www.anomali.com Open in urlscan Pro
34.249.200.254  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Show response www.anomali.com/blog/	158 KB 42 KB	281ms 66ms	Document text/html	34.249.200.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-200-254.eu-west-1.compute.amazonaws.com Software / Resource Hash c4760139b51c03912ee4b7f74992b8ca9ee0ab0a92c8a0bf79a049dae5dd9b52 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 185402 content-encoding gzip content-length 42018 content-security-policy frame-ancestors 'self' content-type text/html date Tue, 03 Sep 2024 10:53:14 GMT feature-policy none referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000 vary Accept-Encoding,x-wf-forwarded-proto x-cache HIT, HIT x-cache-hits 4, 0 x-cluster-name eu-west-1-prod-hosting-red x-content-type-options nosniff x-frame-options sameorigin x-lambda-id 47bc9ff9-3af3-4082-a520-338c75b9464d x-served-by cache-iad-kiad7000099-IAD, cache-dub4328-DUB x-timer S1725360794.164774,VS0,VE1
GET H3	200	anomali-staging.3a664e347.min.css cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/	408 KB 70 KB	85ms 66ms	Stylesheet text/css	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a23bbf8ed9d4e4a32dfd1bdcbc97e6ce16a76def9e2ae58e59da95102909678f Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:14 GMT content-encoding gzip x-amz-version-id qcuRzKrbSxbb0jXkhqu5GqbhTh0u2SDJ cf-cache-status HIT x-amz-request-id ERC51PP8KKZ6PRJV age 306712 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 71201 x-amz-id-2 YAbDJUSYjF1lUwm1QZ/PoKMzlSEgttadkfse0Yz3VsSaTypm8v/yGZdGVb0JABxSYeBLdq47tKg= last-modified Fri, 30 Aug 2024 21:30:07 GMT server cloudflare etag "fdf39b3aebcc7cf559f634a3d963f18d" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8bd531e4085b3a85-FRA
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	36ms 8ms	Script text/javascript	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 31 Aug 2024 19:42:59 GMT content-encoding gzip x-content-type-options nosniff age 227415 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Aug 2025 19:42:59 GMT
GET H2	200	osano.js Show response cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/	247 KB 64 KB	279ms 253ms	Script application/javascript	2600:9000:266e:b200:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/osano.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:b200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 20669a9d7bc578d5fa3d109fcbf0048908510f9247c8496bea5d13b11f1a66e5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:14 GMT content-encoding br via 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop FRA56-P8 x-cache Miss from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 64466 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 16 Jul 2024 02:54:56 GMT server CloudFront etag "f0bbecbbe9f8528372d5b6579e733e90" x-frame-options SAMEORIGIN vary Origin content-type application/javascript; charset=utf-8 cache-control public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform x-amz-cf-id YZygUM9b0KK1o7PaSY_hv3_gBkqdWnXC7XWfgwGvBFLz1fbgOuHWZA==
GET H2	200	selectcustom.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-selectcustom@1/	9 KB 5 KB	44ms 22ms	Script application/javascript	2606:4700::6812:bb1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-selectcustom@1/selectcustom.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8484a2a1479fbb9752e3ce7e4f4114ee8fce53be4d5967367cbbbcdca9e04dd0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:14 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24555 x-jsd-version 1.7.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4102 x-served-by cache-fra-eddf8230148-FRA, cache-lga21932-LGA x-jsd-version-type version server cloudflare etag W/"23ef-wbgrWUa/ZXM+koU2XOMBQKJgVmo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8LGIRDrDQUKebODwwrjwlY%2FntjfcVNK0Bkkftz%2F2NQRWCw7NBvsTYuXQfW5GaeQFZvqYoS65l9VQebiHPiWDFgXEJ5AREFrLqhcj35w5sTZt6R%2BubA5z5mayu%2BI3QHCioX%2FAtc%2FUk2CBsCqvx4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin * cf-ray 8bd531e5d9c09944-FRA
GET H3	200	blog.css xtlsm4.csb.app/	513 KB 68 KB	931ms 897ms	Stylesheet text/css	2606:4700:4400::6812:248d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xtlsm4.csb.app/blog.css Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:248d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43d76a85df959bc93903679070c5d68b06251cd7e7994cb0aa898e5888e06dc6 Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT content-encoding gzip via 1.1 google cf-cache-status MISS last-modified Tue, 03 Sep 2024 10:53:15 GMT server cloudflare vary Accept-Encoding content-type text/css cache-control private, max-age=0, no-cache, no-store cf-ray 8bd531e41fc818d7-FRA alt-svc h3=":443"; ma=86400 x-request-id F_G2gGzlxbF2raotfFuD
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	206 KB 46 KB	43ms 7ms	Script text/javascript	3.160.150.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-46.fra60.r.cloudfront.net Software / Resource Hash 98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:50:56 GMT content-encoding gzip via 1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA60-P7 age 138 etag W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8 edge-control cache-maxage=60m,downstream-ttl=60m cache-control max-age=600, public x-cache Hit from cloudfront x-amz-cf-id dRB3ONbw5t9tiFVRtPhKVywX3EbPaLHIT0oHJ-dE_x74F58neFmf7g==
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	22ms 7ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:14 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 3378540 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 30875 x-served-by cache-lga21931-LGA, cache-fra-eddf8230042-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1725360794.237388,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 8, 187017
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	27ms 7ms	Script application/javascript	52.222.232.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6453db2ad32b573c40a15c49 Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-47.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://www.anomali.com/ Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 06:38:49 GMT content-encoding br via 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront) age 15266 x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id wkqzLLbNG2vw_6Mw1CllUSd0p3QmM0d_yPTDZR3uN8-lZBJUryoFgQ==
GET H3	200	anomali-staging.246796653.js Show response cdn.prod.website-files.com/6453db2ad32b573c40a15c49/js/	1 MB 218 KB	56ms 56ms	Script text/javascript	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/js/anomali-staging.246796653.js Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32713f0873ecf9a56cce4526ef05919b2ab6b5f5a69f5d751335489d4faaddf2 Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:14 GMT content-encoding gzip x-amz-version-id AUKC.4MLpG.heP9IpO7SHLachBwnU72e cf-cache-status HIT x-amz-request-id ZC6YQ6984QM9YST6 age 180050 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 222637 x-amz-id-2 Oi3nOXpEmc68Kj39114IdT1A+2bqvllFNClEIjD/A0zJhFMRX4eknY3cMsqYDsvAAHC+RagAdu8= last-modified Sun, 01 Sep 2024 07:00:53 GMT server cloudflare etag "672305c7b738f21e7c4f4d079038330c" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8bd531e408653a85-FRA
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	42ms 19ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 14a0a164405f76ea7ed19434c989a9c60cb714f82ef84aaf8acaa105f83cd9b7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 03 Sep 2024 10:53:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 03 Sep 2024 10:24:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 03 Sep 2024 10:53:14 GMT
GET H2	200	TK3iWkUHHAIjg752GT8G.woff2 fonts.gstatic.com/s/oswald/v53/	28 KB 28 KB	30ms 7ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 21:42:08 GMT x-content-type-options nosniff age 306666 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28512 x-xss-protection 0 last-modified Tue, 15 Aug 2023 18:44:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Aug 2025 21:42:08 GMT
GET		b4288914-ceaa-40b2-8229-c926b542826d https://www.anomali.com/	0 0
GET H2	200	gtm.js Show response www.googletagmanager.com/	283 KB 99 KB	81ms 34ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KWSG6VV Requested by Host: cmp.osano.com URL: https://cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7b341d233e06c7fb5575ea6706c81554ab8fbeb01fddb849f7b8848166a719b8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 101272 x-xss-protection 0 last-modified Tue, 03 Sep 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 03 Sep 2024 10:53:15 GMT
GET H3	200	66171942909f9039a2b9ef9e_AvenirNext-Regular-08.ttf cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	411 KB 412 KB	68ms 58ms	Font application/x-font-ttf	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/66171942909f9039a2b9ef9e_AvenirNext-Regular-08.ttf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 047d2ea7c05a9c044d04a275fbc347e40eb2fbc0c545d4c801c8abe1390fcdd3 Request headers Referer https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id KsvtYpLXFwwyyKqnLZaT3etw.JKXP2eW cf-cache-status HIT x-amz-request-id 04PFW3FT8TDXKGRS age 660611 x-amz-server-side-encryption AES256 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 421096 x-amz-id-2 ByzehDSdIr+vt71LflDDo/wlwe2ZTEWnIgYp/OOQNoOjr+6giwVwzPJlP2SKhhs6OQgVIgPycRg= last-modified Wed, 10 Apr 2024 22:57:10 GMT server cloudflare etag "459f7aa757f6e4ba56ecfa8ba6584651" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bd531eb1f90d2ab-FRA
GET H3	200	66171942ff17953391a5cdbe_AvenirNext-Bold-01.ttf cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	319 KB 320 KB	27ms 19ms	Font application/x-font-ttf	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/66171942ff17953391a5cdbe_AvenirNext-Bold-01.ttf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e09a6375ed8cdd60e1d92f319cfe45ecfb6769b5f208b9b5b77b414d5136f12 Request headers Referer https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id oJvkGQWnYU96KRvBNcBBi.EoIZup8z0r cf-cache-status HIT x-amz-request-id 04P7FYFAC5RDW0CP age 661929 x-amz-server-side-encryption AES256 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 327060 x-amz-id-2 1YnA4VR8Dq/V6TIDNNpE8236Xn3FwrNAUT7kZXxURh4EhiT8fglk7QhcOboLZ8sTFgW50dn932M= last-modified Wed, 10 Apr 2024 22:57:08 GMT server cloudflare etag "961a5b497efb53d9976d56409c0076aa" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bd531eb1f8cd2ab-FRA
GET H3	200	6615615b4e92d82289e9b0be_anomali%20logo%20white.svg cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	4 KB 2 KB	20ms 20ms	Image image/svg+xml	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/6615615b4e92d82289e9b0be_anomali%20logo%20white.svg Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21026ae446cd66adb152429d5879ada17fe91b4b60886eafbd27d804a1769b2a Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id 1lquY8Qj.pIHb44zJPG0bxEJjiB_Wo3G content-encoding br cf-cache-status HIT x-amz-request-id 76NDV4QS85HSDJCN age 7925106 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 fecHfRXSAaXWcVlGqcK16MfwehraaWlNQs9THPyEm7uU3CcZY58ovrRfVDK59qeYM96jIuMXIhub3SgvkUWLDQ== last-modified Tue, 09 Apr 2024 15:40:15 GMT server cloudflare etag W/"a6393b53597b8de99191bc12c67d0e07" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate cf-ray 8bd531eb09b23a85-FRA
GET H2	200	qoDoJNyyRbmVT4P2Ordu cdn.filestackcontent.com/	41 KB 42 KB	151ms 98ms	Image image/jpeg	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/qoDoJNyyRbmVT4P2Ordu Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0bff568eb06b4bd8d7cd557092b8d71c8c7d3767cac511c2b64b62ab68282ac4 Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT via 1.1 varnish, 1.1 varnish content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; age 1206553 x-cache HIT, HIT content-disposition inline; filename="20231004T102826437521" content-length 42050 x-served-by cache-iad-kcgs7200124-IAD, cache-fra-eddf8230151-FRA last-modified Wed, 04 Oct 2023 05:33:02 GMT x-timer S1725360795.438197,VS0,VE90 etag "5bcfa6179c7ab1069f75bfa389e8fa0c" x-file-name 20231004T102826437521 access-control-max-age 21600 access-control-allow-methods DELETE, GET, HEAD, POST, PUT content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-File-Name cache-control public, max-age=2678400 filestack-trace-id 1721388471-cempnDOWSM accept-ranges bytes access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 13, 0
GET H2	200	9taUbRQcTcGEQYAYxR1i cdn.filestackcontent.com/	94 KB 94 KB	65ms 12ms	Image image/jpeg	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/9taUbRQcTcGEQYAYxR1i Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash afd02656e7030cac4da601c01ee3cf3933d7da9fba96fde7fccdcd50707d2d0f Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT via 1.1 varnish, 1.1 varnish content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; age 1290956 x-cache HIT, HIT content-disposition inline; filename="20231004T102832728062" content-length 96389 x-served-by cache-iad-kcgs7200047-IAD, cache-fra-eddf8230151-FRA last-modified Wed, 04 Oct 2023 05:33:07 GMT x-timer S1725360795.438419,VS0,VE1 etag "7303eb957c446a318cfadcbd5bcb3e15" x-file-name 20231004T102832728062 access-control-max-age 21600 access-control-allow-methods DELETE, GET, HEAD, POST, PUT content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-File-Name cache-control public, max-age=2678400 filestack-trace-id 1718843730-m2B53pvQT9 accept-ranges bytes access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 1, 0
GET H2	200	JSr3TyJBQJisFMwSeyTa cdn.filestackcontent.com/	81 KB 82 KB	61ms 8ms	Image image/jpeg	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/JSr3TyJBQJisFMwSeyTa Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d440b90bdd74f8eddf324085accdb8a6a61544a721fcbf4169d55b1ad748fcfa Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT via 1.1 varnish, 1.1 varnish content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; age 1290956 x-cache HIT, HIT content-disposition inline; filename="20231004T102838538028" content-length 82939 x-served-by cache-iad-kjyo7100027-IAD, cache-fra-eddf8230151-FRA last-modified Wed, 04 Oct 2023 05:33:12 GMT x-timer S1725360795.438391,VS0,VE1 etag "baaf0d7acd02f96ec1fad3b6ce6531ad" x-file-name 20231004T102838538028 access-control-max-age 21600 access-control-allow-methods DELETE, GET, HEAD, POST, PUT content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-File-Name cache-control public, max-age=2678400 filestack-trace-id 1724069839-HXuwC2LRQ6 accept-ranges bytes access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 14, 0
GET H2	200	HLvJBIh5Tp6JP05cEbNw cdn.filestackcontent.com/	7 KB 7 KB	63ms 10ms	Image image/jpeg	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.filestackcontent.com/HLvJBIh5Tp6JP05cEbNw Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d50a1993679412c951819828f07e3b3f76da44943d09870fba26691d535d3552 Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT via 1.1 varnish, 1.1 varnish content-security-policy default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline'; age 1290956 x-cache HIT, HIT content-disposition inline; filename="20231004T102842387933" content-length 7347 x-served-by cache-iad-kcgs7200131-IAD, cache-fra-eddf8230151-FRA last-modified Wed, 04 Oct 2023 05:33:16 GMT x-timer S1725360795.438265,VS0,VE1 etag "b6b0fd76ccf9f5d2bd3a782ce3401780" x-file-name 20231004T102842387933 access-control-max-age 21600 access-control-allow-methods DELETE, GET, HEAD, POST, PUT content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-File-Name cache-control public, max-age=2678400 filestack-trace-id 1716120018-KZwYBE8yT8 accept-ranges bytes access-control-allow-headers Content-Type, X-No-Stream x-cache-hits 15, 0
GET H3	200	66171942cd726008102d3cc8_AvenirNext-DemiBold-03.ttf cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	258 KB 259 KB	17ms 16ms	Font application/x-font-ttf	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/66171942cd726008102d3cc8_AvenirNext-DemiBold-03.ttf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8cb88806c736fd2290bb736748d40efbc05e974e516dec1f0e7c7f773967771 Request headers Referer https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id HSUlnCLJsw8WGyxpwZTQwFXsMG9syHee cf-cache-status HIT x-amz-request-id 04P1VZZVXWP86JG0 age 660611 x-amz-server-side-encryption AES256 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 264472 x-amz-id-2 kd82AxCjDtKLQaWJba/SKEPizS2QbUWCW0hpAOZ+nxMnl93Fdyf1Oy84ePRcivi6b0IywbYkthI= last-modified Wed, 10 Apr 2024 22:57:09 GMT server cloudflare etag "3250f67d61cfbe0327a8b9fa1cc49ef9" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bd531eb9929d2ab-FRA
GET H3	200	66171942f934e87d1481504b_AvenirNext-Medium-06.ttf cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	271 KB 272 KB	20ms 20ms	Font application/x-font-ttf	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/66171942f934e87d1481504b_AvenirNext-Medium-06.ttf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cd66a0034ecb97c61f801034cfd85e4399bed0e0492a176e3c049ecf7b2bd97 Request headers Referer https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id CccAduqathDGUCTlwgl2Oya8V1E0TTgL cf-cache-status HIT x-amz-request-id R19G6JY528928NX4 age 660611 x-amz-server-side-encryption AES256 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 277920 x-amz-id-2 Gf4EKWcat8HMBhEQOE0ZbjBtRx15Gn2ySz2AqAEWyVYowr473bz+rsSYOVW4JuLiadpP3nnbBOI= last-modified Wed, 10 Apr 2024 22:57:09 GMT server cloudflare etag "1bc7e17c02cf498f92dcb4bec1d7c639" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bd531eb9930d2ab-FRA
GET H3	200	66171945928e72342e463d1c_AvenirNext-Italic-05.ttf cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	403 KB 403 KB	28ms 27ms	Font application/x-font-ttf	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/66171945928e72342e463d1c_AvenirNext-Italic-05.ttf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5923bf41699a1b2a94c86b3b3c3c1f738f967ec8e1b513d66fe4c8fb5e33dfc Request headers Referer https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id 4ND9H835YSzs68xPI_dWL4bCltfN2AoX cf-cache-status HIT x-amz-request-id MXVKC3PN3PXF0Z5Q age 660611 x-amz-server-side-encryption AES256 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 412484 x-amz-id-2 JOC4O01VWgjMjtBpPAZ9uZFm3uY4F7HstJDk1puuLIpwZU/W401PHnFQvOC/S5ciDC+tdgPLNT4= last-modified Wed, 10 Apr 2024 22:57:10 GMT server cloudflare etag "660a5cfa3a369e8f8bc2f81f8e283ddf" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bd531eb9937d2ab-FRA
GET H3	200	6617194241dd645cf851d5ec_AvenirNext-BoldItalic-02.ttf cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	310 KB 311 KB	43ms 43ms	Font application/x-font-ttf	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/6617194241dd645cf851d5ec_AvenirNext-BoldItalic-02.ttf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4397050649ca85148dc83637c73d7eea6b335072f4eba440c9656be77c44d710 Request headers Referer https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/css/anomali-staging.3a664e347.min.css Origin https://www.anomali.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id 4BhVik6l4z9O1JD9o8zh0Jxv2E2eeCOK cf-cache-status HIT x-amz-request-id 4TCE0KW0BDY09BCC x-amz-server-side-encryption AES256 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 317616 x-amz-id-2 IdQphJXN2omFH/xFdnfpT3xJfreXgyBQhD/cVH/9RccdNukz2/EWZgJvtJGBnztxOdIYQ+CB0W9c21rsqgdvlA== last-modified Wed, 10 Apr 2024 22:57:09 GMT server cloudflare etag "eb6aac1b8372e1d1ea879bb36da390d4" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bd531eb9939d2ab-FRA
GET H3	200	648e723d858c34f4b18345ad_blog-static-kitten.webp cdn.prod.website-files.com/6454d31338f3f4b0b5ecdf5f/	149 KB 150 KB	22ms 22ms	Image image/webp	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/6454d31338f3f4b0b5ecdf5f/648e723d858c34f4b18345ad_blog-static-kitten.webp Requested by Host: www.anomali.com URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53a921e86b3d776b26b0a4682f84c871502f697f08935d4770f8a91503e0302c Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id p6coqcihRE0bsCiRiKpOUeQBQH3WPxO9 cf-cache-status HIT x-amz-request-id Y4PAKW616HMVYH7A age 10346 x-amz-server-side-encryption AES256 x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 152920 x-amz-id-2 V7fcGa3FX+JkaXefjzsGf5GV2ihL2yydAqMZxzjh32crzjEb+5ZFUJuuhNzsU879LiyaxVg9ZlCmPxK6T5EEW/iQKFo0u2im865XuJnu7E0= last-modified Wed, 15 May 2024 14:54:55 GMT server cloudflare etag "5aeaeb45f934d652f2cc5a1603f3f496" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes cf-ray 8bd531eb9a653a85-FRA
POST H3	200	landing pagead2.googlesyndication.com/pagead/	42 B 64 B	42ms 24ms	Ping image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5l1&tag_exp=0&rnd=688007593.1725360796&url=https%3A%2F%2Fwww.anomali.com%2Fblog%2Fprobable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies&dma_cps=-&dma=1&npa=1&gtm=45He48s0n81KWSG6VVv812066187za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWSG6VV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 03 Sep 2024 10:53:15 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fullcircle.js Show response d2i34c80a0ftze.cloudfront.net/	32 KB 11 KB	41ms 7ms	Script application/json	2600:9000:275b:f600:9:14eb:6280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=89e085f3-5a30-494c-87ce-c5df4aacd29b&domain=anomali.com Requested by Host: cmp.osano.com URL: https://cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275b:f600:9:14eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 45bb96056f7b320e59c64abb0258a874229d9bc86e39a56ea967ceeedcf25750 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:09:08 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront), 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-C1, FRA60-P7 age 2647 x-amzn-requestid 211066d7-497b-4c61-8e3e-0ee1b6754030 x-amzn-trace-id Root=1-66d6e044-41933271160514012f8663a8;Parent=2d64284615c414af;Sampled=0;lineage=1:be50798f:0 vary Accept-Encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * x-amz-apigw-id dhf6vHA9vHcENmA= x-amz-cf-id tWogeK4L38ONlqDMU9uyk5Xkt1oZyADoOabp4KALeGCEsOrihETI3w==
GET		2966f108-4462-4af3-834d-f6108af7133b https://www.anomali.com/	0 0
GET		1d421e6e-1021-40ee-b65d-4daa40a058c2 https://www.anomali.com/	0 0
GET		9e8f5693-a461-45d8-a744-b3804ad8d1a2 https://www.anomali.com/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	326 KB 106 KB	45ms 44ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0C1RCJMXY1&l=dataLayer&cx=c Requested by Host: cmp.osano.com URL: https://cmp.osano.com/169utVU8UqaBo10ut/7ca9deb5-f1d5-4659-a2c1-a4fbef660f0c/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bc5b03275aa795bf05935c5a68227a489bf75c9a697e848b44209f92dcc0bd5d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108594 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Sep 2024 10:53:15 GMT
OPTIONS H2	200	create st.fullcircleinsights.com/v1/visitors/	0 0	518ms 417ms	Preflight application/json	18.239.50.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visitors/create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-38.ams58.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers js-version,origin-fci,x-api-key Access-Control-Request-Method POST Origin https://www.anomali.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version access-control-allow-methods OPTIONS,POST access-control-allow-origin https://www.anomali.com content-length 1 content-type application/json date Tue, 03 Sep 2024 10:53:16 GMT via 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) x-amz-apigw-id dhmYcEaHPHcErOQ= x-amz-cf-id jdN2dWvvnvRzQovd0MyD8Q8vbsOWaUwyggDX_C6wBAe2HcN2bvZ22Q== x-amz-cf-pop AMS58-P3 x-amzn-requestid 468b17b6-017d-4ab6-a21e-ec426cb636ae x-cache Miss from cloudfront
POST H2	200	create Show response st.fullcircleinsights.com/v1/visitors/	1 KB 2 KB	466ms 464ms	XHR application/json	18.239.50.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visitors/create Requested by Host: d2i34c80a0ftze.cloudfront.net URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=89e085f3-5a30-494c-87ce-c5df4aacd29b&domain=anomali.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-38.ams58.r.cloudfront.net Software / Resource Hash 8ff7bd04641ca142deac634c9b9808f57faeaa352f70ad7c067db9ef6d18b4c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers origin-fci https://www.anomali.com Referer https://www.anomali.com/ js-version 1.0.59 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 x-api-key IzsA4yOUOh9vPSgEBzJIg9sQK3xz2f6x2000qAXa Content-Type text/plain;charset=UTF-8 Response headers date Tue, 03 Sep 2024 10:53:16 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P3 x-amzn-trace-id Root=1-66d6ea9c-48df93fa071997a96ae18af9;Parent=1bbbd1e3d12a7691;Sampled=0;lineage=1:7c392b7c:0 x-amzn-requestid 874f37b3-22bc-4c98-82bb-23802cca22d8 vary Origin x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://www.anomali.com x-amz-apigw-id dhmYgFYNPHcEbIg= content-length 1369 x-amz-cf-id OHH0urzXvjnNtJ79NOmp8kIP1td-5BgeVyzvYNmTpQ8C94BDqvzrIg==
POST H2	204	collect region1.google-analytics.com/g/	0 0	63ms 15ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-0C1RCJMXY1&gtm=45je48s0v893056100z8812066187za200zb812066187&_p=1725360794562&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=374273403.1725360796&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1725360795&sct=1&seg=0&dl=https%3A%2F%2Fwww.anomali.com%2Fblog%2Fprobable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies&dt=Probable%20Iranian%20Cyber%20Actors%2C%20Static%20Kitten%2C%20Conducting%20Cyberespionage%20Campaign%20Targeting%20UAE%20and%20Kuwait%20Government%20Agencies&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1811 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0C1RCJMXY1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 03 Sep 2024 10:53:15 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.anomali.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	6682c02e3d847e70d6631aee_Anomali-favicon-32x32-2024.png cdn.prod.website-files.com/6453db2ad32b573c40a15c49/	695 B 1 KB	22ms 21ms	Other image/png	2606:4700:4400::6812:22e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/6453db2ad32b573c40a15c49/6682c02e3d847e70d6631aee_Anomali-favicon-32x32-2024.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbf9835e17190bdedeab302ea139c4855a248d3679825de7baedffd1acf0097b Request headers Referer https://www.anomali.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 10:53:15 GMT x-amz-version-id 5UEJ_j13itfrgUQ91UFLFOzgBsskBZtP cf-cache-status HIT x-amz-request-id YG9N007V23QXSEN5 age 629716 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 695 x-amz-id-2 yjPm0oYBto8b0o+gak3+t3oTOmiUdfnUl7Z+sur8IHKW2p33f4WY2aDqTsjsiRxSP9vwR8jpN50= last-modified Mon, 01 Jul 2024 14:41:51 GMT server cloudflare etag "726c63f08538fa1a187225cee5d9106d" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bd531ed7c993a85-FRA
GET		9ddbbd74-5abe-478b-8493-f068f6ca55a9 https://www.anomali.com/	0 0
POST H2	200	queue Show response st.fullcircleinsights.com/v1/visits/	2 KB 3 KB	448ms 445ms	XHR application/json	18.239.50.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visits/queue Requested by Host: d2i34c80a0ftze.cloudfront.net URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=89e085f3-5a30-494c-87ce-c5df4aacd29b&domain=anomali.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-38.ams58.r.cloudfront.net Software / Resource Hash fc9592047983c7380f2fcf7b6a240e25ba6b6d45686517cbde280da46cbc9cd4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers origin-fci https://www.anomali.com Referer https://www.anomali.com/ js-version 1.0.59 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 x-api-key IzsA4yOUOh9vPSgEBzJIg9sQK3xz2f6x2000qAXa Content-Type text/plain;charset=UTF-8 Response headers date Tue, 03 Sep 2024 10:53:17 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P3 x-amzn-trace-id Root=1-66d6ea9d-2576863429bca18855db20d1;Parent=32aa004962807aa8;Sampled=0;lineage=1:adebd93c:0 x-amzn-requestid 0872d98e-b971-40e8-a003-25c9147ed525 vary Origin x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://www.anomali.com x-amz-apigw-id dhmYmE-sPHcERQA= content-length 2130 x-amz-cf-id XTP5xPlDxNCdNGKTMOf6IA1sFEP_Lzia9r58H1dL-q8Cdx53bL5ISQ==
OPTIONS H2	200	queue st.fullcircleinsights.com/v1/visits/	0 0	151ms 150ms	Preflight application/json	18.239.50.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.fullcircleinsights.com/v1/visits/queue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-38.ams58.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers js-version,origin-fci,x-api-key Access-Control-Request-Method POST Origin https://www.anomali.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version access-control-allow-methods OPTIONS,POST access-control-allow-origin https://www.anomali.com content-length 1 content-type application/json date Tue, 03 Sep 2024 10:53:16 GMT via 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) x-amz-apigw-id dhmYiF0BPHcEZ-Q= x-amz-cf-id VHdtrBz5zz1fL6GYyoLGHiWFqlCv4aHAQAHaNyuOKxlC7M4-OsjrkA== x-amz-cf-pop AMS58-P3 x-amzn-requestid 5bab067a-8ae0-406d-89e6-303fae1fa0f8 x-cache Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.anomali.com

URL

blob:https://www.anomali.com/b4288914-ceaa-40b2-8229-c926b542826d

Domain

www.anomali.com

URL

blob:https://www.anomali.com/2966f108-4462-4af3-834d-f6108af7133b

Domain

www.anomali.com

URL

blob:https://www.anomali.com/1d421e6e-1021-40ee-b65d-4daa40a058c2

Domain

www.anomali.com

URL

blob:https://www.anomali.com/9e8f5693-a461-45d8-a744-b3804ad8d1a2

Domain

www.anomali.com

URL

blob:https://www.anomali.com/9ddbbd74-5abe-478b-8493-f068f6ca55a9