www.secureworks.com Open in urlscan Pro
162.159.140.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.secureworks.com/research/threat-profiles/gold-rebellion
Submission: On October 31 via api (October 31st 2024, 6:04:02 am UTC) from SA — Scanned from DE

Summary HTTP 48 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 48 HTTP transactions. The main IP is 162.159.140.25, located in and belongs to CLOUDFLARENET, US. The main domain is www.secureworks.com.
TLS certificate: Issued by WE1 on September 3rd 2024. Valid for: 3 months.

This is the only time www.secureworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	162.159.140.25 162.159.140.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:235... 2600:9000:2359:b400:4:9e56:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.31.85.59 184.31.85.59	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
48	12

24 162.159.140.25 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
useast-www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2359:b400:4:9e56:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dam.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.85.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-85-59.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

725-smc-563.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	secureworks.com 1 redirects www.secureworks.com pages.secureworks.com — Cisco Umbrella Rank: 712162 useast-www.secureworks.com dam.secureworks.com	1 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	186 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3657	6 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	231 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	557 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	mktoresp.com 725-smc-563.mktoresp.com	318 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	306 B
0	google.de Failed www.google.de Failed
48	10

	Domain	Requested by
23	www.secureworks.com	1 redirects www.secureworks.com www.googletagmanager.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org www.secureworks.com
2	munchkin.marketo.net	www.secureworks.com munchkin.marketo.net
2	fonts.gstatic.com	www.secureworks.com
2	dam.secureworks.com	www.secureworks.com
2	www.googletagmanager.com	www.secureworks.com www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	725-smc-563.mktoresp.com	munchkin.marketo.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	useast-www.secureworks.com	www.secureworks.com
1	pages.secureworks.com	www.secureworks.com
0	www.google.de Failed
48	13

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
x.com
www.facebook.com
github.com
jobs.dell.com
investors.secureworks.com
portal.secureworks.com
pages.secureworks.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.secureworks.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
pages.secureworks.com WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
secureworks.bynder.com Amazon RSA 2048 M02	`2024-01-23` - `2025-02-20`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-15` - `2025-09-15`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Frame ID: 03426203388CA5B9D87763E429AC3F91
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GOLD REBELLION | Threat Profile Detail | Secureworks

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

48
Requests

96 %
HTTPS

55 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1607 kB
Transfer

5024 kB
Size

9
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/secureworks

Search URL Search Domain Scan URL

URL: https://x.com/secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secureworks

Search URL Search Domain Scan URL

URL: https://github.com/secureworks

Search URL Search Domain Scan URL

URL: https://jobs.dell.com/secureworks-jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://investors.secureworks.com/overview/default.aspx
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://portal.secureworks.com/portal/loginIDP
Title: Login

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/UnsubscribePage.html?mkt_unsubscribe=1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.secureworks.com/_next/static/chunks/358-a4832afffcf956db.js HTTP 301
https://useast-www.secureworks.com/_next/static/chunks/358-a4832afffcf956db.js

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gold-rebellion Show response
www.secureworks.com/research/threat-profiles/ 275 KB
63 KB 3605ms
3563ms Document
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171b486b0e17043cbf72caf7aa1465d069193077b2480536d495a8bff7d70ca6

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-MWJmYTMwNjEtN2E5Ny00NWRjLWIyOWYtYWY1ZjEyMjYxYzc2' 'sha256-PDj+y4dsjx//y3j3XeqRQfENwQq6pGv979Bj2gNKC2U=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' 'sha256-TZtgnurDy2HoHCI+ehO8j6c5zhggFWTaD7sk189UzKM=' 'sha256-gsbdg33D5bd9G0LZ0fXRG2gtuTHtE5/f0vcHrZgakbQ=' 'sha256-BXlqoZ7hukD5ysO0e9EKhq69GLrh8k9fWsZ10PXXdOc=' .secureworks.com https://play.vidyard.com https://code.jquery.com https://js-agent.newrelic.com https://bam.nr-data.net .gartner.com .gtnr.io .marketo.com https://play.vidyard.com .youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vidyard.com https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com web.secureworks.com id.rlcdn.com www.google.com .googletagmanager.com .google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com https://calculator.value-cloud.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8db171c9b8e99747-FRA
content-encoding: gzip
content-security-policy: script-src 'self' *.secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-MWJmYTMwNjEtN2E5Ny00NWRjLWIyOWYtYWY1ZjEyMjYxYzc2' 'sha256-PDj+y4dsjx//y3j3XeqRQfENwQq6pGv979Bj2gNKC2U=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' 'sha256-TZtgnurDy2HoHCI+ehO8j6c5zhggFWTaD7sk189UzKM=' 'sha256-gsbdg33D5bd9G0LZ0fXRG2gtuTHtE5/f0vcHrZgakbQ=' 'sha256-BXlqoZ7hukD5ysO0e9EKhq69GLrh8k9fWsZ10PXXdOc=' *.secureworks.com https://play.vidyard.com https://code.jquery.com https://js-agent.newrelic.com https://bam.nr-data.net *.gartner.com *.gtnr.io *.marketo.com https://play.vidyard.com *.youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com *.vidyard.com cdn.jsdelivr.net cm.teads.tv https://*.teads.tv https://*.jsdelivr.net https://*.vidyard.com https://*.vimeo.com https://*.vimeocdn.com *.vumbnail.com vumbnail.com content.secureworks.com *.secureworks.com web.secureworks.com id.rlcdn.com www.google.com *.googletagmanager.com *.google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com https://calculator.value-cloud.com *.secureworks.com; worker-src 'self' blob: data:;
content-type: text/html; charset=utf-8
date: Thu, 31 Oct 2024 06:03:56 GMT
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-forwarded-for: 80.255.10.198, 162.158.111.189:28896,::ffff:10.241.0.5
x-frame-options: DENY
x-mss-script-nonce: MWJmYTMwNjEtN2E5Ny00NWRjLWIyOWYtYWY1ZjEyMjYxYzc2
x-sc-rewrite: /_site_swxp-rendering/research/threat-profiles/gold-rebellion
x-xss-protection: 1; mode=block

GET
H2 200 initMunchkin.js Show response
www.secureworks.com/assets/js/ 565 B
568 B 404ms
403ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/initMunchkin.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

x-mss-script-nonce: YTU4YjNhODctNTE0MC00YmFiLTljZWEtMjlmY2FhOTIyZTI5
content-encoding: gzip
cf-cache-status: MISS
etag: W/"235-19276b42738"
x-forwarded-for: 80.255.10.198, 172.71.246.110:17808,::ffff:10.241.0.4
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 10:03:57 GMT
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 13:52:51 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: same-origin
cf-ray: 8db171e018d69747-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 forms2.min.js Show response
pages.secureworks.com/js/forms2/js/ 199 KB
67 KB 128ms
24ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.secureworks.com/js/forms2/js/forms2.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f144e3bc13095ce7d1b638b1b2cc50b52cd12312cba1323706f6e71e8ded1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "1aa0515-31b91-625a94749ea5e"
age: 3678
x-content-type-options: nosniff
cf-ray: 8db171e0bcff2c20-FRA
expires: Thu, 31 Oct 2024 10:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Oct 2024 03:27:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 reCaptchaClientSidev1-1-3.js Show response
www.secureworks.com/assets/js/ 3 KB
2 KB 138ms
135ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/reCaptchaClientSidev1-1-3.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

x-mss-script-nonce: NjU2ZDgzMDctMWFhNC00NzllLTg5OTUtMjZhM2IwNWZhZGY0
content-encoding: gzip
cf-cache-status: MISS
etag: W/"b7d-19276b42738"
x-forwarded-for: 80.255.10.198, 172.71.172.39:22560,::ffff:10.241.0.4
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 10:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 13:52:51 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: same-origin
cf-ray: 8db171e048f99747-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 marketo-form-custom.js Show response
www.secureworks.com/assets/js/ 23 KB
5 KB 402ms
398ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/js/marketo-form-custom.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c7e5a7ef0884b81be7638042f150b8093dca463210e86b4611cbb993a44ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

x-mss-script-nonce: YjNmZjAzZTUtNzE1OC00ZjkyLWI1ZTYtOGE2OTA3ZTVkMmRi
content-encoding: gzip
cf-cache-status: MISS
etag: W/"5a65-19276b42738"
x-forwarded-for: 80.255.10.198, 172.71.172.63:10384,::ffff:10.241.0.4
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 10:03:57 GMT
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 13:52:51 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: same-origin
cf-ray: 8db171e048fa9747-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 webpack-9395620247e36af4.js Show response
www.secureworks.com/_next/static/chunks/ 4 KB
2 KB 24ms
21ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/webpack-9395620247e36af4.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fd1-19276f48415"
age: 1775236
cf-ray: 8db171e048fc9747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:03:09 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 framework-0365125e11538b64.js Show response
www.secureworks.com/_next/static/chunks/ 206 KB
65 KB 31ms
28ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/framework-0365125e11538b64.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3373d-19276fae76a"
age: 1775266
cf-ray: 8db171e048fd9747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:10:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 main-2679873e9bfb727f.js Show response
www.secureworks.com/_next/static/chunks/ 146 KB
40 KB 29ms
26ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"246b8-19276f4d888"
age: 1775266
cf-ray: 8db171e048fe9747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:03:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _app-4d8dc20d107f5db5.js Show response
www.secureworks.com/_next/static/chunks/pages/ 94 KB
28 KB 34ms
31ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/pages/_app-4d8dc20d107f5db5.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d231365becf634c389842e08b617b4a4ea19b28c36ad5031a8d3987614b276b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1792b-19276fae76a"
age: 1775266
cf-ray: 8db171e049019747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:10:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 25c596ac-7a3f6f09e75c202c.js Show response
www.secureworks.com/_next/static/chunks/ 71 KB
15 KB 33ms
30ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/25c596ac-7a3f6f09e75c202c.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a2d6e6dafca1b7a34998ec81ce8a8c1b0369a85c91e552c1b65f4cdb3cf2b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"11af0-19276f64258"
age: 1775236
cf-ray: 8db171e049039747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:05:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 79320533-64dacc0a4e666d63.js Show response
www.secureworks.com/_next/static/chunks/ 240 KB
91 KB 33ms
31ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/79320533-64dacc0a4e666d63.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f658f4b539d5f56b5ffddf6bff1cc1b478912c7bff8fa22c5d6ff567cf2dfd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3bf59-19276f5d286"
age: 1775266
cf-ray: 8db171e049049747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:04:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

358-a4832afffcf956db.js Show response
useast-www.secureworks.com/_next/static/chunks/
Redirect Chain

https://www.secureworks.com/_next/static/chunks/358-a4832afffcf956db.js
https://useast-www.secureworks.com/_next/static/chunks/358-a4832afffcf956db.js

14 KB
14 KB

82ms
21ms

Script
application/javascript

162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast-www.secureworks.com/_next/static/chunks/358-a4832afffcf956db.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfe85823a24225f1340db1f3f0960bad7cf37707b7ac5ef3d8b310b636041c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: W/"3667-19276f64258"
age: 1775266
cf-ray: 8db171e0ddd5d379-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:05:03 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=3600
location: https://useast-www.secureworks.com/_next/static/chunks/358-a4832afffcf956db.js
cf-ray: 8db171e049079747-FRA
expires: Thu, 31 Oct 2024 07:03:56 GMT
content-length: 167
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 253-740042a2f36d3d0d.js Show response
www.secureworks.com/_next/static/chunks/ 1 MB
322 KB 33ms
31ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/253-740042a2f36d3d0d.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32476ea37a9747af2d15a70fee64c14fda042700925f4029804f7d836bd2bb23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"127946-19276f48415"
age: 1775266
cf-ray: 8db171e049099747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:03:09 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 121-5c9b198d678a7a9d.js Show response
www.secureworks.com/_next/static/chunks/ 23 KB
8 KB 35ms
32ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/121-5c9b198d678a7a9d.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5b1a-19276f4d898"
age: 1775236
cf-ray: 8db171e0490a9747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:03:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 %5B%5B...path%5D%5D-55da9aeca8d84201.js Show response
www.secureworks.com/_next/static/chunks/pages/ 630 KB
136 KB 35ms
33ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/chunks/pages/%5B%5B...path%5D%5D-55da9aeca8d84201.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b60f32a2fc7e2c35211345c0f3c562820a00b0924736e119ec2a36aaa62714c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9d6c8-19276f64248"
age: 1775237
cf-ray: 8db171e0490b9747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 15:05:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _buildManifest.js Show response
www.secureworks.com/_next/static/S8AWnDyj2zvEYi-G0WNP9/ 1 KB
612 B 35ms
33ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/S8AWnDyj2zvEYi-G0WNP9/_buildManifest.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38d5cdfb62d16d78f43c3f6ce350d231c8f4d735cce8eea805c7d2109c04c90f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"475-1927740f3fb"
age: 1758134
cf-ray: 8db171e0490c9747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 16:26:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _ssgManifest.js Show response
www.secureworks.com/_next/static/S8AWnDyj2zvEYi-G0WNP9/ 77 B
163 B 38ms
37ms Script
application/javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/static/S8AWnDyj2zvEYi-G0WNP9/_ssgManifest.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4d-1927740f3fb"
age: 1697910
cf-ray: 8db171e0490f9747-FRA
expires: Fri, 31 Oct 2025 06:03:56 GMT
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Oct 2024 16:26:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
116 KB 59ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

574e22e06d0568871bdd7804ab64e4ed81869245890b41ff08fd2036c821f63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 31 Oct 2024 06:03:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 118522
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 featured-resources-background.jpg
www.secureworks.com/-/media/branches/pages/search/ 106 KB
106 KB 41ms
39ms Image
image/jpeg 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/-/media/branches/pages/search/featured-resources-background.jpg?h=1024&iar=0&w=1601&hash=88B005632B056318381411EE56D8162F
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62ea573ec3a428d0daf6e03433837dd3959368c9551211ce901717166b7c268

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

cf-cache-status: HIT
etag: 4184e7411f6446ed870b69dd8d3e9221
age: 575029
cf-bgj: imgq:100,h2pri
expires: Thu, 07 Nov 2024 06:03:56 GMT
cf-polished: origSize=151984
date: Thu, 31 Oct 2024 06:03:56 GMT
content-type: image/jpeg
content-disposition: inline; filename="Featured-Resources-Background.jpg"
vary: Accept-Encoding
last-modified: Mon, 26 Jun 2023 15:48:01 GMT
cache-control: public, max-age=604800
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-ray: 8db171e059109747-FRA
accept-ranges: bytes
content-length: 108405
server: cloudflare

GET
H2 200 webimage-Dark-Background-Horizontal-Lines.png
dam.secureworks.com/m/7d5abe6711561f48/ 125 KB
126 KB 85ms
10ms Image
image/png 2600:9000:2359:b400:4:9e56:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dam.secureworks.com/m/7d5abe6711561f48/webimage-Dark-Background-Horizontal-Lines.png

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:b400:4:9e56:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

36b196773d59e3c73e78480e1da66a91dd3bca3a0a191dd6bbee8ab4153828ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/

Response headers

content-encoding: gzip
age: 155478
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: NgGMFStPszG4hN_WjBoT_M7cDb1dVYoJyq_T2kUsLXfwgAcmsYGnqw==
date: Tue, 29 Oct 2024 10:52:38 GMT
content-type: image/png
content-disposition: inline;filename="webimage-ED2BEDA5-FC25-4F3E-AEAD7F1DA5089F20.png"
strict-transport-security: max-age=63072000; includeSubdomains
x-api-correlation-id: 1d8c46ef-4544-d0cc-f4ed-4222da4014c4
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: nginx

GET
H3 200 _Xms-HUzqDCFdgfMm4S9DaRvzig.woff2
fonts.gstatic.com/s/figtree/v6/ 20 KB
20 KB 34ms
11ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v6/_Xms-HUzqDCFdgfMm4S9DaRvzig.woff2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

362f5e67a740e0439660eafc4e0ed3bf8ebbbe4b1b6fe5c7c02b24ac53f8f369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.secureworks.com
Referer: https://www.secureworks.com/

Response headers

age: 51792
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:40:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:40:44 GMT
last-modified: Fri, 27 Sep 2024 00:37:53 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20040
x-xss-protection: 0
server: sffe

GET
H3 200 EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 11 KB
11 KB 34ms
12ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.secureworks.com
Referer: https://www.secureworks.com/

Response headers

age: 165110
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 08:12:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 08:12:06 GMT
last-modified: Wed, 27 Apr 2022 15:12:16 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11212
x-xss-protection: 0
server: sffe

GET
H2 200 arrow-right.svg
www.secureworks.com/assets/background-image/ 243 B
392 B 1095ms
1093ms Image
image/svg+xml 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/assets/background-image/arrow-right.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b14348040f17891d6abf5eb3059d81a336cbf5567ee27e1de0a1dc30d4feac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

x-mss-script-nonce: ZmMzYjkzYzMtMDc4Ni00Y2I5LTljZmQtYzQyN2I0YmU1ZjQy
content-encoding: gzip
cf-cache-status: MISS
etag: W/"f3-19276b42738"
x-forwarded-for: 80.255.10.198, 172.70.251.12:48590,::ffff:10.241.0.5
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 10:03:57 GMT
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2024 13:52:51 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: same-origin
cf-ray: 8db171e089319747-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Secureworks-Logo
dam.secureworks.com/transform/2959ec59-0660-4764-ae8b-36104fe208bd/ 2 KB
2 KB 52ms
21ms Image
image/webp 2600:9000:2359:b400:4:9e56:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dam.secureworks.com/transform/2959ec59-0660-4764-ae8b-36104fe208bd/Secureworks-Logo?io=transform%3Afit%2Cheight%3A25%2Cwidth%3A195&format=webp&mw=256

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:b400:4:9e56:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5f491d5ac71ba621bc1373a9345f7815236cc035bc619d3ee102cf2f8e8ac3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

age: 11251875
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: fZPdjc9MrKHG15E3jbHDKe0tFoeessvLNbmcDb-K9E4deRCgx2zKxg==
date: Sun, 23 Jun 2024 00:32:41 GMT
content-type: image/webp
content-disposition: inline; filename="Secureworks-Logo.webp"; filename*=UTF-8''Secureworks-Logo.webp
strict-transport-security: max-age=63072000; includeSubdomains
x-api-correlation-id: 2cb8d984-d10c-a272-0cf4-ee62cde1f11d
cache-control: public, max-age=900, s-maxage=15552000
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
content-length: 1936
x-amz-cf-pop: FRA60-P10
server: nginx

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 39ms
19ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCF89704FFFE10
x-ms-lease-status: unlocked
age: 30536
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 21:35:01 GMT
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 03:57:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ff8af469-201e-00dc-19e7-2ac1d9000000
cf-ray: 8db171e1ad07a058-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 1bdee92e-dd5f-49d1-9ccb-9a788319e959.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/ 4 KB
2 KB 45ms
26ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/1bdee92e-dd5f-49d1-9ccb-9a788319e959.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a196e4de097dd36b17b733e79870c4f0ff76470dc3768c4b60b18470a43993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: fr+wwVqEdT/wGrK0bceNeA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCE948E7AD0BB5
age: 33742
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 01 Nov 2024 06:03:57 GMT
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/json
last-modified: Thu, 10 Oct 2024 16:30:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: bc811259-201e-00d7-4f4c-26d9ad000000
cf-ray: 8db171e1ff6e9214-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 58ms
11ms Script
application/x-javascript 184.31.85.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-85-59.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 57d030752d740552eb7759a0dd8e487e96ca86b03c0aa53a7e2b1c213ae74f5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding: gzip
ETag: "49bb20382072bfb6b798a6f4c6ab8354:1730261707.305765"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 746
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Date: Thu, 31 Oct 2024 06:03:57 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 30 Oct 2024 04:15:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 nanoTrackerv3-0-2.ashx Show response
www.secureworks.com/-/media/Assets/js/shared/ 16 KB
5 KB 1044ms
1043ms Script
application/x-javascript 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/-/media/Assets/js/shared/nanoTrackerv3-0-2.ashx
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

server: cloudflare
cache-control: public, max-age=603602
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: 61ebd904f1a645838256dff9b09d4ffa
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-ray: 8db171e1ea239747-FRA
accept-ranges: bytes
date: Thu, 31 Oct 2024 06:03:58 GMT
content-type: application/x-javascript
content-disposition: inline; filename="nanoTrackerv3-0-2.js"
vary: Accept-Encoding
last-modified: Wed, 16 Aug 2023 18:07:27 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 51ms
31ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8db171e25ff49290-FRA
access-control-allow-origin: *
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 9ms
9ms Script
application/x-javascript 184.31.85.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-85-59.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: max-age=8640000
Content-Encoding: gzip
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Connection: keep-alive
Expires: Sat, 08 Feb 2025 06:03:57 GMT
Accept-Ranges: bytes
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length: 4741
Date: Thu, 31 Oct 2024 06:03:57 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H/1.1 200
OK visitWebPage
725-smc-563.mktoresp.com/webevents/ 2 B
318 B 559ms
103ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://725-smc-563.mktoresp.com/webevents/visitWebPage?_mchNc=1730354637170&_mchCn=&_mchId=725-SMC-563&_mchTk=_mch-secureworks.com-1730354637169-39518&_mchHo=www.secureworks.com&_mchPo=&_mchRu=%2Fresearch%2Fthreat-profiles%2Fgold-rebellion&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
X-Request-Id: 404ff632-afbd-4396-a2f5-c455d31204eb
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Thu, 31 Oct 2024 06:03:57 GMT
Content-Type: text/plain; charset=UTF-8
Server: nginx/1.20.1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/ 457 KB
111 KB 23ms
22ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: Mq8sWt7aN99kE/VZ97+T8Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C88D357E6
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 10193
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 06:03:57 GMT
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 02:45:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 22d7a51e-001e-000c-58ed-247d7b000000
cf-ray: 8db171e28da4a058-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113760
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/656394c5-5fdf-4c85-81a1-9e463e3707ea/ 101 KB
20 KB 27ms
26ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/656394c5-5fdf-4c85-81a1-9e463e3707ea/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08df0f4460d759c9e2963e2ba6cecae34d1bba79d1c1081adad35f6495bceb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: BMq93mo/aUGJggRjfi3lPA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCE948E97D04B0
age: 31350
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 01 Nov 2024 06:03:57 GMT
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/json
last-modified: Thu, 10 Oct 2024 16:30:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 65f44f38-c01e-00ff-784d-26ae12000000
cf-ray: 8db171e4983f9214-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20083
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 404 emergency-response.json Show response
www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/contact/ 59 KB
15 KB 468ms
467ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/contact/emergency-response.json?path=contact&path=emergency-response
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87b60737396ed0b17f2ab6083bf6191abd20a383e387d4eae89e57cd0615d325

Request headers

x-nextjs-data: 1
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8db171e4fc539747-FRA
date: Thu, 31 Oct 2024 06:03:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 404 blog.json Show response
www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/ 59 KB
15 KB 468ms
468ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/blog.json?path=blog
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9eabd449e55d6a2a4eb03f20fe65808561c333cb77549aabc359d4694e30a07

Request headers

x-nextjs-data: 1
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8db171e4fc569747-FRA
date: Thu, 31 Oct 2024 06:03:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 404 threat-profiles.json Show response
www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/research/ 59 KB
15 KB 474ms
474ms Fetch
text/html 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/research/threat-profiles.json?path=research&path=threat-profiles
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b1ec7daec503e4c62f962c15a90b617a273b2d0bcf2c83d3aec34c740e7bb3

Request headers

x-nextjs-data: 1
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion
purpose: prefetch
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8db171e4fc589747-FRA
date: Thu, 31 Oct 2024 06:03:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 10 KB
3 KB 19ms
18ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: Kv0CD1LDdaN4tdf60mtXgA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C85824169
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 36628
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 453b55d9-e01e-002f-0fe9-1f12b0000000
cf-ray: 8db171e5185d9214-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2675
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/ 62 KB
13 KB 17ms
16ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: vNMewq08o3u2s0ZPUoZf8g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C86774DF1
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 36628
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: abbd1657-601e-0053-10e9-1f8f85000000
cf-ray: 8db171e5185e9214-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 24 KB
4 KB 19ms
19ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 36628
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=24745
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 02:45:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 05168491-601e-0058-37e9-1f97f1000000
cf-ray: 8db171e5185f9214-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
612 B 19ms
18ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/

Response headers

content-md5: pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 81414
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 16:01:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: d40a76fa-b01e-0015-3032-2a5113000000
cf-ray: 8db171e54f6ca058-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 20ms
19ms Fetch
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 59853
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Oct 2024 03:57:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: b0eda198-801e-0016-25aa-2a5214000000
cf-ray: 8db171e5587b9214-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 SW_logo_black_print.png
cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/ 22 KB
22 KB 19ms
19ms Image
image/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/SW_logo_black_print.png

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 2qjIoAdJjqAKBeXNXVdNEg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DBE459EC4B10B3
age: 46048
cf-cache-status: HIT
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: image/png
last-modified: Mon, 13 Nov 2023 15:05:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: eac810b7-b01e-0093-3b72-79e289000000
cf-ray: 8db171e55f7ea058-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22030
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 18ms
18ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 46963
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 06:03:57 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 16:01:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 0e0da7bd-401e-006d-7727-2a39a4000000
cf-ray: 8db171e55f80a058-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 368 KB
115 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bd8ea5bfb788013c614210a8175cae79fe526b0e7a1a10a3dcc05d91edea10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 31 Oct 2024 06:03:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 06:03:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 117441
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 favicon.ico
www.secureworks.com/assets/favicons/ 15 KB
9 KB 1057ms
1057ms Other
image/x-icon 162.159.140.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/assets/favicons/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fa30ae2f97f34bf61f99eebd2d2e033857d17204ffe231c2711c8b7458bf525

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.secureworks.com/research/threat-profiles/gold-rebellion

Response headers

x-mss-script-nonce: NTU1MmQyOWYtOTljNC00MTFlLWFkZjktM2M5Y2ZjMjlhNTFh
content-encoding: gzip
cf-cache-status: MISS
etag: W/"3aee-19276b42738"
x-forwarded-for: 80.255.10.198, 162.158.94.50:47016,::ffff:10.241.0.4
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 10:03:59 GMT
date: Thu, 31 Oct 2024 06:03:59 GMT
content-type: image/x-icon
last-modified: Thu, 10 Oct 2024 13:52:51 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: same-origin
cf-ray: 8db171e88eba9747-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 63ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je4as0v879063519z871332070za200zb71332070&_p=1730354636833&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1210580286.1730354638&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730354638&sct=1&seg=0&dl=https%3A%2F%2Fwww.secureworks.com%2Fresearch%2Fthreat-profiles%2Fgold-rebellion&dt=GOLD%20REBELLION%20%7C%20Threat%20Profile%20Detail%20%7C%20Secureworks&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=10&tfd=5100
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secureworks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 06:03:58 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 65ms
19ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-15MK64YNN6&cid=1210580286.1730354638&gtm=45je4as0v879063519z871332070za200zb71332070&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secureworks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 06:03:58 GMT
content-type: text/plain
server: Golfe2

GET ga-audiences
www.google.de/ads/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-15MK64YNN6&cid=1210580286.1730354638&gtm=45je4as0v879063519z871332070za200zb71332070&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&tag_exp=101533421~101823848~101878899~101878944~101925629&z=1575098324

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.secureworks.com/	1969-12-31 23:59:59	Name: sxa_site Value: swxp-rendering
.secureworks.com/	1970-01-21 00:39:16	Name: __cf_bm Value: T_24QfA_x_g712nfWuFjJLzu.V9P3ZSXXMpSr4HIbW8-1730354636-1.0.1.1-wxjpBWjxHukKHK9bFMuqLaKVt4t3bH0AOY2aVBIIHhFD6P6e0J84LUVuFqfzLBAe0Wl6LcbyZ.SaZAP3TkgFZQ
.pages.secureworks.com/	1970-01-21 00:39:16	Name: __cf_bm Value: TbO7VfP0pSyJY_P.2TayCkdN_73qslRmQmNAF24Wy08-1730354636-1.0.1.1-eYmNnQnH9VwAvMOFWAkqDWtqmSbOkRvcEaOlooM915kKqZpzgaxfZwtx.99BZHeuj2E4bKFsMbJ01yKC42WRZQ
.secureworks.com/	1970-01-21 10:15:14	Name: _mkto_trk Value: id:725-SMC-563&token:_mch-secureworks.com-1730354637169-39518
.secureworks.com/	1970-01-21 09:24:50	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Oct+31+2024+07%3A03%3A57+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202409.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=000b9d18-af9e-4c69-b341-a1d0572a8f11&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.secureworks.com%2Fresearch%2Fthreat-profiles%2Fgold-rebellion&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 8e6b59599cc829ba9612e33577bb08b3
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 8e6b59599cc829ba9612e33577bb08b3
.secureworks.com/	1970-01-21 10:15:14	Name: _ga Value: GA1.1.1210580286.1730354638
.secureworks.com/	1970-01-21 10:15:14	Name: _ga_15MK64YNN6 Value: GS1.1.1730354638.1.0.1730354638.60.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/contact/emergency-response.json?path=contact&path=emergency-response Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/blog.json?path=blog Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.secureworks.com/_next/data/S8AWnDyj2zvEYi-G0WNP9/en/research/threat-profiles.json?path=research&path=threat-profiles Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.secureworks.com/research/threat-profiles/gold-rebellion Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-15MK64YNN6&cid=1210580286.1730354638&gtm=45je4as0v879063519z871332070za200zb71332070&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&tag_exp=101533421~101823848~101878899~101878944~101925629&z=1575098324' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vidyard.com https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com web.secureworks.com id.rlcdn.com www.google.com .googletagmanager.com .google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' .secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-MWJmYTMwNjEtN2E5Ny00NWRjLWIyOWYtYWY1ZjEyMjYxYzc2' 'sha256-PDj+y4dsjx//y3j3XeqRQfENwQq6pGv979Bj2gNKC2U=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' 'sha256-TZtgnurDy2HoHCI+ehO8j6c5zhggFWTaD7sk189UzKM=' 'sha256-gsbdg33D5bd9G0LZ0fXRG2gtuTHtE5/f0vcHrZgakbQ=' 'sha256-BXlqoZ7hukD5ysO0e9EKhq69GLrh8k9fWsZ10PXXdOc=' .secureworks.com https://play.vidyard.com https://code.jquery.com https://js-agent.newrelic.com https://bam.nr-data.net .gartner.com .gtnr.io .marketo.com https://play.vidyard.com .youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com .vidyard.com cdn.jsdelivr.net cm.teads.tv https://.teads.tv https://.jsdelivr.net https://.vidyard.com https://.vimeo.com https://.vimeocdn.com .vumbnail.com vumbnail.com content.secureworks.com .secureworks.com web.secureworks.com id.rlcdn.com www.google.com .googletagmanager.com .google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com https://calculator.value-cloud.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

725-smc-563.mktoresp.com
cdn.cookielaw.org
dam.secureworks.com
fonts.gstatic.com
geolocation.onetrust.com
munchkin.marketo.net
pages.secureworks.com
region1.analytics.google.com
stats.g.doubleclick.net
useast-www.secureworks.com
www.google.de
www.googletagmanager.com
www.secureworks.com
www.google.de
104.17.72.206
142.250.185.195
162.159.140.25
184.31.85.59
192.28.144.124
2001:4860:4802:34::36
2600:9000:2359:b400:4:9e56:3e80:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2a00:1450:4001:80f::2008
2a00:1450:400c:c09::9b
01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29
08df0f4460d759c9e2963e2ba6cecae34d1bba79d1c1081adad35f6495bceb76
0b60f32a2fc7e2c35211345c0f3c562820a00b0924736e119ec2a36aaa62714c
0bd8ea5bfb788013c614210a8175cae79fe526b0e7a1a10a3dcc05d91edea10c
10f658f4b539d5f56b5ffddf6bff1cc1b478912c7bff8fa22c5d6ff567cf2dfd
171b486b0e17043cbf72caf7aa1465d069193077b2480536d495a8bff7d70ca6
1d231365becf634c389842e08b617b4a4ea19b28c36ad5031a8d3987614b276b
311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa
32476ea37a9747af2d15a70fee64c14fda042700925f4029804f7d836bd2bb23
362f5e67a740e0439660eafc4e0ed3bf8ebbbe4b1b6fe5c7c02b24ac53f8f369
36b196773d59e3c73e78480e1da66a91dd3bca3a0a191dd6bbee8ab4153828ab
38d5cdfb62d16d78f43c3f6ce350d231c8f4d735cce8eea805c7d2109c04c90f
3fa30ae2f97f34bf61f99eebd2d2e033857d17204ffe231c2711c8b7458bf525
535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632
54a196e4de097dd36b17b733e79870c4f0ff76470dc3768c4b60b18470a43993
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
574e22e06d0568871bdd7804ab64e4ed81869245890b41ff08fd2036c821f63e
57d030752d740552eb7759a0dd8e487e96ca86b03c0aa53a7e2b1c213ae74f5f
5b14348040f17891d6abf5eb3059d81a336cbf5567ee27e1de0a1dc30d4feac3
5dfe85823a24225f1340db1f3f0960bad7cf37707b7ac5ef3d8b310b636041c4
5f491d5ac71ba621bc1373a9345f7815236cc035bc619d3ee102cf2f8e8ac3c8
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62b1ec7daec503e4c62f962c15a90b617a273b2d0bcf2c83d3aec34c740e7bb3
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69a2d6e6dafca1b7a34998ec81ce8a8c1b0369a85c91e552c1b65f4cdb3cf2b4
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286
87b60737396ed0b17f2ab6083bf6191abd20a383e387d4eae89e57cd0615d325
8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0
b62ea573ec3a428d0daf6e03433837dd3959368c9551211ce901717166b7c268
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
d9eabd449e55d6a2a4eb03f20fe65808561c333cb77549aabc359d4694e30a07
e1c7e5a7ef0884b81be7638042f150b8093dca463210e86b4611cbb993a44ef3
e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
f144e3bc13095ce7d1b638b1b2cc50b52cd12312cba1323706f6e71e8ded1e2c

www.secureworks.com Open in urlscan Pro 162.159.140.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

55 %IPv6

10 Domains

13 Subdomains

12 IPs

4 Countries

1607 kBTransfer

5024 kBSize

9 Cookies

9 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secureworks.com Open in urlscan Pro
162.159.140.25 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

55 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1607 kB
Transfer

5024 kB
Size

9
Cookies

48 HTTP transactions
0 data transactions