15.197.143.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/288682/b6d0d1fa5d015c82aaa5951c/39df927405441a85e75b079fbb116bd9.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.143.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

362be33531168a1623b80ace293997d1eb302ef70a011d166017143eed7f8157

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:17:11 GMT
content-encoding: gzip
x-ami-version: ami-028abf1702a0efe13
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="39df927405441a85e75b079fbb116bd9.png"; filename*=UTF-8''39df927405441a85e75b079fbb116bd9.png
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000ak79euu7nn2ioriig
x-runtime: 0.076385
last-modified: Fri, 27 Aug 2021 19:10:38 GMT
server: nginx
x-frame-options: deny
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-type: image/png
x-intercom-version: b1fdf0fb7916a82aec90be335ba62dd702a136c6
cache-control: private
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
x-content-type-options: nosniff

POST
H2 200 match Show response
api-iam.intercom.io/messenger/web/rulesets/21051310/ Frame 499A 1012 B
1 KB 532ms
532ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/rulesets/21051310/match

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7651dd45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

30107895168c52ed7366011d77fe49521b404bd6e1aaa8b86c2f784399c7a3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Feb 2022 15:17:12 GMT
content-encoding: gzip
x-ami-version: ami-028abf1702a0efe13
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000950bsi500usebaveg
x-runtime: 0.417860
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"30107895168c52ed7366011d77fe4952"
x-ratelimit-remaining: 13331
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.flashpoint-intel.com
x-intercom-version: b1fdf0fb7916a82aec90be335ba62dd702a136c6
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1645543040
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 191ms
191ms Script
text/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=23025&account_id=273312&title=MuddyWater%3A%20Who%27s%20Behind%20the%20Iranian%20Cyber%20Threat%20Actor%20Group%3F&url=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Fmuddywater-iranian-cyber-threat-actor%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-1-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

156d27db0953d0daca28b30abcc98629fc9af0bc4728eca5a2751f329662474e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.flashpoint-intel.com/blog/muddywater-iranian-cyber-threat-actor/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:17:11 GMT
content-encoding: gzip
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 997
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 vendors~app-modern.e4a6cf09.js Show response
js.intercomcdn.com/ Frame 499A 557 KB
115 KB 8ms
7ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.e4a6cf09.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7651dd45.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 159106f4102a6307356e60cbfcde6a59e0a9ab4a430e4b2674392f0662cbb677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Feb 2022 14:04:45 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 12:03:26 GMT
server: AmazonS3
age: 4348
etag: "e42905c35d20ee4feffac1368ae234dc"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 116817
x-amz-cf-id: vddj44UbAXrpOrOzoZHesGUZkCBmZ38Ta-ekRigTG4RagS0bwiX42g==

GET
H2 200 app-modern.34896bfc.js Show response
js.intercomcdn.com/ Frame 499A 588 KB
149 KB 14ms
14ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.34896bfc.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7651dd45.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e52b48da9f8d7a65a2f85b5a6d49f4d1e06d3efd6de70708274d011492e6d099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Feb 2022 14:12:36 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 10:11:16 GMT
server: AmazonS3
age: 3877
etag: "5e6fe3fc034fc2102be383606b18e060"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 151572
x-amz-cf-id: wlyrHyPxqc0yKvLQA7b7C9IHvUR7PQMCj4pgZlw-li19XhYVvGlB4A==

GET
H2 200 banner-modern.5240e6f8.js Show response
js.intercomcdn.com/ Frame 499A 13 KB
5 KB 9ms
9ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/banner-modern.5240e6f8.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7651dd45.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6828d7e5e75f26b261e6ece33f9c6b844602122ad822d53240f231e6f099ec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Feb 2022 14:07:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 12:03:26 GMT
server: AmazonS3
age: 4233
etag: "dae37670f34fb404d03ce5d0bfd4f6fe"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4503
x-amz-cf-id: wPMNI89PFMna5cOIs81nicckw0D990DKQRNzWgs0Ndfp9zJhc4n7sg==

GET
H2 200 39df927405441a85e75b079fbb116bd9.png
downloads.intercomcdn.com/i/o/288682/b6d0d1fa5d015c82aaa5951c/ Frame 1217 21 KB
21 KB 191ms
191ms Image
image/png 15.197.143.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/288682/b6d0d1fa5d015c82aaa5951c/39df927405441a85e75b079fbb116bd9.png

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendors~app-modern.e4a6cf09.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.143.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

362be33531168a1623b80ace293997d1eb302ef70a011d166017143eed7f8157

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:17:12 GMT
content-encoding: gzip
x-ami-version: ami-028abf1702a0efe13
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="39df927405441a85e75b079fbb116bd9.png"; filename*=UTF-8''39df927405441a85e75b079fbb116bd9.png
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000b5b2f14sokm6qutt0
x-runtime: 0.079088
last-modified: Fri, 27 Aug 2021 19:10:38 GMT
server: nginx
x-frame-options: deny
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-type: image/png
x-intercom-version: b1fdf0fb7916a82aec90be335ba62dd702a136c6
cache-control: private
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
x-content-type-options: nosniff

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame C618 28 KB
29 KB 26ms
10ms Font
font/woff 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Referer
Origin: https://www.flashpoint-intel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:00:02 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
age: 1031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28960
last-modified: Thu, 10 Feb 2022 13:51:10 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: S2OGV3ZIX9wOhR_G_QTS0SlW9bilhawO0R4OmR-ulGdTYRQJRGJ4jw==

GET
H2 200 proximanova-semibold.46e3f047.woff
js.intercomcdn.com/fonts/ Frame C618 28 KB
29 KB 28ms
13ms Font
font/woff 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-semibold.46e3f047.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704

Request headers

Referer
Origin: https://www.flashpoint-intel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:00:02 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
age: 1030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28732
last-modified: Fri, 11 Feb 2022 12:05:52 GMT
server: AmazonS3
etag: "46e3f047b6d568624167376a87e01ebd"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: YL9GxDUtkYsr9iZFjMv4-SmFt6jOYLKpdJeq_GQexr520oiXWF3H0A==

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.flashpoint-intel.com/	1969-12-31 23:59:59	Name: wordpress_google_apps_login Value: a0a8558a710f65105658410ce3742604
.flashpoint-intel.com/	1970-01-20 18:36:55	Name: _ga Value: GA1.2.1226924229.1645543030
.flashpoint-intel.com/	1970-01-20 01:07:09	Name: _gid Value: GA1.2.1647222359.1645543030
.flashpoint-intel.com/	1970-01-20 01:05:43	Name: _gat_UA-65221924-1 Value: 1
.ws.zoominfo.com/	1970-01-20 09:51:19	Name: visitorId Value: 5bed85eddc73accde61495c9d03de224e1fa8aac7e3677816a136ea09aa19a47
.linkedin.com/	1970-01-20 01:48:55	Name: UserMatchHistory Value: AQLD2JBOFf3d1wAAAX8iAf67rVPNGx_FjLMR577eUPWkbtqxA03f3AykBhDfak6f60o5aKPxLZrMGw
.linkedin.com/	1970-01-20 01:48:55	Name: AnalyticsSyncHistory Value: AQK31-ZlR8GaXwAAAX8iAf67mR86hU0Un7QVMS30fDr_6Fk8IJIaLjzOXyh0nR20G-0PRQmL9yWP5xh89SXvcQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:37:36	Name: bcookie Value: "v=2&23d0b808-38ad-441d-8055-546fca34afdd"
.linkedin.com/	1970-01-20 01:07:09	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2758:u=1:x=1:i=1645543030:t=1645629430:v=2:sig=AQHMb9qyuzzoAaOXU6uaMQ-mN0wV-ERT"
.flashpoint-intel.com/	1970-01-20 09:51:19	Name: _hjSessionUser_2611559 Value: eyJpZCI6ImExYjgxNzY2LTIzNGQtNWQ4ZS05NjFjLTI0NjM1Yjc0MTkxZCIsImNyZWF0ZWQiOjE2NDU1NDMwMzA0ODIsImV4aXN0aW5nIjpmYWxzZX0=
.flashpoint-intel.com/	1970-01-20 01:05:44	Name: _hjFirstSeen Value: 1
www.flashpoint-intel.com/	1970-01-20 01:05:43	Name: _hjIncludedInSessionSample Value: 1
.flashpoint-intel.com/	1970-01-20 01:05:44	Name: _hjSession_2611559 Value: eyJpZCI6IjdkOThkN2E2LTQ5YWYtNDAyZi1iOWVhLTU5ZTU0MDA1ZTA1MSIsImNyZWF0ZWQiOjE2NDU1NDMwMzA2MjEsImluU2FtcGxlIjp0cnVlfQ==
www.flashpoint-intel.com/	1970-01-20 01:05:43	Name: _hjIncludedInPageviewSample Value: 1
.flashpoint-intel.com/	1970-01-20 01:05:44	Name: _hjAbsoluteSessionInProgress Value: 1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:37:36	Name: bscookie Value: "v=1&202202221517104b794f02-8dbb-46da-88da-4448a65b0e33AQH0BF1kZXRiOb3UHsl9Du2VV4zKPXoj"
.linkedin.com/	1970-01-20 18:17:03	Name: li_gc Value: MTswOzE2NDU1NDMwMzA7MjswMjESKZSj+f4Lmm26qLi1pQAs7cSk+4KX66Yu7gtnybdXYg==
.flashpoint-intel.com/	1970-01-20 07:34:33	Name: intercom-id-h96kfhua Value: a53e3687-de5f-469a-874f-78c9709c5757
.flashpoint-intel.com/	1970-01-20 01:15:47	Name: intercom-session-h96kfhua Value:
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 59f6d76f038c7961

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bam-cell.nr-data.net
downloads.intercomcdn.com
in.hotjar.com
js-agent.newrelic.com
js.intercomcdn.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
widget.intercom.io
ws.zoominfo.com
ws34.hotjar.com
www.flashpoint-intel.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
108.174.10.24
143.204.98.104
143.204.98.27
143.204.98.29
143.204.98.32
143.204.98.62
143.204.98.7
15.197.143.135
151.101.130.137
162.247.243.146
2606:4700::6810:650c
2606:4700::6810:92e4
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0d::9a
2a02:26f0:6c00::210:ba08
34.255.23.179
52.202.69.186
54.229.161.68
75.2.88.188
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
01dfdc130cd3e3b7ed01572613ea6552ab9819ca803c688076f850d06aa627a0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0febc76c1002f79d0923f61f9265c68edfceb783b5379f7f5345bf993c0d12c4
0ffab7a77a38e0a2b06cab1b19ddf3c532d18d6ad776e44c3c92817e89a69ecb
148cd6d30f6954020f949f1a6302610d3a11e3aca07e281cd249a0f679aacea6
156d27db0953d0daca28b30abcc98629fc9af0bc4728eca5a2751f329662474e
159106f4102a6307356e60cbfcde6a59e0a9ab4a430e4b2674392f0662cbb677
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30107895168c52ed7366011d77fe49521b404bd6e1aaa8b86c2f784399c7a3e4
32cb51550dbb2f7398b2d4c2e630e102188aafb0ee7235254cfcee7e544dce47
35f02dce8388e9b24ba79a29199af79c94c5cf558c14953384bf2a69bd50d80c
362be33531168a1623b80ace293997d1eb302ef70a011d166017143eed7f8157
3e5742f6de43f504d7e3dd7826bf9e163a56d972de652f55c1086e4f2ac6b07c
459ed44f1fb10c33b879bf62d34792c580eebadbd74d1085bcaa6cefc3912272
4bb5eb7ce570818793475248d974bac20b13c01704fd507b3b61aa69c731a5dc
583025bcc143a77dd913f511e8238c3ba1cd48e964ee3e6de12785da07562c1e
5ad7f1d0afe5545c00d62a53b36ffc3f5f27f8096507100691eb5a73e332be60
6020b451f3d6cf682fbffeb8190e69bcf563084474d5ff5ce0ac72dc43e88d51
6126ddee9ed041caa389e70809079287aef87d3007f40ffe25a4f8aa0f77d138
62a505bb635246bbb2528b905f5f44d13076f381a7b19537b1d2e3ea800569e2
7aea74fa8de4d5a91fd7de7396b304a6e180d6395b8662e2932092d7138a40ed
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
7c4c5352482c0956c44b18de24e30c594135c2e0f5604eb2ca06f1c76184fea2
7f16563c7430e464d17e45e6847b9ee31d079ca9ada4003fa16a08d194a51701
811c67d5fb1a9f572a6da82f523b749f3fbd74d29444945b1b7c2e09faaac2a2
8316bc630bdccc2ee1efe92cb58c54e574916b30a027a3dc1a404bc0213a77a2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852f259343b75ead0b3f69c905a0f93105ff202e8fdcfaa0fd257be35682d3f1
8540d8024996623093ca2d795826820af880c52181391a20a52a08c9c5ec4e81
864f342f0b80aeb294de1f664e0d936fdbe6d231ea8d0998fafb0543cd27ce86
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8a62fbaefa86e2168c98707a24025fa3b168710084d1db20c5de4618d94fd7cd
8b87acaf5cef8e4e4dd5a348e9cbc49d79478c0f688abfd67263d290f0a2200c
8cd0b35f3229d181b611e54ba82f824bb2a7ffcee4637f53c2f7c7c52cfca663
91690ac97c038313496895a305a808da41d7702f5568ebc6b34a4c3cdd549961
978620da2f1cfa6e85523f9c9ea2773e04e77518f0306050b7b8e46b83bc1013
9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704
9b582e6da064c0206cce17ed789a8496db3d7ac430ba56cb15319d35c277eb5b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a377ea42f7d8f53ead12fafdcd15c95d61dbf5d3acbcfd4e07fcad6a8284a6a0
a3b967a0ee6d98086ba75f2953596bb4221ea54fa1321a2252d14e6d5a6e5bc2
a5aaec058763c127dc2d606409cd7e5dfc91e0423ebe91ede5161eab3a0136c8
aac9b5730a218deb9e6fe546d20613159a6875e86e0e3c1956792a98572d3c6f
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b962d3e7f9a65e260688706ef7dc664b05756a0d3dfac3470fc4d36aff5a1282
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
c34881f78f12ad368155e0a38c2a520bdcfcdd493e7111c6452c952fc301fc8f
c3b5347eb3e2c9fe004a0d59df4bc4506b8c5316ba3511826546a96bdc457472
d1c8c5c9dd5cbf22ff891fc530190665150f7c5a741d7a12084b09a8e8ea8fd3
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d39b5d476a9b3934a9a9c6995c58726f77a57d8d75df6d0c600a2d5e6ab9cb26
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df53b9ba517dac445ab434def6c69d6cf3e0145ba9e5273a4cdef0789ca48a58
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e12b2cd83ce1e240ac05e403c9656c619063d139029773044e0d6c65f3f3d57f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52b48da9f8d7a65a2f85b5a6d49f4d1e06d3efd6de70708274d011492e6d099
e8820976d75ce377cacb5eda2b581c8ddbfc02c90a6577da0090af0f95f4eb29
e8dfc02f714c60826bdc05ad11a9ce0c7c65575044167e060c3d5ed6fabb1483
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8881a38946feee4c28e3e72cdc7671d33f869462d7c7e5a87b2c0fe7163f06
f2cc4b8751dda98a57c189a3a63ede2e221bf4dd8d9f30cc4f929b46aa8e03c1
f37deb9d7778387a3b43990ab67781d261cfd9c22e02c74df0bbc30d15498aac
f6828d7e5e75f26b261e6ece33f9c6b844602122ad822d53240f231e6f099ec9
f954a07853af21b33239fbb81226eb3a6239434d676a376a5bfffd48931e99c7
fa75b2aac5b3950f831d191d42cefbbe7536e885753ffc6363ceca3699ea61b1
fe86959772a2362a4e6a685bed0df2f2629761362f3f2cf35a779e54546395d0
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
fffd7948aeeaa68d842c3781f368d8f78cf1c5bc8a5498b7b89bc73e203ec381

www.flashpoint-intel.com Open in urlscan Pro 2606:4700::6810:92e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

97 %HTTPS

42 %IPv6

16 Domains

24 Subdomains

21 IPs

4 Countries

11101 kBTransfer

14512 kBSize

22 Cookies

13 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.flashpoint-intel.com Open in urlscan Pro
2606:4700::6810:92e4 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

97 %
HTTPS

42 %
IPv6

16
Domains

24
Subdomains

21
IPs

4
Countries

11101 kB
Transfer

14512 kB
Size

22
Cookies

78 HTTP transactions
0 data transactions