urlscan.io logo urlscan.io
SecurityTrails logo

www.secureworks.com Open in urlscan Pro
162.159.140.25  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Submission: On October 07 via api from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 2 countries across 36 domains to perform 152 HTTP transactions. The main IP is 162.159.140.25, located in and belongs to CLOUDFLARENET, US. The main domain is www.secureworks.com.
TLS certificate: Issued by WE1 on September 3rd 2024. Valid for: 3 months.
This is the only time www.secureworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 162.159.140.25 13335 (CLOUDFLAR...)
2 104.17.70.206 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
2 173.194.68.94 15169 (GOOGLE)
3 23.13.172.203 16625 (AKAMAI-AS)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.28.144.124 15224 (OMNITURE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
14 23.205.106.71 20940 (AKAMAI-ASN1)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
6 104.19.148.8 13335 (CLOUDFLAR...)
2 2a04:4e42::396 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.160.18.68 16509 (AMAZON-02)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 146.75.28.157 54113 (FASTLY)
4 23.50.125.47 16625 (AKAMAI-AS)
1 1 68.67.153.60 29990 (ASN-APPNEX)
2 3 68.67.160.75 29990 (ASN-APPNEX)
1 2600:9000:27c... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 34.111.208.231 396982 (GOOGLE-CL...)
1 151.101.65.140 54113 (FASTLY)
1 151.101.193.140 54113 (FASTLY)
2 142.251.174.157 15169 (GOOGLE)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
5 152.199.2.76 15133 (EDGECAST)
2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 18.160.18.33 16509 (AMAZON-02)
2 172.217.197.105 15169 (GOOGLE)
1 3.167.72.96 16509 (AMAZON-02)
1 3.139.205.23 16509 (AMAZON-02)
1 18.165.98.98 16509 (AMAZON-02)
1 18.67.65.33 16509 (AMAZON-02)
2 75.2.108.141 16509 (AMAZON-02)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 23.62.161.51 16625 (AKAMAI-AS)
1 35.244.142.80 396982 (GOOGLE-CL...)
1 18.160.10.89 16509 (AMAZON-02)
6 192.28.155.3 15224 (OMNITURE)
1 2 3.33.220.150 16509 (AMAZON-02)
2 18.67.76.97 16509 (AMAZON-02)
4 20.122.63.128 8075 (MICROSOFT...)
2 2600:1901:1:7... 396982 (GOOGLE-CL...)
1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 99.84.191.94 16509 (AMAZON-02)
1 13.249.39.46 16509 (AMAZON-02)
4 23.13.165.166 16625 (AKAMAI-AS)
152 54
23    162.159.140.25 (None, )

ASN13335 (CLOUDFLARENET, US)
www.secureworks.com
2    104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)
pages.secureworks.com
5    2607:f8b0:400d:c0e::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:24f5:2200:4:9e56:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
dam.secureworks.com
2    173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net
fonts.gstatic.com
3    23.13.172.203 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-172-203.deploy.static.akamaitechnologies.com
munchkin.marketo.net
11    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
725-smc-563.mktoresp.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
14    23.205.106.71 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-71.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
3    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    2606:4700::6812:1347 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
1    18.160.18.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-68.iad12.r.cloudfront.net
js.driftt.com
1    2600:1408:c400:58::17d5:9e52 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    23.50.125.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-47.deploy.static.akamaitechnologies.com
p.teads.tv
cm.teads.tv
fledge.teads.tv
1    68.67.153.60 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net
s.ml-attr.com
3    68.67.160.75 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    2600:9000:27c5:6a00:5:7a81:86c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
attr.ml-api.io
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c09::9b (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2607:f8b0:400d:c01::9d (Morganton, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com
ibc-flow.techtarget.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    142.251.174.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f157.1e100.net
googleads.g.doubleclick.net
1    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
5    152.199.2.76 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
cdn.bizibly.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2600:1408:c400:d::17cd:6a49 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
2    18.160.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-33.iad12.r.cloudfront.net
js.driftt.com
2    172.217.197.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f105.1e100.net
www.google.com
1    3.167.72.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-72-96.iad61.r.cloudfront.net
js.adsrvr.org
1    3.139.205.23 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-205-23.us-east-2.compute.amazonaws.com
tracking.crazyegg.com
1    18.165.98.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-98.iad55.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.67.65.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-33.iad89.r.cloudfront.net
assets-tracking.crazyegg.com
2    75.2.108.141 (United States)

ASN16509 (AMAZON-02, US)
PTR: afe865822f884bb48.awsglobalaccelerator.com
eps.6sc.co
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    23.62.161.51 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-161-51.deploy.static.akamaitechnologies.com
t.teads.tv
1    35.244.142.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
1    18.160.10.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-89.iad12.r.cloudfront.net
tag.demandbase.com
6    192.28.155.3 (United States)

ASN15224 (OMNITURE, US)
abrtp2-cdn.marketo.com
abrtp2.marketo.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    18.67.76.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-97.iad89.r.cloudfront.net
v.eps.6sc.co
4    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
2    2600:1901:1:7c5:: (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
pixels.spotify.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
1    99.84.191.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-94.iad89.r.cloudfront.net
segments.company-target.com
1    13.249.39.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-46.iad89.r.cloudfront.net
api.company-target.com
4    23.13.165.166 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-165-166.deploy.static.akamaitechnologies.com
rtp-static.marketo.com
Apex Domain
Subdomains		 Transfer
26 secureworks.com
www.secureworks.com
pages.secureworks.com — Cisco Umbrella Rank: 712162
dam.secureworks.com
875 KB
19 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5626
c.6sc.co — Cisco Umbrella Rank: 6951
ipv6.6sc.co — Cisco Umbrella Rank: 5794
eps.6sc.co — Cisco Umbrella Rank: 11869
b.6sc.co — Cisco Umbrella Rank: 3611
v.eps.6sc.co — Cisco Umbrella Rank: 16729
25 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
185 KB
10 marketo.com
abrtp2-cdn.marketo.com — Cisco Umbrella Rank: 62817
rtp-static.marketo.com — Cisco Umbrella Rank: 20384
abrtp2.marketo.com — Cisco Umbrella Rank: 61528
322 KB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2568
tracking.crazyegg.com — Cisco Umbrella Rank: 4786
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7957
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7992
98 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
c.clarity.ms — Cisco Umbrella Rank: 1236
p.clarity.ms — Cisco Umbrella Rank: 6522
30 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
5 KB
6 teads.tv
p.teads.tv — Cisco Umbrella Rank: 5978
cm.teads.tv — Cisco Umbrella Rank: 4762
fledge.teads.tv — Cisco Umbrella Rank: 7771
t.teads.tv — Cisco Umbrella Rank: 3297
7 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
509 KB
4 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 9266
26 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
128 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
c.bing.com — Cisco Umbrella Rank: 190
17 KB
3 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1520
segments.company-target.com — Cisco Umbrella Rank: 1534
api.company-target.com — Cisco Umbrella Rank: 4087
860 B
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1442
insight.adsrvr.org — Cisco Umbrella Rank: 945
match.adsrvr.org — Cisco Umbrella Rank: 373
13 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 479
3 KB
3 driftt.com
js.driftt.com — Cisco Umbrella Rank: 6590
62 KB
3 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 25487
ibc-flow.techtarget.com — Cisco Umbrella Rank: 23670
2 KB
3 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3657
6 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 812
773 B
2 spotify.com
pixels.spotify.com — Cisco Umbrella Rank: 3275
271 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
px4.ads.linkedin.com Failed
967 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 5931
23 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 3973
22 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 13274
204 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
394 B
1 t.co
t.co — Cisco Umbrella Rank: 859
629 B
1 ml-api.io
attr.ml-api.io — Cisco Umbrella Rank: 18180
281 B
1 ml-attr.com
s.ml-attr.com — Cisco Umbrella Rank: 16506
284 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
318 B
1 mktoresp.com
725-smc-563.mktoresp.com
318 B
0 adoberesources.net Failed
assets.adoberesources.net Failed
152 36
Domain Requested by
23 www.secureworks.com www.secureworks.com
www.googletagmanager.com
pages.secureworks.com
11 b.6sc.co
11 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 abrtp2.marketo.com abrtp2-cdn.marketo.com
cdn.bizible.com
5 www.googletagmanager.com www.secureworks.com
www.googletagmanager.com
4 rtp-static.marketo.com abrtp2-cdn.marketo.com
4 p.clarity.ms cdn.bizible.com
4 cdn.bizible.com www.googletagmanager.com
cdn.bizible.com
3 td.doubleclick.net www.googletagmanager.com
3 secure.adnxs.com 2 redirects j.6sc.co
3 js.driftt.com www.secureworks.com
js.driftt.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 munchkin.marketo.net www.secureworks.com
munchkin.marketo.net
2 id.rlcdn.com 2 redirects
2 pixels.spotify.com cdn.pdst.fm
2 v.eps.6sc.co cdn.bizible.com
2 t.teads.tv p.teads.tv
2 c.clarity.ms 1 redirects
2 eps.6sc.co cdn.bizible.com
2 www.google.com
2 cm.teads.tv p.teads.tv
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 px.ads.linkedin.com snap.licdn.com
cdn.bizible.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 ibc-flow.techtarget.com trk.techtarget.com
2 analytics.google.com www.googletagmanager.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 j.6sc.co www.googletagmanager.com
j.6sc.co
2 fonts.gstatic.com www.secureworks.com
2 pages.secureworks.com www.secureworks.com
pages.secureworks.com
1 api.company-target.com cdn.bizible.com
1 segments.company-target.com
1 s.company-target.com tag.demandbase.com
1 match.adsrvr.org js.adsrvr.org
1 insight.adsrvr.org 1 redirects
1 abrtp2-cdn.marketo.com www.secureworks.com
1 tag.demandbase.com www.secureworks.com
1 cdn.pdst.fm www.secureworks.com
1 fledge.teads.tv p.teads.tv
1 c.bing.com 1 redirects
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 tracking.crazyegg.com script.crazyegg.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.bizibly.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 analytics.twitter.com
1 t.co
1 alb.reddit.com
1 pixel-config.reddit.com www.redditstatic.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 attr.ml-api.io
1 s.ml-attr.com 1 redirects
1 p.teads.tv www.googletagmanager.com
1 static.ads-twitter.com www.secureworks.com
1 snap.licdn.com www.secureworks.com
1 trk.techtarget.com www.secureworks.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 725-smc-563.mktoresp.com munchkin.marketo.net
1 dam.secureworks.com www.secureworks.com
0 assets.adoberesources.net Failed pages.secureworks.com
0 px4.ads.linkedin.com Failed
152 64

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com
Subject Issuer Validity Valid
www.secureworks.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
pages.secureworks.com
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
secureworks.bynder.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-20		 a year crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-12-11		 a year crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-15 -
2025-09-15		 a year crt.sh
geolocation.onetrust.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
6sc.co
R10		 2024-09-23 -
2024-12-22		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3		 2024-08-02 -
2024-12-31		 5 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
trk.techtarget.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
drift.com
Amazon RSA 2048 M03		 2024-07-30 -
2025-08-27		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
teads.tv
R10		 2024-09-02 -
2024-12-01		 3 months crt.sh
*.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
ibc-flow.techtarget.com
WR3		 2024-08-28 -
2024-11-26		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
t.co
E5		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-09 -
2024-11-07		 a year crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-07 -
2025-07-08		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-09-11 -
2025-03-11		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-30		 a year crt.sh
eps.6sc.co
Amazon RSA 2048 M03		 2024-08-27 -
2025-09-25		 a year crt.sh
cdn.pdst.fm
WR3		 2024-09-13 -
2024-12-12		 3 months crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2024-08-27 -
2025-09-28		 a year crt.sh
*.marketo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-10 -
2025-08-10		 a year crt.sh
v.eps.6sc.co
Amazon RSA 2048 M03		 2024-09-06 -
2025-10-05		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.spotify.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-05 -
2025-02-04		 a year crt.sh
*.company-target.com
R11		 2024-08-15 -
2024-11-13		 3 months crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2024-08-13 -
2025-09-14		 a year crt.sh

This page contains 11 frames:

Primary Page: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Frame ID: D9F32FE6D7A51830357D85DAE502FF3F
Requests: 131 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-15MK64YNN6&gacid=1209576449.1728283603&gtm=45je4a20v879063519z871332070za200zb71332070&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=726785017
Frame ID: A3764E32AAF3B2393016DAF74FE9CC1B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10934024932?random=1728283603025&cv=11&fst=1728283603025&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a20v870813510z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 5E8928A06407FB681348D3FBBCA4F28E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/648366107?random=1728283603089&cv=11&fst=1728283603089&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a20v889968102z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 1A6AFC48EBFEE30B31D71D668B4F888A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=bc3a8657-e851-4920-af47-ddfa992c8506&sessionStarted=1728283603.425&campaignRefreshToken=08c5eaf3-44ec-465b-aca3-a0573377a308&hideController=false&pageLoadStartTime=1728283601076&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.
Frame ID: 7F79BB9636FD1B27357096320CFA9871
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1728283601076
Frame ID: 66FFC4B14E98F2792CCF4F76C13C7FF2
Requests: 1 HTTP requests in this frame

Frame: https://tracking.crazyegg.com/clock?t=1&tk=30a8be1af0ff6647f2a6a004fc2fb241&u=976279&s=361865&p=%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&v=cc93264fe5f3a79fb7d0e69efcdb2faa8431e5c3&f=secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&ul=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.
Frame ID: 54FB681E886ADA665C560D8DE7F2724D
Requests: 3 HTTP requests in this frame

Frame: https://fledge.teads.tv/v1/interest-group/tag.html
Frame ID: A33AD4E032A76030E111056BB5C0BE8C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&upid=gn5z6gn&upv=1.1.0&paapi=1
Frame ID: 44BD4968FB5B44DDFC04152AEB2B71B2
Requests: 1 HTTP requests in this frame

Frame: https://pages.secureworks.com/dtp-200.html?&_mkt_trk=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220
Frame ID: 85B7E7AD7226AE7C3A1DD0E0F3DB28CE
Requests: 5 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: A3EF31CC33110E70A1E7B0F1B207C2FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 | Secureworks

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

152
Requests

93 %
HTTPS

30 %
IPv6

36
Domains

64
Subdomains

54
IPs

2
Countries

2305 kB
Transfer

7217 kB
Size

75
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=www.secureworks.com&pId=6460002570760170798
Request Chain 72
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers. HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1728283603161%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%252Fblog%252Ffake-human-verification-prompt-delivers-infostealers.%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true&liSync=true HTTP 0
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true&liSync=true&e_ipv6=AQK9jbgfv1xZnQAAAZJluvOrfBP9jRQgOKCzh14Fnemf6JOQMXIc8zWH1P6P0wigBOcJXw
Request Chain 100
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7DA5093B1F41458387EAD84061CFA3A4&RedC=c.clarity.ms&MXFR=1DAE4A6F29D462782DB45F7E2DD46CA5 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DA5093B1F41458387EAD84061CFA3A4&MUID=0D059407DB356FC33EA48116DAB16EAC
Request Chain 110
  • https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&upid=gn5z6gn&upv=1.1.0&paapi=1 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&upid=gn5z6gn&upv=1.1.0&paapi=1
Request Chain 125
  • https://id.rlcdn.com/464526.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNSHjrgGEgUI6AcQAEIASgA HTTP 307
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297yWx2Hp_XUbmw4HtXdP8pw0nU7f2aILi6jgum0RUjCOI

152 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fake-human-verification-prompt-delivers-infostealers.
www.secureworks.com/blog/ 		70 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31682995ec8676c8e675c9786ab0cb64db8afeda42bd162c610ecd6a6978c86f
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-OTA2MzE5NjAtNWMzMi00NTIwLTgyNjMtNTQ5OTE0ZDc3Mjhj' 'sha256-PDj+y4dsjx//y3j3XeqRQfENwQq6pGv979Bj2gNKC2U=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' 'sha256-TZtgnurDy2HoHCI+ehO8j6c5zhggFWTaD7sk189UzKM=' 'sha256-gsbdg33D5bd9G0LZ0fXRG2gtuTHtE5/f0vcHrZgakbQ=' 'sha256-BXlqoZ7hukD5ysO0e9EKhq69GLrh8k9fWsZ10PXXdOc=' *.secureworks.com https://play.vidyard.com https://code.jquery.com https://js-agent.newrelic.com https://bam.nr-data.net *.gartner.com *.gtnr.io *.marketo.com https://play.vidyard.com *.youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com *.vidyard.com cdn.jsdelivr.net cm.teads.tv https://*.teads.tv https://*.jsdelivr.net https://*.vidyard.com https://*.vimeo.com https://*.vimeocdn.com *.vumbnail.com vumbnail.com content.secureworks.com *.secureworks.com web.secureworks.com id.rlcdn.com www.google.com *.googletagmanager.com *.google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com https://calculator.value-cloud.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8cebef6bb9f928fa-LAX
content-encoding
gzip
content-security-policy
script-src 'self' *.secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-OTA2MzE5NjAtNWMzMi00NTIwLTgyNjMtNTQ5OTE0ZDc3Mjhj' 'sha256-PDj+y4dsjx//y3j3XeqRQfENwQq6pGv979Bj2gNKC2U=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' 'sha256-TZtgnurDy2HoHCI+ehO8j6c5zhggFWTaD7sk189UzKM=' 'sha256-gsbdg33D5bd9G0LZ0fXRG2gtuTHtE5/f0vcHrZgakbQ=' 'sha256-BXlqoZ7hukD5ysO0e9EKhq69GLrh8k9fWsZ10PXXdOc=' *.secureworks.com https://play.vidyard.com https://code.jquery.com https://js-agent.newrelic.com https://bam.nr-data.net *.gartner.com *.gtnr.io *.marketo.com https://play.vidyard.com *.youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com *.vidyard.com cdn.jsdelivr.net cm.teads.tv https://*.teads.tv https://*.jsdelivr.net https://*.vidyard.com https://*.vimeo.com https://*.vimeocdn.com *.vumbnail.com vumbnail.com content.secureworks.com *.secureworks.com web.secureworks.com id.rlcdn.com www.google.com *.googletagmanager.com *.google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com https://calculator.value-cloud.com *.secureworks.com; worker-src 'self' blob: data:;
content-type
text/html; charset=utf-8
date
Mon, 07 Oct 2024 06:46:41 GMT
permissions-policy
camera=(), geolocation=(), microphone=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-forwarded-for
162.245.206.245, 172.69.33.18:28186,::ffff:10.241.0.4
x-frame-options
DENY
x-mss-script-nonce
OTA2MzE5NjAtNWMzMi00NTIwLTgyNjMtNTQ5OTE0ZDc3Mjhj
x-xss-protection
1; mode=block
initMunchkin.js
www.secureworks.com/assets/js/ 		565 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/assets/js/initMunchkin.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

x-mss-script-nonce
M2Y5NjUzNWEtZjdjZS00YTllLWE1ZGYtZTZlNWMzODVjOThh
content-encoding
gzip
cf-cache-status
MISS
etag
W/"235-1917b34f590"
x-forwarded-for
162.245.206.245, 172.70.214.195:21052,::ffff:10.241.0.4
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 10:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 22 Aug 2024 17:49:14 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=14400
referrer-policy
same-origin
cf-ray
8cebef7afbb528fa-LAX
permissions-policy
camera=(), geolocation=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
forms2.min.js
pages.secureworks.com/js/forms2/js/ 		199 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.secureworks.com/js/forms2/js/forms2.min.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0602c4fb1597b7e6e111fe79777e195cacbc73774fcaf233a7835b33372dceae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"1aa0495-31b91-62370c030d900"
age
5996
x-content-type-options
nosniff
cf-ray
8cebef7d2e7067e3-SJC
expires
Mon, 07 Oct 2024 10:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/x-javascript
last-modified
Tue, 01 Oct 2024 21:10:28 GMT
vary
Accept-Encoding
server
cloudflare
reCaptchaClientSidev1-1-3.js
www.secureworks.com/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/assets/js/reCaptchaClientSidev1-1-3.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

x-mss-script-nonce
NDlhN2EwZjQtNWU2Ny00MDA1LWIxMWItODA3MDUyZGI4Njcw
content-encoding
gzip
cf-cache-status
MISS
etag
W/"b7d-1917b34f590"
x-forwarded-for
162.245.206.245, 162.158.90.45:48760,::ffff:10.241.0.6
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 10:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 22 Aug 2024 17:49:14 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=14400
referrer-policy
same-origin
cf-ray
8cebef7b2be528fa-LAX
permissions-policy
camera=(), geolocation=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
marketo-form-custom.js
www.secureworks.com/assets/js/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/assets/js/marketo-form-custom.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c7e5a7ef0884b81be7638042f150b8093dca463210e86b4611cbb993a44ef3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

x-mss-script-nonce
ZmZlZjlmMWYtNDZkNS00NzY0LWE5N2YtYmZjMTkyMjk0YTQ0
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5a65-1917b34f590"
x-forwarded-for
162.245.206.245, 172.71.155.63:63520,::ffff:10.241.0.4
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 10:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 22 Aug 2024 17:49:14 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=14400
referrer-policy
same-origin
cf-ray
8cebef7b2be728fa-LAX
permissions-policy
camera=(), geolocation=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
webpack-9395620247e36af4.js
www.secureworks.com/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/webpack-9395620247e36af4.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"fd1-190c7e10106"
age
6878495
cf-ray
8cebef7b2be828fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 18 Jul 2024 22:05:30 GMT
vary
Accept-Encoding
server
cloudflare
framework-0365125e11538b64.js
www.secureworks.com/_next/static/chunks/ 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/framework-0365125e11538b64.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"3373d-190c7e10106"
age
6878495
cf-ray
8cebef7b2be928fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 18 Jul 2024 22:05:30 GMT
vary
Accept-Encoding
server
cloudflare
main-2679873e9bfb727f.js
www.secureworks.com/_next/static/chunks/ 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/main-2679873e9bfb727f.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"246b8-190c7cc8b1d"
age
5811158
cf-ray
8cebef7b2bec28fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 18 Jul 2024 21:43:09 GMT
vary
Accept-Encoding
server
cloudflare
_app-64e49294a235dde8.js
www.secureworks.com/_next/static/chunks/pages/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/pages/_app-64e49294a235dde8.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96e7a1f4b27a31840d3c6f72b2a5c44a9cbd0601682852f797c008e51ac2723

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"178f1-1917c08cfc4"
age
3919531
cf-ray
8cebef7b2bed28fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 22 Aug 2024 21:40:37 GMT
vary
Accept-Encoding
server
cloudflare
25c596ac-7a3f6f09e75c202c.js
www.secureworks.com/_next/static/chunks/ 		71 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/25c596ac-7a3f6f09e75c202c.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a2d6e6dafca1b7a34998ec81ce8a8c1b0369a85c91e552c1b65f4cdb3cf2b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"11af0-190c7e10106"
age
6878495
cf-ray
8cebef7b2bee28fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 18 Jul 2024 22:05:30 GMT
vary
Accept-Encoding
server
cloudflare
79320533-64dacc0a4e666d63.js
www.secureworks.com/_next/static/chunks/ 		240 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/79320533-64dacc0a4e666d63.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f658f4b539d5f56b5ffddf6bff1cc1b478912c7bff8fa22c5d6ff567cf2dfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"3bf59-190c7cc8b1d"
age
1465007
cf-ray
8cebef7b2bf028fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 18 Jul 2024 21:43:09 GMT
vary
Accept-Encoding
server
cloudflare
358-2b80955b03b485cb.js
www.secureworks.com/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/358-2b80955b03b485cb.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b76291b70139d9c203708f0afdbab2d98c39a24e6152e9cb99837e714df8845

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"35e6-190c7d078ac"
age
1465007
cf-ray
8cebef7b2bf128fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 18 Jul 2024 21:47:26 GMT
vary
Accept-Encoding
server
cloudflare
277-154bbfa9128af3a8.js
www.secureworks.com/_next/static/chunks/ 		1 MB
321 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/277-154bbfa9128af3a8.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0a3bb78b2706f561fb87578267c54940a263997b03ce1e779123536b3dbd80c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"12725f-1917c0fdb58"
age
3919531
cf-ray
8cebef7b5c1628fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 22 Aug 2024 21:48:19 GMT
vary
Accept-Encoding
server
cloudflare
121-5c9b198d678a7a9d.js
www.secureworks.com/_next/static/chunks/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/121-5c9b198d678a7a9d.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5b1a-190c7cc8b1d"
age
2594003
cf-ray
8cebef7b5c1828fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 18 Jul 2024 21:43:09 GMT
vary
Accept-Encoding
server
cloudflare
%5B%5B...path%5D%5D-df0cd5ed32d8054c.js
www.secureworks.com/_next/static/chunks/pages/ 		583 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/chunks/pages/%5B%5B...path%5D%5D-df0cd5ed32d8054c.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2566d4bbd8ec1aa8996f5cdff49759da23cdaf26b3f84bccb4566b91a6baec2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"91d05-1917c012c9a"
age
3919531
cf-ray
8cebef7b5c1928fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 22 Aug 2024 21:32:17 GMT
vary
Accept-Encoding
server
cloudflare
_buildManifest.js
www.secureworks.com/_next/static/fW3muQJ5DYOmuulDVxJ_m/ 		1 KB
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/fW3muQJ5DYOmuulDVxJ_m/_buildManifest.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338d52cf052e2dd7c434d3dbc2002413745df44f61cd345450db9758b9c3623e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"475-191d7f55d33"
age
113369
cf-ray
8cebef7b5c1a28fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 18:04:27 GMT
vary
Accept-Encoding
server
cloudflare
_ssgManifest.js
www.secureworks.com/_next/static/fW3muQJ5DYOmuulDVxJ_m/ 		77 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/_next/static/fW3muQJ5DYOmuulDVxJ_m/_ssgManifest.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"4d-191d7f55d33"
age
113369
cf-ray
8cebef7b5c1b28fa-LAX
expires
Tue, 07 Oct 2025 06:46:41 GMT
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 18:04:27 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		346 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca1eba3ecbd19a1795666d95a88d6b3a97ada794936e8f2b01d652d27a0bc5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 07 Oct 2024 06:46:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
115088
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d6ba64c8c705a0ff24ab7812805f1a6bdd9080f8df2696e435154cf6e79b73d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
/
dam.secureworks.com/transform/3b9a0617-bf4e-45d8-b83b-f6839913bc49/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dam.secureworks.com/transform/3b9a0617-bf4e-45d8-b83b-f6839913bc49/?io=transform:fill,width:1600,height:646
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f5:2200:4:9e56:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1780d389298775f1ad73d4a63250ab47c6da07fc59ee9c08305222459de554c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/

Response headers

age
12325457
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
tbDSc2sk_4VDT2TKB9mqHiirP7atXy0CIah0HA6sDFJoR9hTm9V-DA==
date
Fri, 17 May 2024 15:02:24 GMT
content-type
image/webp
content-disposition
inline; filename=".webp"; filename*=UTF-8''.webp
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
bd003504-5515-bbd5-8319-bdb5262bbe90
cache-control
public, max-age=900, s-maxage=15552000
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 10a35db7a5db275f537a340dc439408c.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
content-length
44660
x-amz-cf-pop
IAD55-P4
server
nginx
EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962fhC61Hg.woff2
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.secureworks.com
Referer
https://www.secureworks.com/

Response headers

age
188820
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 02:19:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 02:19:41 GMT
last-modified
Wed, 27 Apr 2022 15:12:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
11212
x-xss-protection
0
server
sffe
_Xms-HUzqDCFdgfMm4S9DaRvzig.woff2
fonts.gstatic.com/s/figtree/v5/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/figtree/v5/_Xms-HUzqDCFdgfMm4S9DaRvzig.woff2
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
5392fcb13ceeae22545e0102586f503f8a5776bd631432814988c86bb64a3d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.secureworks.com
Referer
https://www.secureworks.com/

Response headers

age
326174
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 03 Oct 2025 12:10:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 12:10:27 GMT
last-modified
Thu, 20 Jul 2023 20:53:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20004
x-xss-protection
0
server
sffe
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/assets/js/initMunchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.172.203 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-172-203.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding
gzip
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Date
Mon, 07 Oct 2024 06:46:41 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCE3E0C241C63A
x-ms-lease-status
unlocked
age
61860
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:35:42 GMT
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/javascript
last-modified
Thu, 03 Oct 2024 19:22:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
61ecba25-801e-0016-2462-165214000000
cf-ray
8cebef80880008da-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
7214
x-ms-blob-type
BlockBlob
server
cloudflare
munchkin.js
munchkin.marketo.net/163/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.172.203 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-172-203.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=8640000
Content-Encoding
gzip
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Connection
keep-alive
Expires
Wed, 15 Jan 2025 06:46:41 GMT
Accept-Ranges
bytes
Content-Length
4741
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Date
Mon, 07 Oct 2024 06:46:41 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
visitWebPage
725-smc-563.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://725-smc-563.mktoresp.com/webevents/visitWebPage?_mchNc=1728283602000&_mchCn=&_mchId=725-SMC-563&_mchTk=_mch-secureworks.com-1728283601999-20220&_mchHo=www.secureworks.com&_mchPo=&_mchRu=%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
X-Request-Id
909e46b6-04ca-4049-b290-2ce4cb7cb679
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Mon, 07 Oct 2024 06:46:42 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx/1.20.1
1bdee92e-dd5f-49d1-9ccb-9a788319e959.json
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/1bdee92e-dd5f-49d1-9ccb-9a788319e959.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12aaca5af6cc0e28061530fb01e48a3bcab05e9d5706ba62c0e590ae9c5ae4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
oNjGEWuYTtlhHc9wXklE/A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCCCEEE90CA2A1
age
15922
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 08 Oct 2024 06:46:42 GMT
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/json
last-modified
Wed, 04 Sep 2024 14:36:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
e6746d4e-001e-0103-19d7-fed6d8000000
cf-ray
8cebef81cd920fbe-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
1726
x-ms-blob-type
BlockBlob
server
cloudflare
nanoTrackerv3-0-2.ashx
www.secureworks.com/-/media/Assets/js/shared/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/-/media/Assets/js/shared/nanoTrackerv3-0-2.ashx
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

server
cloudflare
cache-control
public, max-age=603348
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
61ebd904f1a645838256dff9b09d4ffa
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-ray
8cebef810ac228fa-LAX
accept-ranges
bytes
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/x-javascript
content-disposition
inline; filename="nanoTrackerv3-0-2.js"
vary
Accept-Encoding
last-modified
Wed, 16 Aug 2023 18:07:27 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		71 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8cebef831a142f67-LAX
access-control-allow-origin
*
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202408.1.0/ 		453 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b18751f3a50a2525e37e8caeda2e00f3c683f1689d629dbb21f3d570a9343af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
cSmNeMyDkvSieWRwSFHuAQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1496E561314
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
15090
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 03:34:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
102b1af8-501e-0014-2b52-0350ee000000
cf-ray
8cebef839b4708da-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
112788
x-ms-blob-type
BlockBlob
server
cloudflare
en.json
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/42124763-e1e2-48a2-afba-0e009da1475c/ 		100 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/42124763-e1e2-48a2-afba-0e009da1475c/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e6280434b9a9ba6555108f4772fdf71b7448400a4c95ec2239b574bb1e91a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
AZo1dk1egWDu+crrRE7RXQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCCCEEEAEF7078
age
15921
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 08 Oct 2024 06:46:42 GMT
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/json
last-modified
Wed, 04 Sep 2024 14:36:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
e0d0904d-c01e-00d6-48d7-fed850000000
cf-ray
8cebef8478300fbe-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
20009
x-ms-blob-type
BlockBlob
server
cloudflare
destination
www.googletagmanager.com/gtag/ 		359 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90b5e36a116b4acfcfce8bde08d3b36d86cc46cd7b8f46a065081b9aea2fe41a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 07 Oct 2024 06:46:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114289
x-xss-protection
0
server
Google Tag Manager
favicon.ico
www.secureworks.com/images/ 		15 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/images/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa30ae2f97f34bf61f99eebd2d2e033857d17204ffe231c2711c8b7458bf525
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

x-mss-script-nonce
MWU2ZGU2ODAtNjk3YS00MWE1LTllNzYtYzJlZTdkOTdmMzg2
content-encoding
gzip
cf-cache-status
MISS
etag
W/"3aee-1917b34f590"
x-forwarded-for
162.245.206.245, 172.71.170.108:15942,::ffff:10.241.0.6
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 10:46:42 GMT
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
image/x-icon
last-modified
Thu, 22 Aug 2024 17:49:14 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=14400
referrer-policy
same-origin
cf-ray
8cebef84ae1d28fa-LAX
permissions-policy
camera=(), geolocation=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/ 		359 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-15MK64YNN6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a5a7ef5d5558de8bd30bd2bd9abc645152b8c75f39723c3e66d57dcf87dd137
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 07 Oct 2024 06:46:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114105
x-xss-protection
0
server
Google Tag Manager
201e7325-26d7-4b1a-af4b-38bdaf9162ab.js
j.6sc.co/j/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/j/201e7325-26d7-4b1a-af4b-38bdaf9162ab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0d6fba9519c07a6138279b6d6fa859766cd5b6b27e68166b53dad79201597832

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"4839d94bc87dfbd1598e2bf2e75404b0"
x-amz-version-id
Rb1FgEqgzPFxSC9UriirXQXzDMD.brdi
expires
Mon, 07 Oct 2024 07:16:43 GMT
x-amz-cf-id
p50pmXXsvb6prjMrpFYB53Ei_KhswlTGzrgJRhOfJwIeuRTchy3nMA==
date
Mon, 07 Oct 2024 06:46:43 GMT
last-modified
Tue, 15 Aug 2023 17:39:29 GMT
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-content-type
application/json
cache-control
private, max-age=1800
accept-ranges
bytes
content-length
1443
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"803483b3aaadb1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 955885B4C1FF401380881989602F7FD4 Ref B: LAXEDGE1919 Ref C: 2024-10-07T06:46:43Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14402
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:43:41 GMT
vary
Accept-Encoding
6279.js
script.crazyegg.com/pages/scripts/0097/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0097/6279.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796a4a8bdcb4337714d075bacb897dc3466fa4308e37414bc160f22a8887c770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
16399
cf-polished
origSize=6996
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
text/javascript
last-modified
Mon, 07 Oct 2024 01:31:31 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8cebef864c119e74-SJC
access-control-allow-origin
*
ce-version
11.5.293
server
cloudflare
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"bed9b675380c07edc84c03d0f362b192"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12103
date
Mon, 07 Oct 2024 06:46:42 GMT
last-modified
Mon, 23 Sep 2024 17:14:22 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/ 		234 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10934024932&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4f740eb4e7a892b5a173a11d2e2814d3d19d8bd5ace67cbf012e8145212d21b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 07 Oct 2024 06:46:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
86122
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		247 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17882b485627749660e05de0baa5c3369b8df59896bcdb2f44895bdb6c985f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 07 Oct 2024 06:46:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89442
x-xss-protection
0
server
Google Tag Manager
tracking.js
trk.techtarget.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=1200
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
84054
via
1.1 google
cf-ray
8cebef860fd9dbbe-LAX
expires
Mon, 07 Oct 2024 07:06:42 GMT
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
text/javascript
last-modified
Tue, 13 Dec 2022 15:01:39 GMT
vary
Accept-Encoding
server
cloudflare
2mnfp3myy8iz.js
js.driftt.com/include/1728283800000/ 		221 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1728283800000/2mnfp3myy8iz.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-68.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8ae2c031d4437921725504cc0dde011afa318561961ad23d28d64bc61de45341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
tUmK.kR2Jowc3KVwRScW12F642xwrRdS
etag
W/"4a6f52850f5fd988a7cfd6d88229e754"
access-control-allow-methods
GET, POST, OPTIONS
x-cache
Miss from cloudfront
x-amz-cf-id
egG0isO-vYWiXb6Kh4W6Y_bpkf5SG213sQo1AwqA4ODA81ADYrqGHA==
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 03 Oct 2024 17:04:14 GMT
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
x-envoy-upstream-service-time
100
access-control-allow-credentials
true
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD12-P4
server
istio-envoy
x-amz-server-side-encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:58::17d5:9e52 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=44146
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Mon, 07 Oct 2024 06:46:43 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip"
accept-ranges
bytes
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Mon, 07 Oct 2024 06:46:43 GMT
x-tw-cdn
FT
last-modified
Thu, 04 Apr 2024 00:26:35 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000047-IAD
x-amz-server-side-encryption
AES256
teads-fellow.js
p.teads.tv/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.teads.tv/teads-fellow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
Z8gwS9qcffRBGGDHf9SY3sWUnaW9g4IT2f2ygkY1IlU8xIhDtcRR3CfHX/beKSMvdn0VqZkzQw8=
Vary
Accept-Encoding
Cache-Control
max-age=382
Content-Encoding
gzip
ETag
"8308c4ca0f38b20101f1aa83176a264c"
Connection
keep-alive
x-amz-request-id
2SP1R54MSJMG9K69
Accept-Ranges
bytes
Content-Length
5806
Date
Mon, 07 Oct 2024 06:46:43 GMT
Last-Modified
Tue, 02 Jul 2024 13:21:36 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otFloatingFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
RBCxai/ZNJYhEMy7yQ6ktA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1496B2EC296
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
7083
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 03:34:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2be6c4a8-c01e-0077-503b-0316cb000000
cf-ray
8cebef8549130fbe-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
2675
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
F2wp4i0C8qNDOYaIna2qbg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1496C13B4F3
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
50482
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 03:34:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
1de39492-b01e-0051-4a8f-038d7f000000
cf-ray
8cebef8549140fbe-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
12723
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
66222
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 03:34:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
a3621945-e01e-0042-488f-03b89e000000
cf-ray
8cebef8549150fbe-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=www.secureworks.com&pId=6460002570760170798
4 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attr.ml-api.io/?domain=www.secureworks.com&pId=6460002570760170798
Protocol
H2
Server
2600:9000:27c5:6a00:5:7a81:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 1b8d2d47935f0bd44bb9339058aa93be.cloudfront.net (CloudFront)
apigw-requestid
fRGJMiWhIAMESLA=
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
4
x-amz-cf-id
ZBJ6r6p2MhgHpJwmWfqcgkyosPL2rTNrb4zl50ShiLRTV81RJQ8QAw==
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
application/json
x-amz-cf-pop
IAD61-P5

Redirect headers

cache-control
no-store, no-cache, private
location
https://attr.ml-api.io/?domain=www.secureworks.com&pId=6460002570760170798
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.245; 162.245.206.245; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
ed0da63b-26c0-4921-bab7-d72c1e969b12
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 07 Oct 2024 06:46:43 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/

Response headers

content-md5
pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
52440
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
image/svg+xml
last-modified
Thu, 03 Oct 2024 19:22:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
9e76f55c-b01e-003c-6f73-162751000000
cf-ray
8cebef85dde808da-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
15921
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
image/svg+xml
last-modified
Thu, 03 Oct 2024 19:22:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
cab19ba3-501e-00f1-6232-164219000000
cf-ray
8cebef85e99d0fbe-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
SW_logo_black_print.png
cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/b0dda7c3-a248-4e22-acb7-740ad770e471/SW_logo_black_print.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
2qjIoAdJjqAKBeXNXVdNEg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DBE459EC4B10B3
age
38789
cf-cache-status
HIT
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
mage/png
last-modified
Mon, 13 Nov 2023 15:05:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
eac810b7-b01e-0093-3b72-79e289000000
cf-ray
8cebef85fe0b08da-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
22030
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
65185
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 06:46:42 GMT
content-type
image/svg+xml
last-modified
Thu, 03 Oct 2024 19:22:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
b155f26a-401e-0083-64cf-153327000000
cf-ray
8cebef85fe0d08da-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je4a20v879063519z871332070za200zb71332070&_p=1728283601109&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1209576449.1728283603&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728283602&sct=1&seg=0&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&dt=404%20%7C%20Secureworks&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=10&tfd=4477
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.secureworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-15MK64YNN6&cid=1209576449.1728283603&gtm=45je4a20v879063519z871332070za200zb71332070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.secureworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame A376 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-15MK64YNN6&gacid=1209576449.1728283603&gtm=45je4a20v879063519z871332070za200zb71332070&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=726785017
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 06:46:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1728283602999&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&version=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://www.secureworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 07 Oct 2024 06:46:43 GMT
expires
Mon, 07 Oct 2024 06:46:43 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
AHmUCY21rGlH8gx_sBfUH5rJ-4Fn2RDn2qnmz06hStGqcJONMqzBsrbMd8J2JghwZIUI9gXR0r8
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1728283602999&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&version=2.4
Requested by
Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
ibc_rate_tier
17588164
Referer

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-encoding
identity
expires
Mon, 07 Oct 2024 07:46:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
vary
Origin
x-guploader-uploadid
AHmUCY0XhM95KkKCK5FwnvVm3u1qGO6utxOXRitJShQ3sOT85I6R5JoViYfnFgyghiytYyoTJ0U
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1670534369365034
content-length
43
server
nginx/1.20.2
www.secureworks.com.json
script.crazyegg.com/pages/data-scripts/0097/6279/site/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0097/6279/site/www.secureworks.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acbb2354437255cda25e6e60dbade25076d65a6455b2ad2e141a77ac5a67c054

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
16399
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/json
last-modified
Mon, 07 Oct 2024 01:31:31 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8cebef876a422700-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
3980
ce-version
11.5.293
server
cloudflare
config
pixel-config.reddit.com/pixels/t2_f8xwyeln/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_f8xwyeln/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/json
t2_f8xwyeln_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_f8xwyeln_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
97
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1728283603008&id=t2_f8xwyeln&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=b1342c73-7ff3-4389-b074-36bb0d5aaebb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_5afed25b&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
server
Varnish
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/?random=1728283603025&cv=11&fst=1728283603025&bg=ffffff&guid=ON&async=1&gtm=45be4a20v870813510z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10934024932&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f157.1e100.net
Software
cafe /
Resource Hash
667b994de76f69de29f3c4330bc24cb4ee2ebe28891b48992f991c8f3c737c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2333
date
Mon, 07 Oct 2024 06:46:43 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10934024932
td.doubleclick.net/td/rul/ Frame 5E89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/10934024932?random=1728283603025&cv=11&fst=1728283603025&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a20v870813510z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10934024932&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 06:46:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/?random=1728283603089&cv=11&fst=1728283603089&bg=ffffff&guid=ON&async=1&gtm=45be4a20v889968102z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f157.1e100.net
Software
cafe /
Resource Hash
e571528d089d7d4cad92834a2651a359192a434a7b1411d473f854a7f03de7f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2334
date
Mon, 07 Oct 2024 06:46:43 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
648366107
td.doubleclick.net/td/rul/ Frame 1A6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/648366107?random=1728283603089&cv=11&fst=1728283603089&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a20v889968102z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-648366107&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 06:46:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
56073499.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56073499.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b96a7912f7ff7abd9fef86c7421182705089ee500af7a2b2fd3cb1fdf58b2f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9394522B07D8470183A3B7063E185C4C Ref B: LAXEDGE1919 Ref C: 2024-10-07T06:46:43Z
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
adsct
t.co/i/ 		43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=50356631-c9d9-4ac3-b570-577b1097d79f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=49bf2e7d-329c-4ff7-a024-a3c637e472ab&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_p /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=0
x-transaction-id
98e88e27abe75ddb
cache-control
no-cache, no-store, max-age=0
x-connection-hash
d8d639bbb6db507325b62ecd17e9d26ebec264f944bb7df459338b35295b8524
cf-cache-status
DYNAMIC
cf-ray
8cebef88ac372ee7-LAX
x-response-time
6
content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_p
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=50356631-c9d9-4ac3-b570-577b1097d79f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=49bf2e7d-329c-4ff7-a024-a3c637e472ab&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_p /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
f43db7a2ab940f60
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c23a8f858b1786447a6fc9fdac285757f50efc4b52fb8265d88032786a375903
x-response-time
6
content-length
43
date
Mon, 07 Oct 2024 06:46:42 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_p
6si.min.js
j.6sc.co/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/j/201e7325-26d7-4b1a-af4b-38bdaf9162ab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
13122b3fd48d530470d735824c63b0b25a895931f5728921f8cc1eb5848fe2ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, proxy-revalidate, max-age=10800
content-encoding
gzip
etag
"66f5de53-111d7"
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 09:46:43 GMT
accept-ranges
bytes
content-length
18830
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
last-modified
Thu, 26 Sep 2024 22:21:07 GMT
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lac/55A0) /
Resource Hash
2c14a49b6bc2742d24220cecca774de09c8beb5be67fe3e18a116e42760845cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSub
cache-control
max-age=86400
content-encoding
gzip
etag
"a9cd5298dd15db1:0"
age
11351
accept-ranges
bytes
x-cache
HIT
content-length
25393
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/x-javascript
last-modified
Thu, 03 Oct 2024 21:45:42 GMT
server
ECS (lac/55A0)
vary
Accept-Encoding
9c5c09abfda2a378ae2f773cf459a46c.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/9c5c09abfda2a378ae2f773cf459a46c.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a111c2463a90c5293e5a4ef8ac575d8b15e7675e01d49e32be36d5ae9e7b7015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
215616
cf-ray
8cebef87fd899e74-SJC
cf-polished
origSize=150550
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
text/javascript
last-modified
Fri, 27 Sep 2024 12:54:34 GMT
vary
Accept-Encoding
server
cloudflare
attribution_trigger
px.ads.linkedin.com/ 		2 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Referer

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
000623dd6240d4445b9fdad81d8f3f9b
x-msedge-ref
Ref A: 6ABE6926CDA747E6959B4D3C7FC3EE29 Ref B: LAX311000112033 Ref C: 2024-10-07T06:46:43Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYj3WJA1ERbn9rYHY8/mw==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1728283603161%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true&l...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true&...
0
0
56073499
www.clarity.ms/tag/uet/ 		828 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/56073499
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/56073499.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
696725e3e868de5008ff232248cd23ef5ce522e4e26e23d0a7bf6a798d5142e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
828
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/x-javascript
x-azure-ref
20241007T064643Z-168d67d4c96fx2kgpe81pw7c2n0000000sdg000000018fd8
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56073499&tm=gtm002&Ver=2&mid=f1cd283a-c6d7-4127-8d75-47f380f632a1&sid=e9e9f2c0847711efbcf64d60f2b9b1de&vid=e9ea3630847711ef92f77bed1e2a9238&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=404%20%7C%20Secureworks&p=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&r=&lt=4192&evt=pageLoad&sv=1&cdb=AQET&rn=909430
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BCB288D383B6461A98068C792E972FDC Ref B: LAXEDGE1919 Ref C: 2024-10-07T06:46:43Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 06:46:43 GMT
advertiser
cm.teads.tv/v2/ 		138 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&buyer_pixel_id=7246
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3a8e4260f2522a856e42c5f90b17df4929dc18837c840cff35723cb1ab5eac39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Observe-Browsing-Topics
?1
Expires
Mon, 07 Oct 2024 06:46:43 GMT
Access-Control-Allow-Origin
https://www.secureworks.com
Content-Length
138
Date
Mon, 07 Oct 2024 06:46:43 GMT
Content-Type
application/json; charset=utf-8
getuidj
secure.adnxs.com/ 		11 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.245; 162.245.206.245; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.secureworks.com
an-x-request-uuid
88c9e0de-b746-4bf0-bf01-bf1f9c5d48c4
content-length
11
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 07 Oct 2024 06:46:43 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
/
c.6sc.co/ 		7 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.secureworks.com
content-length
7
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
text/html
access-control-allow-headers
*
/
ipv6.6sc.co/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:d::17cd:6a49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1fdddb377d6442ed4a9ea71787b84b868c358163da4c5ecbdc55a65ea280a713

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
pragma
no-cache
6si-ipv6
2a04:c604:615:1::6
expires
Mon, 07 Oct 2024 06:46:43 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728283603574_400219721_2780372745_18_898_113_117_219";dur=1
access-control-allow-origin
https://www.secureworks.com
content-length
18
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
text/html
vary
Origin
www.secureworks.com.json
script.crazyegg.com/pages/data-scripts/0097/6279/sampling/ 		162 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0097/6279/sampling/www.secureworks.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/9c5c09abfda2a378ae2f773cf459a46c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b4343a10956747c4c275b80010a3d352ea63acc4ccf00c00bf9f82ca162473

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
18912
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/json
last-modified
Mon, 07 Oct 2024 01:31:31 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8cebef898c6f2700-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
151
ce-version
11.5.293
server
cloudflare
core
js.driftt.com/ Frame 7F79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=bc3a8657-e851-4920-af47-ddfa992c8506&sessionStarted=1728283603.425&campaignRefreshToken=08c5eaf3-44ec-465b-aca3-a0573377a308&hideController=false&pageLoadStartTime=1728283601076&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1728283800000/2mnfp3myy8iz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-33.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Oct 2024 06:46:43 GMT
etag
W/"61dfcbf4873f0f79619a148371fe5ad6"
last-modified
Thu, 03 Oct 2024 17:03:48 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront)
x-amz-cf-id
mqBYxeYNdzhBMIiuh2egn_N6pnOXp0wklOFTT6URIaQkIRutTQN_gw==
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
FGgsKWLfZQkZs2shTS1MPmeannUG2gmW
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
20
chat
js.driftt.com/core/ Frame 66FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1728283601076
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1728283800000/2mnfp3myy8iz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-33.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Oct 2024 06:46:43 GMT
etag
W/"61dfcbf4873f0f79619a148371fe5ad6"
last-modified
Thu, 03 Oct 2024 17:03:48 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront)
x-amz-cf-id
fp7I0OUYhAKlhtL-HzIXdB-3yGdUbPFD8GHdi9NQzWyV2jY5XEPFcw==
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
FGgsKWLfZQkZs2shTS1MPmeannUG2gmW
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
20
/
www.google.com/pagead/1p-user-list/10934024932/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10934024932/?random=1728283603025&cv=11&fst=1728280800000&bg=ffffff&guid=ON&async=1&gtm=45be4a20v870813510z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfpTWRQjjSeN97yE8ReswcxzE4WPiaMA&random=115679708&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 07 Oct 2024 06:46:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/648366107/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/648366107/?random=1728283603089&cv=11&fst=1728280800000&bg=ffffff&guid=ON&async=1&gtm=45be4a20v889968102z871332070za201zb71332070&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&hn=www.googleadservices.com&frm=0&tiba=404%20%7C%20Secureworks&npa=0&pscdl=noapi&auid=1889026891.1728283603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfIgjraFZKPues8yZsr69Vx3Dm4E4qiA&random=3660059220&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 07 Oct 2024 06:46:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
8903e3de-64aa-43fc-8149-7ddd9979a836
https://www.secureworks.com/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.secureworks.com/8903e3de-64aa-43fc-8149-7ddd9979a836
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

Content-Type
image/gif
Content-Length
43
ipv
cdn.bizible.com/ 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=3be66a9a5b414f4f8050cdaa3ee942e0&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&_biz_t=1728283603464&_biz_i=404%20%7C%20Secureworks&_biz_n=0&rnd=367450&cdn_o=a&_biz_z=1728283603465
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lac/55B0) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSub
cache-control
no-cache, no-store
pragma
no-cache
age
300163
expires
-1
accept-ranges
bytes
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Thu, 03 Oct 2024 19:24:00 GMT
server
ECS (lac/55B0)
u
cdn.bizibly.com/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/u?_biz_u=3be66a9a5b414f4f8050cdaa3ee942e0&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&_biz_t=1728283603473&_biz_i=404%20%7C%20Secureworks&rnd=361780&cdn_o=a&_biz_z=1728283603473
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lac/55B6) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSub
cache-control
no-cache, no-store
pragma
no-cache
age
166621
expires
-1
accept-ranges
bytes
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Sat, 05 Oct 2024 08:29:42 GMT
server
ECS (lac/55B6)
up_loader.1.1.0.js
js.adsrvr.org/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.167.72.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-72-96.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b9d0d77fab58e1e1ec4fd77f06ecebedf37e54ad7b3a3f0d6641de0204fcaa9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
W/"6456d197d494e7ee00da27310d2f1993"
Age
13679
Connection
keep-alive
Via
1.1 32906bb872c08ff51404d826f2b8ab5e.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
TJhVpHJHEmyFJ8szwS0UPhQeREbxAwC8wQZX2WKU_mR0Xe-NPlGVog==
Date
Mon, 07 Oct 2024 02:58:45 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 03 Oct 2024 02:53:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD61-P6
x-amz-server-side-encryption
AES256
bf41b595-2598-4f65-849b-3f2096dddf6c
https://www.secureworks.com/ Frame 		0
0
clock
tracking.crazyegg.com/ Frame 54FB 		41 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1&tk=30a8be1af0ff6647f2a6a004fc2fb241&u=976279&s=361865&p=%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&v=cc93264fe5f3a79fb7d0e69efcdb2faa8431e5c3&f=secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&ul=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/9c5c09abfda2a378ae2f773cf459a46c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.205.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-205-23.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9d97bbd85c468774c039c24d0efab9102a093de4915ba1f91f630f26a56c0628

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store
access-control-allow-origin
*
content-length
41
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
text/plain
server
awselb/2.0
healthcheck
pagestates-tracking.crazyegg.com/ Frame 54FB 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/9c5c09abfda2a378ae2f773cf459a46c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-98.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"d06f04fccf68d0b228a5923187ce1afd"
age
5367161
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
UBKA04YYSyOnxcx7NHTpZfjGqX0KLGW4l8gRNd6KSeDyd5wfGipE8Q==
date
Tue, 06 Aug 2024 03:54:03 GMT
content-type
application/json
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
via
1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
x-amz-cf-pop
IAD55-P4
server
AmazonS3
healthcheck
assets-tracking.crazyegg.com/ Frame 54FB 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/9c5c09abfda2a378ae2f773cf459a46c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-33.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"d06f04fccf68d0b228a5923187ce1afd"
age
3791089
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
qfUCHT4K33EJLa2cmCQjIsmyr_xnaJ1bszM3QZrlF6-9uyhkvCuJMw==
date
Sat, 24 Aug 2024 09:41:55 GMT
content-type
application/json
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
via
1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
x-amz-cf-pop
IAD89-P1
server
AmazonS3
details
eps.6sc.co/v3/company/ 		660 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eps.6sc.co/v3/company/details
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.108.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afe865822f884bb48.awsglobalaccelerator.com
Software
/
Resource Hash
1362ad7199ef6585442f4cb16faba76503e5cf440ca0a82490f19497cd6a75bc

Request headers

Authorization
Token 359714f191fbccf873d6d488c1ebaeeb533e4955
X-6s-CustomID
WebTag 201e7325-26d7-4b1a-af4b-38bdaf9162ab
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
X-6si-Region
timing-allow-origin
https://6sense.com
content-encoding
gzip
x-6si-region
access-control-allow-credentials
true
access-control-allow-origin
https://www.secureworks.com
content-length
331
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/json
vary
Origin, Accept-Encoding
details
eps.6sc.co/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eps.6sc.co/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.108.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afe865822f884bb48.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://www.secureworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.secureworks.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
content-length
0
date
Mon, 07 Oct 2024 06:46:43 GMT
timing-allow-origin
https://6sense.com
x-6si-region
xdc.js
cdn.bizible.com/ 		84 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=3be66a9a5b414f4f8050cdaa3ee942e0&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.10.03
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lac/55A0) /
Resource Hash
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSub
cache-control
private, must-revalidate, max-age=21600
content-encoding
gzip
etag
EFEDFBC3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
186
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
ECS (lac/55A0)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:43 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22db8067e51eb58581f03147464f6063b2%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22359714f191fbccf873d6d488c1ebaeeb533e4955%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22201e7325-26d7-4b1a-af4b-38bdaf9162ab%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:43 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
u
cdn.bizible.com/ 		43 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220&_biz_u=3be66a9a5b414f4f8050cdaa3ee942e0&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&_biz_t=1728283603473&_biz_i=404%20%7C%20Secureworks&_biz_n=1&rnd=823012&cdn_o=a&_biz_z=1728283603574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lac/55B6) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSub
cache-control
no-cache, no-store
pragma
no-cache
age
166621
expires
-1
accept-ranges
bytes
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Sat, 05 Oct 2024 08:29:42 GMT
server
ECS (lac/55B6)
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=ipv6&q=%7B%22address%22%3A%222a04%3Ac604%3A615%3A1%3A%3A6%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:43 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
clarity.js
www.clarity.ms/s/0.7.47/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.47/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56073499
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-azure-ref
20241007T064643Z-168d67d4c96fx2kgpe81pw7c2n0000000sdg000000018fec
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCE40F260567A1"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
0ac55c58-101e-0017-16c3-1687d0000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 00:54:49 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7DA5093B1F41458387EAD84061CFA3A4&RedC=c.clarity.ms&MXFR=1DAE4A6F29D462782DB45F7E2DD46CA5
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DA5093B1F41458387EAD84061CFA3A4&MUID=0D059407DB356FC33EA48116DAB16EAC
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DA5093B1F41458387EAD84061CFA3A4&MUID=0D059407DB356FC33EA48116DAB16EAC
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"bb391b5d70eeda1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
image/gif
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DA5093B1F41458387EAD84061CFA3A4&MUID=0D059407DB356FC33EA48116DAB16EAC
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CF7DDA364CE141D698453EA805217DCC Ref B: LAX311000110023 Ref C: 2024-10-07T06:46:44Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Mon, 07 Oct 2024 06:46:44 GMT
x-powered-by
ASP.NET
tag.html
fledge.teads.tv/v1/interest-group/ Frame A33A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fledge.teads.tv/v1/interest-group/tag.html
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Ad-Auction-Allowed
true
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
540
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Oct 2024 06:46:44 GMT
Expires
Mon, 07 Oct 2024 06:46:44 GMT
Pragma
no-cache
track
t.teads.tv/ 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&user_session_id=316d11a3-651c-4554-a71e-e599534034e8
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.161.51 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.secureworks.com
content-length
23
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&user_session_id=316d11a3-651c-4554-a71e-e599534034e8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.161.51 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
image/gif
conversion
cm.teads.tv/v3/ 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.20.0_03d6d47&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&user_session_id=316d11a3-651c-4554-a71e-e599534034e8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Mon, 07 Oct 2024 06:46:44 GMT
Content-Length
0
Attribution-Reporting-Register-Trigger
{"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1728283604","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date
Mon, 07 Oct 2024 06:46:44 GMT
ping.min.js
cdn.pdst.fm/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag
"4eddeec95afda969b3d1b2fb970c1eb1"
age
909
x-goog-stored-content-encoding
identity
expires
Mon, 07 Oct 2024 07:31:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
22096
date
Mon, 07 Oct 2024 06:31:35 GMT
last-modified
Tue, 25 Jun 2024 13:55:49 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY3SU1R52N-i3V2oFiFkpTnZLHQ4h8tcoiWKnNIDi31YWhYmO_jYMFhWE95Yz68ABQPbm5rYxwq1
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1719323749654301
content-length
22096
server
UploadServer
aa3cc511947365a3.min.js
tag.demandbase.com/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.demandbase.com/aa3cc511947365a3.min.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-89.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ee1ed3602f1c18382744fd6c2803c6220f49c1fd8f5e01dacde3ca03c0c94df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
VqeoIZnd8hxnRVFREbstno4Io5itDXl6
etag
W/"f0e75304732896c086fc936fcca14634"
age
1965
x-cache
Hit from cloudfront
x-amz-cf-id
Y1N0V4omNeJgjwSKB2epFnGi9vvTjHXrNCOsy83xdJakfhp71YFYfQ==
date
Mon, 07 Oct 2024 06:14:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 10 Jul 2024 23:27:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=3600
via
1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop
IAD12-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
rtp.js
abrtp2-cdn.marketo.com/rtp-api/v1/ 		152 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.155.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
73177db9c06173243324b7213e7f9c56c6cc7baa06fba9ab0bad588cc6cde2f3
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63113904
Cache-Control
public, max-age=300
Connection
close
Date
Sat, 05 Oct 2024 01:08:21 GMT
Content-Type
application/x-javascript; charset=UTF-8
Last-Modified
Sat, 05 Oct 2024 01:08:21 GMT
Server
Jetty(9.4.45.v20220203)
munchkin.js
munchkin.marketo.net/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.172.203 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-172-203.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding
gzip
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Accept-Ranges
bytes
Content-Length
729
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Date
Mon, 07 Oct 2024 06:46:41 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
teknkl-formsplus-core-108.js
www.secureworks.com/-/media/assets/js/shared/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/-/media/assets/js/shared/teknkl-formsplus-core-108.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bd7c2ec764214b504465b848ed92f844586d7ef2fae19c0cc415b270c73429

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

server
cloudflare
cache-control
public, max-age=597443
content-encoding
gzip
cf-cache-status
HIT
etag
e57bd705845b46518ea8152078659f9c
age
530846
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-ray
8cebef8c9eb328fa-LAX
expires
Mon, 14 Oct 2024 04:44:06 GMT
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/x-javascript
content-disposition
inline; filename="teknkl-formsplus-core-108.js"
vary
Accept-Encoding
last-modified
Tue, 14 May 2024 22:59:54 GMT
/
match.adsrvr.org/track/upb/ Frame 44BD
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&upid=gn5z6gn&upv=1.1.0&paapi=1
  • https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&upid=gn5z6gn&upv=1.1.0&paapi=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&upid=gn5z6gn&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 07 Oct 2024 06:46:44 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
409
date
Mon, 07 Oct 2024 06:46:44 GMT
location
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&upid=gn5z6gn&upv=1.1.0&paapi=1
server
Kestrel
75d9859b-0c02-4b4c-b65e-7a4e41d87310
https://www.secureworks.com/ Frame 		0
0
5fc42c93de2eab0609c4aca20003d15e.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/5fc42c93de2eab0609c4aca20003d15e.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
215618
cf-ray
8cebef8cf9439e74-SJC
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
text/javascript
last-modified
Thu, 03 Oct 2024 17:43:53 GMT
vary
Accept-Encoding
server
cloudflare
/
px.ads.linkedin.com/wa/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8EAC5001C87B404EAE66988D57716463 Ref B: LAX311000109019 Ref C: 2024-10-07T06:46:43Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
x-li-uuid
AAYj3WJJ+HUGEu+5SrnVcg==
x-li-proto
http/2
access-control-allow-origin
https://www.secureworks.com
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 06:46:43 GMT
vary
Origin
v
v.eps.6sc.co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.eps.6sc.co/v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-97.iad89.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.secureworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 07 Oct 2024 06:46:44 GMT
via
1.1 6aa8d2883437a2897f326bfc58beed3c.cloudfront.net (CloudFront)
x-amz-apigw-id
fRGJOGmJIAMEX6Q=
x-amz-cf-id
oHyco2bqLwXuNwmSPJn9bz14TWVRnO2zBgn3TRmYmGXat9gztddCIw==
x-amz-cf-pop
IAD89-P2
x-amzn-requestid
4770369a-3fbb-43de-aa52-e7d7a480a713
x-cache
Miss from cloudfront
v
v.eps.6sc.co/ 		12 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.eps.6sc.co/v
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-97.iad89.r.cloudfront.net
Software
/
Resource Hash
512a4f403d30a587ad5ab0b9fa7b2fd4f078249ee03f9c23c445332838f6a436

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer

Response headers

x-amz-apigw-id
fRGJQEq9oAMEuSQ=
x-amzn-trace-id
Root=1-670383d4-4a84299f12e797c3641a463f;Parent=48034918f1045aa0;Sampled=0;Lineage=1:56167173:0
access-control-allow-methods
OPTIONS,POST
x-amzn-requestid
706cdcea-de9c-4d44-9d8b-368ea0139e57
via
1.1 6aa8d2883437a2897f326bfc58beed3c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
12
x-amz-cf-id
e7ltPv82Avbd4iv_3GcUVJY0o7yckVY8Lzo2DomEbXTZUDmeQ20rrg==
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
application/json
x-amz-cf-pop
IAD89-P2
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=https%3A%2F%2Feps.6sc.co&q=%7B%22name%22%3A%22https%3A%2F%2Feps.6sc.co%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A5083.199999809265%2C%22duration%22%3A458.6000003814697%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22deliveryType%22%3A%22%22%2C%22nextHopProtocol%22%3A%22%22%2C%22renderBlockingStatus%22%3A%22non-blocking%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A5083.199999809265%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22connectEnd%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22firstInterimResponseStart%22%3A0%2C%22responseEnd%22%3A5541.800000190735%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22responseStatus%22%3A200%2C%22serverTiming%22%3A%5B%5D%2C%22metadata%22%3A%7B%22region%22%3A%22header-blocked%22%7D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon.6sense.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=&d=1&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:44 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
teknkl-simpledto-204.js
www.secureworks.com/-/media/assets/js/shared/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/-/media/assets/js/shared/teknkl-simpledto-204.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130ea2a750c7c96cd469f0991f747ed632668212b31e29059b069432489dc406

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

server
cloudflare
cache-control
public, max-age=540744
content-encoding
gzip
cf-cache-status
HIT
etag
b4b7055b28a9401a95005568bb8c9224
age
492708
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-ray
8cebef8d7f8828fa-LAX
expires
Sun, 13 Oct 2024 12:59:08 GMT
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
application/x-javascript
content-disposition
inline; filename="teknkl-simpledto-204.js"
vary
Accept-Encoding
last-modified
Thu, 16 May 2024 17:01:16 GMT
46f6ad988f8cf57218f3c18f0e8273fb.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/46f6ad988f8cf57218f3c18f0e8273fb.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fc84674bc35b739d5e31f0540890fd8b8dbd23f96931a65e0de4c5d83c1925a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
215617
cf-ray
8cebef8d89b49e74-SJC
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
text/javascript
last-modified
Fri, 27 Sep 2024 12:54:37 GMT
vary
Accept-Encoding
server
cloudflare
collect
p.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.secureworks.com
Date
Mon, 07 Oct 2024 06:46:44 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
prefillActivate.js
www.secureworks.com/-/media/assets/js/shared/ 		641 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/-/media/assets/js/shared/prefillActivate.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b72754a0ddf046ba36f9b602122519dea9da094fb61b57da2c60d35a066adeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.

Response headers

server
cloudflare
cache-control
public, max-age=554079
content-encoding
gzip
cf-cache-status
HIT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
age
228227
cf-ray
8cebef8e080328fa-LAX
expires
Sun, 13 Oct 2024 16:41:23 GMT
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
application/x-javascript
content-disposition
inline; filename="prefillActivate.js"
vary
Accept-Encoding
last-modified
Thu, 16 May 2024 23:57:10 GMT
ingest
pixels.spotify.com/v1/ 		52 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixels.spotify.com/v1/ingest
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash
0d5814b63b40396038744da3cf6fdddd770c9fc5fe21e4af108b0f5fc06feb5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
grpc-status
0
content-encoding
gzip
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
via
HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding
gzip,x-snappy-framed
access-control-allow-origin
https://www.secureworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
application/json
vary
Accept-Encoding
grpc-encoding
identity
server
envoy
ingest
pixels.spotify.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixels.spotify.com/v1/ingest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.secureworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
https://www.secureworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 07 Oct 2024 06:46:44 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
dtp-200.html
pages.secureworks.com/ Frame 85B7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.secureworks.com/dtp-200.html?&_mkt_trk=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220
Requested by
Host: www.secureworks.com
URL: https://www.secureworks.com/-/media/assets/js/shared/teknkl-simpledto-204.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d42fae382d2c92ee221304d9443315524fc8af669a78c20e5dd9c248d177ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cebef8eafac67e3-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Oct 2024 06:46:44 GMT
p3p
CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server
cloudflare
vary
*,Accept-Encoding
x-asset-type
LP
x-content-type-options
nosniff
sync
s.company-target.com/s/ Frame A3EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.company-target.com/s/sync?exc=lr
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/aa3cc511947365a3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.71.96.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
content-type
text/html; charset=UTF-8
date
Mon, 07 Oct 2024 06:46:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
log
segments.company-target.com/
Redirect Chain
  • https://id.rlcdn.com/464526.gif
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNSHjrgGEgUI6AcQAEIASgA
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297yWx2Hp_XUbmw4HtXdP8pw0nU7f2aILi6jgum0RUjCOI
26 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297yWx2Hp_XUbmw4HtXdP8pw0nU7f2aILi6jgum0RUjCOI
Protocol
HTTP/1.1
Server
99.84.191.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-94.iad89.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Connection
keep-alive
Via
1.1 e06a155936c216d176543a7a25710ed0.cloudfront.net (CloudFront)
X-Cache
Miss from cloudfront
Content-Length
26
X-Amz-Cf-Id
BYqhac3ENIKbcUqoo6zcoyG1iXnv5YT3TX8Sd4dA6l2-ncychn_uLQ==
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
image/gif
X-Amz-Cf-Pop
IAD89-C2

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297yWx2Hp_XUbmw4HtXdP8pw0nU7f2aILi6jgum0RUjCOI
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 07 Oct 2024 06:46:44 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A43%20GMT%22%2C%22timeSpent%22%3A%221013%22%2C%22totalTimeSpent%22%3A%221013%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:44 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
ip.json
api.company-target.com/api/v2/ 		12 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&page_title=404%20%7C%20Secureworks
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-46.iad89.r.cloudfront.net
Software
nginx /
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

access-control-max-age
7200
access-control-expose-headers
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
request-id
0b19473a-bcd0-4c51-9ebd-5eb4e0703c54
x-cache
Error from cloudfront
x-amz-cf-id
d9joURcjqgzS20IXTCIyqRDAUcfsJGj78TAiFuivbiFDRsLG9ZAdvQ==
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
text/plain;charset=utf-8
vary
Origin
www-authenticate
DemandBase API
access-control-allow-credentials
true
via
1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.secureworks.com
content-length
12
x-amz-cf-pop
IAD89-C1
server
nginx
teknkl-formsplus-core-108.js
www.secureworks.com/-/media/assets/js/shared/ Frame 85B7 		43 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/-/media/assets/js/shared/teknkl-formsplus-core-108.js
Requested by
Host: pages.secureworks.com
URL: https://pages.secureworks.com/dtp-200.html?&_mkt_trk=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bd7c2ec764214b504465b848ed92f844586d7ef2fae19c0cc415b270c73429

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pages.secureworks.com/

Response headers

server
cloudflare
cache-control
public, max-age=597443
content-encoding
gzip
cf-cache-status
HIT
etag
e57bd705845b46518ea8152078659f9c
age
530846
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-ray
8cebef8c9eb328fa-LAX
expires
Mon, 14 Oct 2024 04:44:06 GMT
date
Mon, 07 Oct 2024 06:46:43 GMT
content-type
application/x-javascript
content-disposition
inline; filename="teknkl-formsplus-core-108.js"
vary
Accept-Encoding
last-modified
Tue, 14 May 2024 22:59:54 GMT
teknkl-simpledto-204.js
www.secureworks.com/-/media/assets/js/shared/ Frame 85B7 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureworks.com/-/media/assets/js/shared/teknkl-simpledto-204.js
Requested by
Host: pages.secureworks.com
URL: https://pages.secureworks.com/dtp-200.html?&_mkt_trk=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.140.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130ea2a750c7c96cd469f0991f747ed632668212b31e29059b069432489dc406

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pages.secureworks.com/

Response headers

server
cloudflare
cache-control
public, max-age=540744
content-encoding
gzip
cf-cache-status
HIT
etag
b4b7055b28a9401a95005568bb8c9224
age
492708
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-ray
8cebef8d7f8828fa-LAX
expires
Sun, 13 Oct 2024 12:59:08 GMT
date
Mon, 07 Oct 2024 06:46:44 GMT
content-type
application/x-javascript
content-disposition
inline; filename="teknkl-simpledto-204.js"
vary
Accept-Encoding
last-modified
Thu, 16 May 2024 17:01:16 GMT
loader.js
assets.adoberesources.net/ Frame 85B7 		0
0
stripmkttok.js
pages.secureworks.com/js/ Frame 85B7 		0
0
jquery.min.js
rtp-static.marketo.com/rtp/libs/jquery/3.7.0/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.165.166 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-165-166.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Access-Control-Allow-Headers
*
Access-Control-Max-Age
86400
Content-Encoding
gzip
ETag
"e6c2415c0ace414e5153670314ce99a9:1685718127.441272"
Connection
keep-alive
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
30386
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 02 Jun 2023 14:58:35 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by
Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.165.166 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-165-166.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Access-Control-Allow-Headers
*
Access-Control-Max-Age
86400
Content-Encoding
gzip
ETag
"c89c0f4cc3c0f0f2bd846508a3cd504c:1715749730.923559"
Connection
keep-alive
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
3762
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
text/css
Last-Modified
Wed, 15 May 2024 05:08:51 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
trw
abrtp2.marketo.com/gw1/ 		0
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp2.marketo.com/gw1/trw?aid=dellsecureworks&trwv.uid=dellsecureworks-1728283605005-08221992&trwv.vc=1&trwsa.sid=dellsecureworks-1728283605006-0ab4d7d2&trwsb.cpv=1&ctzo=-10:00&uri=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&ma=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220&pm=&viewedTypes=&rts=1728283605008
Requested by
Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.155.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=63113904
Cache-Control
no-cache
Content-Length
0
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
application/x-javascript;charset=utf-8
Server
Jetty(9.4.45.v20220203)
Connection
close
ga-integration-2.0.5.js
rtp-static.marketo.com/rtp/libs/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Requested by
Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.165.166 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-165-166.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Access-Control-Allow-Headers
*
Access-Control-Max-Age
86400
Content-Encoding
gzip
ETag
"18a7b0f60655900c0010a35d07b9da0f:1686816053.163727"
Connection
keep-alive
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
5654
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 15 Jun 2023 08:00:53 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
msg
abrtp2.marketo.com/gw1/ 		0
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp2.marketo.com/gw1/msg?a=2&sid=dellsecureworks-1728283605006-0ab4d7d2&aid=dellsecureworks&ma=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220&viewedTypes=&0.1890634065069794&rts=1728283605059
Requested by
Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.155.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=63113904
Cache-Control
no-cache
Content-Length
0
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
text/javascript;charset=utf-8
Server
Jetty(9.4.45.v20220203)
Connection
close
collect
p.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.secureworks.com
Date
Mon, 07 Oct 2024 06:46:45 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A45%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A44%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222013%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:45 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:45 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
msg
abrtp2.marketo.com/gw1/ 		0
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp2.marketo.com/gw1/msg?a=2&sid=dellsecureworks-1728283605006-0ab4d7d2&aid=dellsecureworks&ma=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1728283601999-20220&viewedTypes=&0.702597795100794&rts=1728283605576
Requested by
Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.155.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=63113904
Cache-Control
no-cache
Content-Length
0
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
text/javascript;charset=utf-8
Server
Jetty(9.4.45.v20220203)
Connection
close
jquery-custom-ui.min.js
rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/ 		522 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/jquery-custom-ui.min.js
Requested by
Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=dellsecureworks
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.165.166 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-165-166.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Headers
*
Access-Control-Max-Age
86400
Content-Encoding
gzip
ETag
"85c4e68263c6de164e4bad3fb60222a5:1685620750.615377"
Connection
keep-alive, Transfer-Encoding
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Date
Mon, 07 Oct 2024 06:46:45 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 01 Jun 2023 11:54:52 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
visitor
abrtp2.marketo.com/gw1/rtp/api/v1_1/ 		363 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://abrtp2.marketo.com/gw1/rtp/api/v1_1/visitor?sid=dellsecureworks-1728283605006-0ab4d7d2&aid=dellsecureworks&1728283606117
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.155.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
230d3ed3ed0e9ff70e180f3c008c8cd902d3c1f2352f3ce11a1edaead61211a9
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63113904
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma
No-cache
Connection
close
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
https://www.secureworks.com
Date
Mon, 07 Oct 2024 06:46:46 GMT
Last-Modified
Mon Oct 07 01:46:46 CDT 2024
Vary
Origin
Server
Jetty(9.4.45.v20220203)
Content-Type
application/json
sgm
abrtp2.marketo.com/gw1/ga/ 		48 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://abrtp2.marketo.com/gw1/ga/sgm?sid=dellsecureworks-1728283605006-0ab4d7d2&1728283606118
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.155.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=63113904
Cache-Control
no-cache
Connection
close
Access-Control-Allow-Origin
*
Content-Length
48
Date
Mon, 07 Oct 2024 06:46:46 GMT
Content-Type
text/json;charset=utf-8
Server
Jetty(9.4.45.v20220203)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A46%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A45%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223014%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:46 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:46 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je4a20v879063519z871332070za200zb71332070&_p=1728283601109&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1209576449.1728283603&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1728283602&sct=1&seg=0&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&dt=404%20%7C%20Secureworks&_s=2&tfd=8817
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.secureworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 06:46:47 GMT
content-type
text/plain
server
Golfe2
collect
p.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.secureworks.com
Date
Mon, 07 Oct 2024 06:46:47 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A46%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224014%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:47 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:47 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A48%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A47%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225015%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:48 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:48 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A49%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A48%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%226015%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:49 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:49 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A49%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227016%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.71 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-71.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 06:46:50 GMT
accept-ranges
bytes
content-length
43
date
Mon, 07 Oct 2024 06:46:50 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
collect
p.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.secureworks.com
Date
Mon, 07 Oct 2024 06:46:50 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
img.gif
b.6sc.co/v1/beacon/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px4.ads.linkedin.com
URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true&liSync=true&e_ipv6=AQK9jbgfv1xZnQAAAZJluvOrfBP9jRQgOKCzh14Fnemf6JOQMXIc8zWH1P6P0wigBOcJXw
Domain
www.secureworks.com
URL
blob:https://www.secureworks.com/bf41b595-2598-4f65-849b-3f2096dddf6c
Domain
www.secureworks.com
URL
blob:https://www.secureworks.com/75d9859b-0c02-4b4c-b65e-7a4e41d87310
Domain
assets.adoberesources.net
URL
https://assets.adoberesources.net/loader.js?orgId=FA191D31623055520A495E1A@AdobeOrg&instanceId=dellsecureworks&env=prod&geo=va7
Domain
pages.secureworks.com
URL
https://pages.secureworks.com/js/stripmkttok.js
Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=c5c81704-246d-491f-80f0-dbe130fef73b&session=ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A51%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2007%20Oct%202024%2006%3A46%3A50%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%228016%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&pageViewId=ee36945e-bcf7-4728-8ce4-f9a61894cf28&an_uid=0&webTagId=201e7325-26d7-4b1a-af4b-38bdaf9162ab&ipv6=2a04%3Ac604%3A615%3A1%3A%3A6&v=1.1.28

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| dataLayer object| MktoForms2 function| recaptchaClient object| ScwxMarketo object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker function| OptanonWrapper object| OtTrustedType string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| assignPropertyDescriptors function| stretchArrayToLength function| mapFromEntryable function| parseDuration function| onMktoFormsLibReady function| isNavigatedViaReload function| reverseObject function| remapObjectKeys function| prefixObjectKeys function| prettyLog function| randomUUID object| nanoTracker object| Optanon object| OneTrust function| rdt object| techtargetic function| drift string| _linkedin_partner_id object| _linkedin_data_partner_ids function| twq function| onYouTubeIframeAPIReady object| gaGlobal boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| redditNormalizeEmail object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_f688b59d84 object| uetq object| twttr object| _6si object| MITData string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| lintrk boolean| _already_called_lintrk object| teads_e number| teads_buyer_pixel_id object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON object| CE_API object| 3eiXJRXgVuLsYGH9303q object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API boolean| _storagePopulated function| clarity object| clarityuetq boolean| first_party_cookie_allowed boolean| teads_tracking_allowed string| advertiser_domain string| teads_session_id object| teads_tracking_events_sent function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi_1_1_0 object| ttdPixel function| pdst function| rtp object| _uid2SdkListenerLock function| setupUid2Sdk object| ORIBILI object| FormsPlus function| SimpleDTO function| spdt object| DTO object| Demandbase function| ga function| getInternetExplorerVersion function| consoleMessage function| makeGetRequest function| createCORSRequest object| ITLocalStorageAPI object| InsighteraUtil object| iiq object| ibq object| trackObj function| isCurrentSession function| addDynamicScript function| rtpRCMD object| AITag object| aiq object| AIConfig function| setButtonWidthHeight function| getDirectionForWidgetSide function| updateWidget function| initialize function| showWidgetCampaign function| hideWidgetCampaign function| injectContent function| execute function| destroy object| InsighteraWidget function| setTimeoutFunction object| exp_2_year function| loadRichMediaImage function| jQuery function| alignElementPosition function| applyAttributeHeightToPics function| revertAttributeHeightToPics object| drift_sentry_config function| gtag

75 Cookies

Domain/Path Name / Value
www.secureworks.com/ Name: ApplicationGatewayAffinity
Value: 6575fd6869d548d9654044aee28db599
.pages.secureworks.com/ Name: __cf_bm
Value: a1q2PygTSxZhAjDY6zdNJHIzjVING6eam5o0pqqDtyA-1728283601-1.0.1.1-.gu9IC.vBnKfITr8K61glcnSTHBaGmfmzwok2cJ6fl_dOtwQpSlnIl9pbb8qRBy6S_UpU1wHVmKGyV4EBlqTww
.secureworks.com/ Name: _mkto_trk
Value: id:725-SMC-563&token:_mch-secureworks.com-1728283601999-20220
.secureworks.com/ Name: _gcl_au
Value: 1.1.1889026891.1728283603
.secureworks.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Oct+06+2024+20%3A46%3A42+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202408.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=8c6741df-48f4-4cee-bd5e-ce24518dc57d&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&groups=C0002%3A1%2CC0004%3A1%2CC0003%3A1%2CC0001%3A1
.secureworks.com/ Name: _ga
Value: GA1.1.1209576449.1728283603
.techtarget.com/ Name: __cf_bm
Value: 6EW205tL6e6ryZmTpui8Y1MSfYlDbf.caVGowuB7MUM-1728283602-1.0.1.1-bf_DgNYMhLZOHPEIc8VdggQfJYUjnHORVC2ppPBEktd1ADqRcdE6Nc1mzqfD1PdYhus0vmydEAPfUtEjPVVqIQ
.secureworks.com/ Name: _rdt_uuid
Value: 1728283603006.b1342c73-7ff3-4389-b074-36bb0d5aaebb
.secureworks.com/ Name: _uetsid
Value: e9e9f2c0847711efbcf64d60f2b9b1de
.secureworks.com/ Name: _uetvid
Value: e9ea3630847711ef92f77bed1e2a9238
.bing.com/ Name: MUID
Value: 0D059407DB356FC33EA48116DAB16EAC
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.t.co/ Name: muc_ads
Value: 2812e9e3-8473-4964-8a7b-b252f7885064
.t.co/ Name: __cf_bm
Value: .ihchwoRdfiZNs3QuERq3iQ8Fy.uRYOjLrMBiq0X9Aw-1728283603-1.0.1.1-k2tkIcGp5Y5F55Jj.LG7.xCUYNmgeoUL9sDCZcsl8LS6H6zww6tnXVUlDglCxEVpINrXZm14b.VzeHJPxsdbnw
www.secureworks.com/ Name: drift_campaign_refresh
Value: 08c5eaf3-44ec-465b-aca3-a0573377a308
.secureworks.com/ Name: _biz_uid
Value: 3be66a9a5b414f4f8050cdaa3ee942e0
.twitter.com/ Name: personalization_id
Value: "v1_7RCkiUR6JDKx3SLGokDapw=="
.secureworks.com/ Name: _biz_nA
Value: 2
.secureworks.com/ Name: cebs
Value: 1
.secureworks.com/ Name: _ce.clock_event
Value: 1
.bizible.com/ Name: _BUID
Value: 3be66a9a5b414f4f8050cdaa3ee942e0
.linkedin.com/ Name: li_sugr
Value: 123a5354-4eac-421e-abd3-4816f1fe9368
.linkedin.com/ Name: bcookie
Value: "v=2&6699cca3-705f-4ac9-86f9-e3bae4a5da85"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3320:u=1:x=1:i=1728283603:t=1728370003:v=2:sig=AQHnb_KUuPcRLPc7c3x1I2FH70Upa8vY"
www.secureworks.com/ Name: _gd_visitor
Value: c5c81704-246d-491f-80f0-dbe130fef73b
www.secureworks.com/ Name: _gd_session
Value: ceff81f5-1aaf-4d4a-8d92-6b81c573fe6e
.bizibly.com/ Name: _BUID
Value: e6c73d4f90f3ba71528fef741bb3ec0a
.adnxs.com/ Name: XANDR_PANID
Value: 7Ko14ReQNARzevEWBz3z7_38mCdzvHNEgTHE8g_xlDtHHNGQvnQJGcUdZpiaiVg-j_EqYJNdTIyqWScpese2nJbaKhkGP5aIsYhc8UPEHQE.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6460002570760170798
www.secureworks.com/ Name: _an_uid
Value: 0
.secureworks.com/ Name: _biz_pendingA
Value: %5B%5D
.secureworks.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.linkedin.com/ Name: UserMatchHistory
Value: AQJeTxVDwdmWJgAAAZJluvKXGuJDjModeLwvzUUAi3EGbhdgVpcjY9HhyeEaCS268BXR5cwZQje1cA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJTZPLrnWTteAAAAZJluvKYjegYp0yNaYVjm_fqsnJlcE9o6cnyoVMeAMWjXUSWT1zFhy6s_0tZtw5UJArJfg
www.clarity.ms/ Name: CLID
Value: 7c3353d2b35a48e2bdcf3839aef8aae4.20241007.20251007
.www.linkedin.com/ Name: bscookie
Value: "v=1&20241007064643dbb8aee9-e8ec-4b80-87ed-c1146fb4501bAQHDh9_27ucQxxa46wqIiCQ-qsQmTrE8"
.secureworks.com/ Name: tfpsi
Value: 316d11a3-651c-4554-a71e-e599534034e8
.secureworks.com/ Name: _ce.clock_data
Value: 66%2C162.245.206.245%2C1%2Ccd70ceeb4a1768030b1882c90242a428%2CChrome%2CUS
.secureworks.com/ Name: _CEFT
Value: Q%3D%3D%3D
.secureworks.com/ Name: cebsp_
Value: 1
.secureworks.com/ Name: _ce.s
Value: v~cc93264fe5f3a79fb7d0e69efcdb2faa8431e5c3~lcw~1728283603953~vir~new~lva~1728283603501~vpv~0~v11.cs~361865~v11.s~ea5a0f00-8477-11ef-8241-19d286a586fe~lcw~1728283603954
.secureworks.com/ Name: _clck
Value: vcws5z%7C2%7Cfpt%7C0%7C1741
www.secureworks.com/ Name: __pdst
Value: 2d907c76635d4eb9abc6931f47ec70bc
.adsrvr.org/ Name: TDID
Value: 13fcb6f8-9ab7-4c7d-b815-7eba855a84fe
cm.teads.tv/ Name: ar_debug
Value: 1
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0D059407DB356FC33EA48116DAB16EAC
pages.secureworks.com/ Name: BIGipServerab44web-nginx-app_https
Value: !o1xDJ2sMi3uAmMnagI9xdiUvaZp4ghc2CEcELuSsE3u4xVofE0dlw74rlhKD5M5mLwkGUjvP2pSOtJs=
.rlcdn.com/ Name: rlas3
Value: tenCXT2b0eQxGvcCCZ6dybD5VOs2qRH7pNfPhoZLDdk=
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0D059407DB356FC33EA48116DAB16EAC
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.company-target.com/ Name: tuuid
Value: 763ac6c3-b976-48a9-9c24-91acb180b243
.company-target.com/ Name: tuuid_lu
Value: 1728283604|ix:0|mctv:0|rp:0
.rlcdn.com/ Name: pxrc
Value: CNSHjrgGEgUI6AcQABIGCMrdKhAA
.secureworks.com/ Name: _clsk
Value: g6unfs%7C1728283604804%7C1%7C1%7Cp.clarity.ms%2Fcollect
.casalemedia.com/ Name: CMID
Value: ZwOD1MAoIlgAAHGmAblSuwAA
.casalemedia.com/ Name: CMPS
Value: 2039
.casalemedia.com/ Name: CMPRO
Value: 2039
.secureworks.com/ Name: trwv.uid
Value: dellsecureworks-1728283605005-08221992%3A1
.secureworks.com/ Name: trwsa.sid
Value: dellsecureworks-1728283605006-0ab4d7d2%3A1
.tremorhub.com/ Name: tvid
Value: 94852cf939534b9e927540920fb6c37d
.tremorhub.com/ Name: tv_UIDM
Value: 763ac6c3-b976-48a9-9c24-91acb180b243
www.secureworks.com/ Name: drift_aid
Value: b60403fc-835d-45a0-a343-9366d925abdc
www.secureworks.com/ Name: driftt_aid
Value: b60403fc-835d-45a0-a343-9366d925abdc
.rubiconproject.com/ Name: audit_p
Value: 1|lwCBNvpSyFL0qInL1D50GlXrgcISKWJ+8qrNNSffvHoJD8deNwibMKitf77pdNS3vBFDQOm1AQAwHTRO1/p4iJLoYn4tEwhGClvn6BDIwh21u6ChP2iNHVoilekgn839WKwF8dVro4whLtbueXEf9ikcYtDfkn/iVFGxpdJGiDeWvEnWSmTsitzpQ7vzkXQ/
.rubiconproject.com/ Name: khaos
Value: M1YNFOFP-1Q-4FED
.rubiconproject.com/ Name: khaos_p
Value: M1YNFOFP-1Q-4FED
.rubiconproject.com/ Name: audit
Value: 1|lwCBNvpSyFL0qInL1D50GlXrgcISKWJ+8qrNNSffvHoJD8deNwibMKitf77pdNS3vBFDQOm1AQAwHTRO1/p4iJLoYn4tEwhGClvn6BDIwh21u6ChP2iNHVoilekgn839WKwF8dVro4whLtbueXEf9ikcYtDfkn/iVFGxpdJGiDeWvEnWSmTsitzpQ7vzkXQ/
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIYXBwbmV4dXMSCwjC4L7wuqmzPRAFEhUKBmdvb2dsZRILCLaNv_C6qbM9EAUSFgoHcnViaWNvbhILCOiqv_C6qbM9EAUYBSABKAMyCwjgtcGd0amzPRAFQg8iDQgBEgkKBXRpZXIzEAFaBzZnMXk5aHlgAQ..
.secureworks.com/ Name: _ga_15MK64YNN6
Value: GS1.1.1728283602.1.1.1728283607.55.0.0

3 Console Messages

Source Level URL
Text
network error URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.secureworks.com/blog/fake-human-verification-prompt-delivers-infostealers.
Message:
Refused to load the image 'https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1728283603161&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&cookiesTest=true&liSync=true&e_ipv6=AQK9jbgfv1xZnQAAAZJluvOrfBP9jRQgOKCzh14Fnemf6JOQMXIc8zWH1P6P0wigBOcJXw' because it violates the following Content Security Policy directive: "img-src 'self' reviews.static.gartner.com dam.secureworks.com *.vidyard.com cdn.jsdelivr.net cm.teads.tv https://*.teads.tv https://*.jsdelivr.net https://*.vidyard.com https://*.vimeo.com https://*.vimeocdn.com *.vumbnail.com vumbnail.com content.secureworks.com *.secureworks.com web.secureworks.com id.rlcdn.com www.google.com *.googletagmanager.com *.google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:".
network error URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.secureworks.com%2Fblog%2Ffake-human-verification-prompt-delivers-infostealers.&page_title=404%20%7C%20Secureworks
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' *.secureworks.com 'sha256-bOI/wC+BVYVgJ8FH+PGpU7JVMgpfp4aGssXVkBnQfOY=' 'sha256-QanyWrbT0wCx9X2Jy1i0vjMWUJuBBnoFWBW59nXIAaQ=' 'sha256-a4XKOKikGVsTOKjLwsaxxV5wpz/r2aiS5mjhlhYZ6A0=' 'sha256-5dJLPJs8n07/9HQlsmJnd/4gjSEsyEEiOhQc+PbGaig=' 'sha256-jMoDwOP/2iUJQsqaUAtqDKM1Neh9OXK0GQmHMtwUPio=' 'nonce-OTA2MzE5NjAtNWMzMi00NTIwLTgyNjMtNTQ5OTE0ZDc3Mjhj' 'sha256-PDj+y4dsjx//y3j3XeqRQfENwQq6pGv979Bj2gNKC2U=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' 'sha256-qNQx9jt8qaEBXM11NIr686AfxMFZ5JdLDih1v53gg58=' 'sha256-V3cvEVskzD9prkzxm7tqKYfGLb9bWJvWCtL+JIITaS0=' 'sha256-waeaCDLj6GQjXDbMrbks0tMGletGWM4yUCtZexjXtQ4=' 'sha256-NqbLH0mR4blvVOwz3czIHomPHCsoQ0Wm41wF1kBSvZU=' 'sha256-TZtgnurDy2HoHCI+ehO8j6c5zhggFWTaD7sk189UzKM=' 'sha256-gsbdg33D5bd9G0LZ0fXRG2gtuTHtE5/f0vcHrZgakbQ=' 'sha256-BXlqoZ7hukD5ysO0e9EKhq69GLrh8k9fWsZ10PXXdOc=' *.secureworks.com https://play.vidyard.com https://code.jquery.com https://js-agent.newrelic.com https://bam.nr-data.net *.gartner.com *.gtnr.io *.marketo.com https://play.vidyard.com *.youtube.com https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' reviews.static.gartner.com dam.secureworks.com *.vidyard.com cdn.jsdelivr.net cm.teads.tv https://*.teads.tv https://*.jsdelivr.net https://*.vidyard.com https://*.vimeo.com https://*.vimeocdn.com *.vumbnail.com vumbnail.com content.secureworks.com *.secureworks.com web.secureworks.com id.rlcdn.com www.google.com *.googletagmanager.com *.google-analytics.com www.google.com.ua googleads.g.doubleclick.net cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net bat.bing.com c.bing.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com attr.ml-api.io s.ml-attr.com secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com https://calculator.value-cloud.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

725-smc-563.mktoresp.com
abrtp2-cdn.marketo.com
abrtp2.marketo.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
assets-tracking.crazyegg.com
assets.adoberesources.net
attr.ml-api.io
b.6sc.co
bat.bing.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.pdst.fm
cm.teads.tv
dam.secureworks.com
eps.6sc.co
fledge.teads.tv
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
id.rlcdn.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
match.adsrvr.org
munchkin.marketo.net
p.clarity.ms
p.teads.tv
pages.secureworks.com
pagestates-tracking.crazyegg.com
pixel-config.reddit.com
pixels.spotify.com
px.ads.linkedin.com
px4.ads.linkedin.com
rtp-static.marketo.com
s.company-target.com
s.ml-attr.com
script.crazyegg.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.teads.tv
tag.demandbase.com
td.doubleclick.net
tracking.crazyegg.com
trk.techtarget.com
v.eps.6sc.co
www.clarity.ms
www.google.com
www.googletagmanager.com
www.redditstatic.com
www.secureworks.com
assets.adoberesources.net
b.6sc.co
pages.secureworks.com
px4.ads.linkedin.com
www.secureworks.com
104.17.70.206
104.19.148.8
104.244.42.195
13.249.39.46
142.251.174.157
146.75.28.157
151.101.193.140
151.101.65.140
152.199.2.76
162.159.140.229
162.159.140.25
172.217.197.105
173.194.68.94
18.160.10.89
18.160.18.33
18.160.18.68
18.165.98.98
18.67.65.33
18.67.76.97
192.28.144.124
192.28.155.3
20.110.205.119
20.122.63.128
2001:4860:4802:32::181
23.13.165.166
23.13.172.203
23.205.106.71
23.50.125.47
23.62.161.51
2600:1408:c400:58::17d5:9e52
2600:1408:c400:d::17cd:6a49
2600:1901:1:7c5::
2600:9000:24f5:2200:4:9e56:3e80:93a1
2600:9000:27c5:6a00:5:7a81:86c0:93a1
2606:4700:4400::6812:2089
2606:4700::6812:1347
2606:4700::6812:572a
2607:f8b0:400d:c01::9d
2607:f8b0:400d:c09::9b
2607:f8b0:400d:c0e::61
2620:1ec:21::14
2620:1ec:33:1::10
2620:1ec:bdf::40
2620:1ec:c11::237
2a04:4e42::396
3.139.205.23
3.167.72.96
3.33.220.150
34.111.208.231
34.96.71.22
35.244.142.80
35.244.154.8
68.67.153.60
68.67.160.75
75.2.108.141
99.84.191.94
01fdbf3b40d63955fb21e9c9f782d2af824f6375b0cbd81cc44c09f5400d0d29
0602c4fb1597b7e6e111fe79777e195cacbc73774fcaf233a7835b33372dceae
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0d5814b63b40396038744da3cf6fdddd770c9fc5fe21e4af108b0f5fc06feb5e
0d6ba64c8c705a0ff24ab7812805f1a6bdd9080f8df2696e435154cf6e79b73d
0d6fba9519c07a6138279b6d6fa859766cd5b6b27e68166b53dad79201597832
0ee1ed3602f1c18382744fd6c2803c6220f49c1fd8f5e01dacde3ca03c0c94df
10f658f4b539d5f56b5ffddf6bff1cc1b478912c7bff8fa22c5d6ff567cf2dfd
12aaca5af6cc0e28061530fb01e48a3bcab05e9d5706ba62c0e590ae9c5ae4bc
130ea2a750c7c96cd469f0991f747ed632668212b31e29059b069432489dc406
13122b3fd48d530470d735824c63b0b25a895931f5728921f8cc1eb5848fe2ba
1362ad7199ef6585442f4cb16faba76503e5cf440ca0a82490f19497cd6a75bc
143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9
1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288
1780d389298775f1ad73d4a63250ab47c6da07fc59ee9c08305222459de554c5
17882b485627749660e05de0baa5c3369b8df59896bcdb2f44895bdb6c985f14
1b72754a0ddf046ba36f9b602122519dea9da094fb61b57da2c60d35a066adeb
1fdddb377d6442ed4a9ea71787b84b868c358163da4c5ecbdc55a65ea280a713
230d3ed3ed0e9ff70e180f3c008c8cd902d3c1f2352f3ce11a1edaead61211a9
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
2b76291b70139d9c203708f0afdbab2d98c39a24e6152e9cb99837e714df8845
2c14a49b6bc2742d24220cecca774de09c8beb5be67fe3e18a116e42760845cf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
311c88696319d6a1593e228051ea44b89c9d6a7c30bce23c3ebba10f5e6169fa
31682995ec8676c8e675c9786ab0cb64db8afeda42bd162c610ecd6a6978c86f
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338d52cf052e2dd7c434d3dbc2002413745df44f61cd345450db9758b9c3623e
3a8e4260f2522a856e42c5f90b17df4929dc18837c840cff35723cb1ab5eac39
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fa30ae2f97f34bf61f99eebd2d2e033857d17204ffe231c2711c8b7458bf525
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bd7c2ec764214b504465b848ed92f844586d7ef2fae19c0cc415b270c73429
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4b18751f3a50a2525e37e8caeda2e00f3c683f1689d629dbb21f3d570a9343af
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
4fc84674bc35b739d5e31f0540890fd8b8dbd23f96931a65e0de4c5d83c1925a
512a4f403d30a587ad5ab0b9fa7b2fd4f078249ee03f9c23c445332838f6a436
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
535c486f23805bc0e16c75cbfb92f15c0be34410756e71c91069e02d19e2e632
5392fcb13ceeae22545e0102586f503f8a5776bd631432814988c86bb64a3d72
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59b4343a10956747c4c275b80010a3d352ea63acc4ccf00c00bf9f82ca162473
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427
667b994de76f69de29f3c4330bc24cb4ee2ebe28891b48992f991c8f3c737c31
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
696725e3e868de5008ff232248cd23ef5ce522e4e26e23d0a7bf6a798d5142e3
69a2d6e6dafca1b7a34998ec81ce8a8c1b0369a85c91e552c1b65f4cdb3cf2b4
6ccc8c65bb1c1e5b3e9d3136cb13658cbacdcda6b838943f5adad808956a7513
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
73177db9c06173243324b7213e7f9c56c6cc7baa06fba9ab0bad588cc6cde2f3
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69
796a4a8bdcb4337714d075bacb897dc3466fa4308e37414bc160f22a8887c770
7bafcb7a3246bb72324a72cdd46034d00c58273538ae41219109e76d47451730
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8ae2c031d4437921725504cc0dde011afa318561961ad23d28d64bc61de45341
8b9d0d77fab58e1e1ec4fd77f06ecebedf37e54ad7b3a3f0d6641de0204fcaa9
8f6e9da92038cc7400b27985b80faad366bc66962a0c72a5dc7509a41122cce6
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90b5e36a116b4acfcfce8bde08d3b36d86cc46cd7b8f46a065081b9aea2fe41a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5a7ef5d5558de8bd30bd2bd9abc645152b8c75f39723c3e66d57dcf87dd137
9d97bbd85c468774c039c24d0efab9102a093de4915ba1f91f630f26a56c0628
a111c2463a90c5293e5a4ef8ac575d8b15e7675e01d49e32be36d5ae9e7b7015
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acbb2354437255cda25e6e60dbade25076d65a6455b2ad2e141a77ac5a67c054
ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129
b96a7912f7ff7abd9fef86c7421182705089ee500af7a2b2fd3cb1fdf58b2f95
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641
c2566d4bbd8ec1aa8996f5cdff49759da23cdaf26b3f84bccb4566b91a6baec2
ca1eba3ecbd19a1795666d95a88d6b3a97ada794936e8f2b01d652d27a0bc5d5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d0a3bb78b2706f561fb87578267c54940a263997b03ce1e779123536b3dbd80c
d8e6280434b9a9ba6555108f4772fdf71b7448400a4c95ec2239b574bb1e91a7
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1c7e5a7ef0884b81be7638042f150b8093dca463210e86b4611cbb993a44ef3
e293855d56fa422cf29b0dba1c14b5c9bab21b455f8b5d7ca3c5e475b88f640d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d42fae382d2c92ee221304d9443315524fc8af669a78c20e5dd9c248d177ca
e4f740eb4e7a892b5a173a11d2e2814d3d19d8bd5ace67cbf012e8145212d21b
e571528d089d7d4cad92834a2651a359192a434a7b1411d473f854a7f03de7f6
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f96e7a1f4b27a31840d3c6f72b2a5c44a9cbd0601682852f797c008e51ac2723
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a