www.anomali.com Open in urlscan Pro
18.102.16.191  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Show response www.anomali.com/blog/	159 KB 28 KB	1454ms 1357ms	Document text/html	18.102.16.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.102.16.191 Milan, Italy, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-102-16-191.eu-south-1.compute.amazonaws.com Software / Resource Hash 85fc609e5f4be88f71531b0e71281d43a1f9cc411133d4fded489e803c9ea39a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status EXPIRED cf-ray 8d13c2c40e27babb-MXP content-encoding br content-security-policy frame-ancestors 'self' content-type text/html date Sat, 12 Oct 2024 02:46:41 GMT feature-policy none last-modified Sat, 12 Oct 2024 02:46:41 GMT referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000 surrogate-control max-age=432000 surrogate-key www.anomali.com 6453db2ad32b573c40a15c49 pageId:657dc50a96389eee4e83bf78 657dc50a96389eee4e83bee7 657dc50a96389eee4e83bf79 vary Accept-Encoding x-cluster-name eu-south-1-prod-hosting-red x-content-type-options nosniff x-frame-options sameorigin x-lambda-id 9632b0b2-0ddf-469b-a8a8-d8636fb1c627
GET H3	200	anomali-staging.00cad4d27.min.css cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/	413 KB 71 KB	200ms 160ms	Stylesheet text/css	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.00cad4d27.min.css Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f17d0d837fd914dd3273af7199514b694be5de9a3994fb3c72c8edeb74ed4f28 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding gzip cf-cache-status HIT etag "8f4e731b422a9835bf9e86f6ba139f87" x-amz-version-id K_NHJcFrPwHPMDLKp9ERltnF9N85jItH age 295894 alt-svc h3=":443"; ma=86400 date Sat, 12 Oct 2024 02:46:41 GMT content-type text/css last-modified Mon, 07 Oct 2024 23:57:24 GMT vary Accept-Encoding x-amz-id-2 0RATt4TFhnn65DDKvNwQ1PxjiflZG44yhWAJVOFR9UbDDUmY4dcJgCvWClKj+vb7KdvpRYdodFySe4fs0o3h6vZGrweIQE65 cache-control public, max-age=31536000, immutable x-amz-request-id 9WQ3TVMHK9NZN6C3 cf-ray 8d13c2cccabf0e0a-MXP accept-ranges bytes access-control-allow-origin * content-length 71794 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	120ms 35ms	Script text/javascript	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding gzip age 110256 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Fri, 10 Oct 2025 20:09:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 10 Oct 2024 20:09:05 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 5437 x-xss-protection 0 server sffe
GET H2	200	osano.js Show response cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/	256 KB 66 KB	296ms 183ms	Script application/javascript	2600:9000:26db:8800:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/osano.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:8800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash d9ca562c284fd1cded2600acb736c237bafd2d08a2cab958ce7727f04b291e2d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding br etag "88b273aa7ca04de25ad4d112bc81a6d6" x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id vXrMYutfMaEwu34AHssGGZgHblr4IeF2F-MPpwD47UqKvBBOhFkxtA== date Sat, 12 Oct 2024 02:46:41 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 27 Sep 2024 18:59:02 GMT vary Origin x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform cross-origin-resource-policy cross-origin referrer-policy strict-origin-when-cross-origin via 1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront) content-length 66564 x-xss-protection 1; mode=block x-amz-cf-pop MUC50-P3 server CloudFront
GET H2	200	selectcustom.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-selectcustom@1/	9 KB 4 KB	85ms 23ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-selectcustom@1/selectcustom.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8484a2a1479fbb9752e3ce7e4f4114ee8fce53be4d5967367cbbbcdca9e04dd0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers access-control-expose-headers * content-encoding br etag W/"23ef-wbgrWUa/ZXM+koU2XOMBQKJgVmo" age 34474 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sat, 12 Oct 2024 02:46:41 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230148-FRA, cache-mxp6943-MXP vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 4102 x-jsd-version 1.7.2
GET H2	200	scrolldisable.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-scrolldisable@1/	9 KB 4 KB	25ms 24ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-scrolldisable@1/scrolldisable.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e83dcf850ec0764e07d449b409dac2382a9c06cbc2e179a4ebf793e04bca2b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers access-control-expose-headers * content-encoding br etag W/"24f5-UwbGQu810u+oOZfeoeQFlS8Ufrc" age 7860 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sat, 12 Oct 2024 02:46:41 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220103-FRA, cache-mxp6943-MXP vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 3788 x-jsd-version 1.6.2
GET H3	200	blog.css xtlsm4.csb.app/	513 KB 68 KB	656ms 616ms	Stylesheet text/css	172.64.151.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xtlsm4.csb.app/blog.css Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.151.115 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43d76a85df959bc93903679070c5d68b06251cd7e7994cb0aa898e5888e06dc6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers x-request-id F_2UlX-l4vkAnj52L0fF cache-control private, max-age=0, no-cache, no-store content-encoding gzip cf-cache-status MISS via 1.1 google cf-ray 8d13c2cccfc3bab1-MXP alt-svc h3=":443"; ma=86400 date Sat, 12 Oct 2024 02:46:41 GMT content-type text/css last-modified Sat, 12 Oct 2024 02:46:41 GMT vary Accept-Encoding server cloudflare
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	206 KB 46 KB	146ms 49ms	Script text/javascript	54.230.228.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-73.muc50.r.cloudfront.net Software / Resource Hash 98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=600, public content-encoding gzip etag W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU" age 256 via 1.1 3909cd34f904454f54cf78c975b2c198.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id znAR3R4f1IXEeKYNUCRw3NRH8BwDIV0EpzFZ-9akZdeMcN5tK3beeg== edge-control cache-maxage=60m,downstream-ttl=60m date Sat, 12 Oct 2024 02:42:27 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding x-amz-cf-pop MUC50-P5 x-frame-options SAMEORIGIN
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	81ms 22ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding gzip etag W/"28feccc0-15d9d" age 2652658 x-cache HIT, HIT date Sat, 12 Oct 2024 02:46:41 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-cache-hits 323648, 703562 x-served-by cache-lga21931-LGA, cache-mxp6925-MXP vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1728701201.420039,VS0,VE0 cross-origin-resource-policy cross-origin via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30875 server nginx
GET H2	200	email-decode.min.js Show response www.anomali.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 979 B	32ms 31ms	Script application/javascript	18.102.16.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.anomali.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.102.16.191 Milan, Italy, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-102-16-191.eu-south-1.compute.amazonaws.com Software / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Response headers cache-control max-age=172800, public content-encoding gzip etag W/"67055fd4-4d7" x-content-type-options nosniff cf-ray 8d13c2ccaab4babb-MXP expires Mon, 14 Oct 2024 02:46:41 GMT date Sat, 12 Oct 2024 02:46:41 GMT content-type application/javascript last-modified Tue, 08 Oct 2024 16:37:40 GMT vary Accept-Encoding x-cluster-name eu-south-1-prod-hosting-red x-frame-options DENY
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	179ms 60ms	Script application/javascript	108.138.34.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6453db2ad32b573c40a15c49 Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.34.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-34-29.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.anomali.com Referer https://www.anomali.com/ Response headers cache-control max-age=84600, must-revalidate content-encoding gzip etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" age 2717 via 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id 481IO7Z-pL0AG3ysXbtQYFOWv_Yuz_e6EUtDSW_fUBt-eywP4gqbTA== date Sat, 12 Oct 2024 02:04:54 GMT content-type application/javascript last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 x-amz-cf-pop MUC50-P2 vary Accept-Encoding
GET H3	200	anomali-staging.2ad7f08c3.js Show response cdn.prod.website-files.com/6453db2ad32b573c40a15c49/js/	2 MB 226 KB	50ms 35ms	Script text/javascript	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/js/anomali-staging.2ad7f08c3.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 672b1743f14673d411bd623fd11fb61aae53ebfc87bef514a4bb266af3dc084e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding gzip cf-cache-status HIT etag "dd353a84b5c613a202c38a27002e43fc" x-amz-version-id Vaen.sjSJt_30_G_fkG.wtdaj88IUOq5 age 274469 alt-svc h3=":443"; ma=86400 date Sat, 12 Oct 2024 02:46:41 GMT content-type text/javascript last-modified Mon, 07 Oct 2024 19:53:47 GMT vary Accept-Encoding x-amz-id-2 rql+PvQWS6Ju1E9VyYMl0eNtbFjZDz4Ajzgum0gDovKI1Cnd/L7yJa/iJ4yavI3w1n1guwtsnoM= cache-control public, max-age=31536000, immutable x-amz-request-id PHVHNA6MJPSS124C cf-ray 8d13c2cccabd0e0a-MXP accept-ranges bytes access-control-allow-origin * content-length 230304 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	css fonts.googleapis.com/	30 KB 2 KB	120ms 43ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CInter:100,200,300,regular,500,600,700,800,900 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d489310a6012c5c6a8459f78f042dd049611ed44280dfe9cbef131c42a3352f2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sat, 12 Oct 2024 02:46:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 12 Oct 2024 02:46:41 GMT content-type text/css; charset=utf-8 last-modified Sat, 12 Oct 2024 02:46:41 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET		39742ec6-9223-4a29-90e4-b2065ee4ed54 https://www.anomali.com/	0 0
GET H3	200	TK3iWkUHHAIjg752GT8G.woff2 fonts.gstatic.com/s/oswald/v53/	28 KB 28 KB	100ms 53ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CInter:100,200,300,regular,500,600,700,800,900 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.anomali.com Referer https://fonts.googleapis.com/ Response headers age 327077 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 08 Oct 2025 07:55:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 08 Oct 2024 07:55:24 GMT last-modified Tue, 15 Aug 2023 18:44:12 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 28512 x-xss-protection 0 server sffe
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 fonts.gstatic.com/s/inter/v18/	47 KB 47 KB	82ms 36ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CInter:100,200,300,regular,500,600,700,800,900 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.anomali.com Referer https://fonts.googleapis.com/ Response headers age 366894 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 07 Oct 2025 20:51:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 07 Oct 2024 20:51:47 GMT last-modified Mon, 29 Jul 2024 22:51:01 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48444 x-xss-protection 0 server sffe
GET H2	200	gtm.js Show response www.googletagmanager.com/	291 KB 102 KB	141ms 60ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KWSG6VV Requested by Host: cmp.osano.com URL: https://cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d45839a1e6d42b34af059069de02a8e081f3a4fdeb60fe05772219933538062f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sat, 12 Oct 2024 02:46:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 12 Oct 2024 02:46:42 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 12 Oct 2024 00:35:23 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 103948 x-xss-protection 0 server Google Tag Manager
GET H3	200	6615615b4e92d82289e9b0be_anomali%20logo%20white.svg cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	4 KB 2 KB	34ms 34ms	Image image/svg+xml	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/6615615b4e92d82289e9b0be_anomali%20logo%20white.svg Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21026ae446cd66adb152429d5879ada17fe91b4b60886eafbd27d804a1769b2a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-encoding br cf-cache-status HIT etag W/"a6393b53597b8de99191bc12c67d0e07" x-amz-version-id 1lquY8Qj.pIHb44zJPG0bxEJjiB_Wo3G age 1633198 alt-svc h3=":443"; ma=86400 date Sat, 12 Oct 2024 02:46:42 GMT content-type image/svg+xml last-modified Tue, 09 Apr 2024 15:40:15 GMT vary Accept-Encoding x-amz-id-2 fecHfRXSAaXWcVlGqcK16MfwehraaWlNQs9THPyEm7uU3CcZY58ovrRfVDK59qeYM96jIuMXIhub3SgvkUWLDQ== cache-control max-age=31536000, must-revalidate x-amz-request-id 76NDV4QS85HSDJCN cf-ray 8d13c2d15c3b0e0a-MXP access-control-allow-origin * server cloudflare x-amz-server-side-encryption AES256
GET H2	200	qoDoJNyyRbmVT4P2Ordu cdn.filestackcontent.com/	41 KB 41 KB	144ms 72ms	Image image/jpeg	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/qoDoJNyyRbmVT4P2Ordu Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0bff568eb06b4bd8d7cd557092b8d71c8c7d3767cac511c2b64b62ab68282ac4 Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers access-control-max-age 21600 access-control-expose-headers X-File-Name etag "5bcfa6179c7ab1069f75bfa389e8fa0c" age 1082291 access-control-allow-methods DELETE, GET, HEAD, POST, PUT filestack-trace-id 1727618910-6smoKaUpS0 x-cache HIT, HIT date Sat, 12 Oct 2024 02:46:42 GMT x-file-name 20231004T102826437521 content-type image/jpeg content-disposition inline; filename="20231004T102826437521" x-served-by cache-iad-kcgs7200124-IAD, cache-mxp6950-MXP last-modified Wed, 04 Oct 2023 05:33:02 GMT access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 55, 0 content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; cache-control public, max-age=2678400 x-timer S1728701202.221656,VS0,VE1 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 42050
GET H2	200	9taUbRQcTcGEQYAYxR1i cdn.filestackcontent.com/	94 KB 95 KB	98ms 26ms	Image image/jpeg	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/9taUbRQcTcGEQYAYxR1i Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash afd02656e7030cac4da601c01ee3cf3933d7da9fba96fde7fccdcd50707d2d0f Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers access-control-max-age 21600 access-control-expose-headers X-File-Name etag "7303eb957c446a318cfadcbd5bcb3e15" age 1695434 access-control-allow-methods DELETE, GET, HEAD, POST, PUT filestack-trace-id 1727005768-X4hSUy3gQ2 x-cache HIT, HIT date Sat, 12 Oct 2024 02:46:42 GMT x-file-name 20231004T102832728062 content-type image/jpeg content-disposition inline; filename="20231004T102832728062" x-served-by cache-iad-kcgs7200047-IAD, cache-mxp6950-MXP last-modified Wed, 04 Oct 2023 05:33:07 GMT access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 68, 0 content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; cache-control public, max-age=2678400 x-timer S1728701202.220447,VS0,VE1 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 96389
GET H2	200	JSr3TyJBQJisFMwSeyTa cdn.filestackcontent.com/	81 KB 82 KB	144ms 72ms	Image image/jpeg	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/JSr3TyJBQJisFMwSeyTa Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d440b90bdd74f8eddf324085accdb8a6a61544a721fcbf4169d55b1ad748fcfa Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers access-control-max-age 21600 access-control-expose-headers X-File-Name etag "baaf0d7acd02f96ec1fad3b6ce6531ad" age 1960665 access-control-allow-methods DELETE, GET, HEAD, POST, PUT filestack-trace-id 1726740536-ZsJtZeLjSl x-cache HIT, HIT date Sat, 12 Oct 2024 02:46:42 GMT x-file-name 20231004T102838538028 content-type image/jpeg content-disposition inline; filename="20231004T102838538028" x-served-by cache-iad-kjyo7100027-IAD, cache-mxp6950-MXP last-modified Wed, 04 Oct 2023 05:33:12 GMT access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 95, 0 content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; cache-control public, max-age=2678400 x-timer S1728701202.221991,VS0,VE1 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 82939
GET H2	200	HLvJBIh5Tp6JP05cEbNw cdn.filestackcontent.com/	7 KB 7 KB	142ms 70ms	Image image/jpeg	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/HLvJBIh5Tp6JP05cEbNw Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d50a1993679412c951819828f07e3b3f76da44943d09870fba26691d535d3552 Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers access-control-max-age 21600 access-control-expose-headers X-File-Name etag "b6b0fd76ccf9f5d2bd3a782ce3401780" age 97709 access-control-allow-methods DELETE, GET, HEAD, POST, PUT filestack-trace-id 1728603493-QrP30Xx6RC x-cache HIT, HIT date Sat, 12 Oct 2024 02:46:42 GMT x-file-name 20231004T102842387933 content-type image/jpeg content-disposition inline; filename="20231004T102842387933" x-served-by cache-iad-kcgs7200131-IAD, cache-mxp6950-MXP last-modified Wed, 04 Oct 2023 05:33:16 GMT access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 3, 0 content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; cache-control public, max-age=2678400 x-timer S1728701202.221300,VS0,VE1 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 7347
GET H3	200	648e723d858c34f4b18345ad_blog-static-kitten.webp cdn.prod.website-files.com/6454d31338f3f4b0b5ecdf5f/	149 KB 150 KB	56ms 56ms	Image image/webp	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6454d31338f3f4b0b5ecdf5f/648e723d858c34f4b18345ad_blog-static-kitten.webp Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53a921e86b3d776b26b0a4682f84c871502f697f08935d4770f8a91503e0302c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers cf-cache-status HIT etag "5aeaeb45f934d652f2cc5a1603f3f496" x-amz-version-id p6coqcihRE0bsCiRiKpOUeQBQH3WPxO9 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 date Sat, 12 Oct 2024 02:46:42 GMT content-type image/webp last-modified Wed, 15 May 2024 14:54:55 GMT vary Accept-Encoding x-amz-id-2 NAVi2iZzsL1T/MEaDa5Aiv6JckEN2JDRmd3nF90cNlH3l5pLgVYPjKrjhbvADAMGZ9SliK2og7k= cache-control max-age=84600, must-revalidate x-amz-request-id 61RCEQ9PRTM0SC7R cf-ray 8d13c2d1bc8b0e0a-MXP accept-ranges bytes access-control-allow-origin * content-length 152920 server cloudflare x-amz-server-side-encryption AES256
POST H3	200	landing pagead2.googlesyndication.com/pagead/	42 B 64 B	119ms 46ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5l1&tag_exp=101529666~101671035~101686685&rnd=2071333629.1728701202&url=https%3A%2F%2Fwww.anomali.com%2Fblog%2Fprobable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies&dma_cps=-&dma=1&npa=1&gtm=45He4a90n81KWSG6VVv812066187za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWSG6VV Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sat, 12 Oct 2024 02:46:42 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	fullcircle.js Show response d2i34c80a0ftze.cloudfront.net/	32 KB 11 KB	150ms 55ms	Script application/json	2600:9000:237d:5800:9:14eb:6280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=89e085f3-5a30-494c-87ce-c5df4aacd29b&domain=anomali.com Requested by Host: cmp.osano.com URL: https://cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:5800:9:14eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 45bb96056f7b320e59c64abb0258a874229d9bc86e39a56ea967ceeedcf25750 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-amz-apigw-id fdvW6F4tPHcEv4g= age 86144 x-amzn-trace-id Root=1-67089292-47ec4f4612951e895c1be87e;Parent=0fe37fbb7be08979;Sampled=0;Lineage=1:be50798f:0 x-amzn-requestid 8bd78c6f-df03-4e9d-8134-5b04a31f0ffb via 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront), 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id 63SMqczY4Mo5gy0wBqJzgh3HTNSB4vvEBJmYvLpMd2KTR2kvKfh25g== date Fri, 11 Oct 2024 02:50:58 GMT content-type application/json x-amz-cf-pop FRA56-C1, MUC50-P2 vary Accept-Encoding
GET		32eb5d75-e068-46fd-b036-81d5ce6e2f2f https://www.anomali.com/	0 0
GET		6b2e0c12-89eb-45be-a815-2cf92e1a911b https://www.anomali.com/	0 0
GET		f02822b8-da42-4216-8c86-a0b510fe4171 https://www.anomali.com/	0 0
OPTIONS H2	200	create st.fullcircleinsights.com/v1/visitors/	0 0	582ms 461ms	Preflight application/json	13.224.189.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visitors/create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-101.fra2.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers js-version,origin-fci,x-api-key Access-Control-Request-Method POST Origin https://www.anomali.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version access-control-allow-methods OPTIONS,POST access-control-allow-origin https://www.anomali.com content-length 1 content-type application/json date Sat, 12 Oct 2024 02:46:43 GMT via 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront) x-amz-apigw-id fhBrBF6xvHcERaw= x-amz-cf-id FXXfrI5dvPBF6dnu7yi1bHtHXrZH4S_vFqT2iaCaYPy5Rt4nQC2IWQ== x-amz-cf-pop FRA2-C1 x-amzn-requestid 48b4182e-0827-408e-b20f-ba7f9e63bbcb x-cache Miss from cloudfront
POST H2	200	create Show response st.fullcircleinsights.com/v1/visitors/	1 KB 2 KB	558ms 557ms	XHR application/json	13.224.189.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visitors/create Requested by Host: d2i34c80a0ftze.cloudfront.net URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=89e085f3-5a30-494c-87ce-c5df4aacd29b&domain=anomali.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-101.fra2.r.cloudfront.net Software / Resource Hash 19335e6a2555b0a47f0041241525fdd72d3a09f4223c887bb84aa5cd224d079d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 js-version 1.0.59 x-api-key IzsA4yOUOh9vPSgEBzJIg9sQK3xz2f6x2000qAXa origin-fci https://www.anomali.com Response headers strict-transport-security max-age=31536000; includeSubDomains x-amz-apigw-id fhBrFEYLPHcEZyw= x-amzn-trace-id Root=1-6709e313-548042b46f2a659611d66120;Parent=3b25b98b811583c3;Sampled=0;Lineage=1:7c392b7c:0 x-amzn-requestid 08682e0e-31e8-4ed9-912f-b26273f546dc via 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront) access-control-allow-origin https://www.anomali.com x-cache Miss from cloudfront content-length 1371 x-amz-cf-id p35NeOiFNqvhHtcUBAqHNnwM3IP-Mo-rQ846vKqQzX-ZZeIqSuwy9g== date Sat, 12 Oct 2024 02:46:43 GMT content-type application/json vary Origin x-amz-cf-pop FRA2-C1
GET H3	200	6682c02e3d847e70d6631aee_Anomali-favicon-32x32-2024.png cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	695 B 1 KB	33ms 33ms	Other image/png	104.18.160.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/6682c02e3d847e70d6631aee_Anomali-favicon-32x32-2024.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbf9835e17190bdedeab302ea139c4855a248d3679825de7baedffd1acf0097b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.anomali.com/ Response headers cf-cache-status HIT etag "726c63f08538fa1a187225cee5d9106d" x-amz-version-id 5UEJ_j13itfrgUQ91UFLFOzgBsskBZtP age 1633195 alt-svc h3=":443"; ma=86400 date Sat, 12 Oct 2024 02:46:42 GMT content-type image/png last-modified Mon, 01 Jul 2024 14:41:51 GMT vary Accept-Encoding x-amz-id-2 yjPm0oYBto8b0o+gak3+t3oTOmiUdfnUl7Z+sur8IHKW2p33f4WY2aDqTsjsiRxSP9vwR8jpN50= cache-control max-age=31536000, must-revalidate x-amz-request-id YG9N007V23QXSEN5 cf-ray 8d13c2d3fd2d0e0a-MXP accept-ranges bytes access-control-allow-origin * content-length 695 server cloudflare x-amz-server-side-encryption AES256
GET		492a5049-b5c9-4e4a-9104-f841571fd0c5 https://www.anomali.com/	0 0
OPTIONS H2	200	queue st.fullcircleinsights.com/v1/visits/	0 0	468ms 468ms	Preflight application/json	13.224.189.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visits/queue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-101.fra2.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers js-version,origin-fci,x-api-key Access-Control-Request-Method POST Origin https://www.anomali.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version access-control-allow-methods OPTIONS,POST access-control-allow-origin https://www.anomali.com content-length 1 content-type application/json date Sat, 12 Oct 2024 02:46:44 GMT via 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront) x-amz-apigw-id fhBrLE18vHcEaWw= x-amz-cf-id BPL--cDpb_KD71BS9EtITEuK8H8qUuWbTWfuj7i4PUhymuxBubL04Q== x-amz-cf-pop FRA2-C1 x-amzn-requestid 5ec54bd2-87e8-4289-bccf-e68f005426ef x-cache Miss from cloudfront
POST H2	200	queue Show response st.fullcircleinsights.com/v1/visits/	2 KB 3 KB	487ms 486ms	XHR application/json	13.224.189.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visits/queue Requested by Host: d2i34c80a0ftze.cloudfront.net URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=89e085f3-5a30-494c-87ce-c5df4aacd29b&domain=anomali.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-101.fra2.r.cloudfront.net Software / Resource Hash 86ad91ffc958179af1f86a3d39d7c1be86ea24d923ec33b1f6d2f880e2c0671f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 js-version 1.0.59 x-api-key IzsA4yOUOh9vPSgEBzJIg9sQK3xz2f6x2000qAXa origin-fci https://www.anomali.com Response headers strict-transport-security max-age=31536000; includeSubDomains x-amz-apigw-id fhBrQHwavHcEGAQ= x-amzn-trace-id Root=1-6709e314-4091b632639be58b3ffc986c;Parent=4099ec5744432737;Sampled=0;Lineage=1:adebd93c:0 x-amzn-requestid 76231ab8-16e8-4e82-8bfb-386b263f0468 via 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront) access-control-allow-origin https://www.anomali.com x-cache Miss from cloudfront content-length 2133 x-amz-cf-id 8L1MgTBe6NBDFpM4Gjw0Ahe1X9gcOQYIRWoY_jlbLJxWUXqChu3F_w== date Sat, 12 Oct 2024 02:46:44 GMT content-type application/json vary Origin x-amz-cf-pop FRA2-C1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.anomali.com

URL

blob:https://www.anomali.com/39742ec6-9223-4a29-90e4-b2065ee4ed54

Domain

www.anomali.com

URL

blob:https://www.anomali.com/32eb5d75-e068-46fd-b036-81d5ce6e2f2f

Domain

www.anomali.com

URL

blob:https://www.anomali.com/6b2e0c12-89eb-45be-a815-2cf92e1a911b

Domain

www.anomali.com

URL

blob:https://www.anomali.com/f02822b8-da42-4216-8c86-a0b510fe4171

Domain

www.anomali.com

URL

blob:https://www.anomali.com/492a5049-b5c9-4e4a-9104-f841571fd0c5

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| WebFont function| gtag object| dataLayer function| Osano function| __uspapi object| __WEBFLOW_CURRENCY_SETTINGS function| $ function| jQuery object| navbar number| navbarOffsetTop function| tram object| Webflow function| objectFitPolyfill function| prefillGCLIDField object| litHtmlVersions object| fsAttributes object| FsAttributes function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| formalyze string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| SLScoutObject function| slscout number| TRD_ACC_ID object| $jscomp object| fcdsc function| fcdscLoad function| ES6Promise

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.prod.website-files.com/	1970-01-21 00:11:43	Name: __cf_bm Value: Bq4gNSHhwdf.O7TQKHi33BZrOnuGHzb1y3pRA79hTP8-1728701201-1.0.1.1-ptxE._NbMuDP.bjHlu0n9uR.D96oFKYeYCyDG.qgA.C91sdmeM_Da61swqJmzOuauJBNHRTc9VyVcXbHXXYeYw
			.anomali.com/	1969-12-31 23:59:59	Name: _fcdscst Value: MTcyODcwMTIwMjUzMQ==
			.anomali.com/	1970-01-21 09:47:41	Name: _fcdscv Value: eyJDdXN0b21lcklkIjoiODllMDg1ZjMtNWEzMC00OTRjLTg3Y2UtYzVkZjRhYWNkMjliIiwiVmlzaXRvciI6eyJFbWFpbCI6bnVsbCwiRXh0ZXJuYWxWaXNpdG9ySWQiOiI4Yjg0YzgwZi01ZTZhLTRiZDctYTQ2YS01YTg4MThiMjliYWIifSwiVmlzaXRzIjpbXSwiQWN0aXZpdGllcyI6W10sIkRpYWdub3N0aWNNZXNzYWdlIjpudWxsfQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'none'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.filestackcontent.com
cdn.jsdelivr.net
cdn.prod.website-files.com
cmp.osano.com
code.jquery.com
d2i34c80a0ftze.cloudfront.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
platform-api.sharethis.com
st.fullcircleinsights.com
www.anomali.com
www.googletagmanager.com
xtlsm4.csb.app
www.anomali.com
104.18.160.117
108.138.34.29
13.224.189.101
142.250.184.226
142.250.184.227
151.101.2.133
172.64.151.115
18.102.16.191
2600:9000:237d:5800:9:14eb:6280:93a1
2600:9000:26db:8800:3:b7e:8940:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:827::200a
2a00:1450:4001:831::2008
2a04:4e42:600::485
2a04:4e42:600::649
54.230.228.73
0bff568eb06b4bd8d7cd557092b8d71c8c7d3767cac511c2b64b62ab68282ac4
19335e6a2555b0a47f0041241525fdd72d3a09f4223c887bb84aa5cd224d079d
21026ae446cd66adb152429d5879ada17fe91b4b60886eafbd27d804a1769b2a
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
43d76a85df959bc93903679070c5d68b06251cd7e7994cb0aa898e5888e06dc6
45bb96056f7b320e59c64abb0258a874229d9bc86e39a56ea967ceeedcf25750
53a921e86b3d776b26b0a4682f84c871502f697f08935d4770f8a91503e0302c
672b1743f14673d411bd623fd11fb61aae53ebfc87bef514a4bb266af3dc084e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8484a2a1479fbb9752e3ce7e4f4114ee8fce53be4d5967367cbbbcdca9e04dd0
85fc609e5f4be88f71531b0e71281d43a1f9cc411133d4fded489e803c9ea39a
86ad91ffc958179af1f86a3d39d7c1be86ea24d923ec33b1f6d2f880e2c0671f
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
afd02656e7030cac4da601c01ee3cf3933d7da9fba96fde7fccdcd50707d2d0f
d440b90bdd74f8eddf324085accdb8a6a61544a721fcbf4169d55b1ad748fcfa
d45839a1e6d42b34af059069de02a8e081f3a4fdeb60fe05772219933538062f
d489310a6012c5c6a8459f78f042dd049611ed44280dfe9cbef131c42a3352f2
d50a1993679412c951819828f07e3b3f76da44943d09870fba26691d535d3552
d9ca562c284fd1cded2600acb736c237bafd2d08a2cab958ce7727f04b291e2d
dbf9835e17190bdedeab302ea139c4855a248d3679825de7baedffd1acf0097b
e83dcf850ec0764e07d449b409dac2382a9c06cbc2e179a4ebf793e04bca2b6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f17d0d837fd914dd3273af7199514b694be5de9a3994fb3c72c8edeb74ed4f28
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e