urlscan.io logo urlscan.io
SecurityTrails logo

breakingsecurity.net Open in urlscan Pro
192.124.249.19  Public Scan

Go To Rescan Add Verdict Report
URL: https://breakingsecurity.net/wp-content/uploads/dlm_uploads/2018/07/Remcos_Instructions_Manual_rev22.pdf
Submission: On May 10 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 192.124.249.19, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is breakingsecurity.net.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 12th 2024. Valid for: a year.
This is the only time breakingsecurity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 192.124.249.19 30148 (SUCURI-SEC)
2 1
Apex Domain
Subdomains		 Transfer
3 breakingsecurity.net
breakingsecurity.net
12 KB
2 1
Domain Requested by
3 breakingsecurity.net 1 redirects
2 1

This site contains no links.

Subject Issuer Validity Valid
breakingsecurity.net
Starfield Secure Certificate Authority - G2		 2024-03-12 -
2025-03-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://breakingsecurity.net/wp-content/uploads/dlm_uploads/2018/07/Remcos_Instructions_Manual_rev22.pdf
Frame ID: 01E8D4D71F31B35824315D8FEE5FCA42
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

11 kB
Transfer

11 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://breakingsecurity.net/favicon.ico HTTP 302
  • https://breakingsecurity.net/wp-content/uploads/2021/05/circuit_256.png

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Remcos_Instructions_Manual_rev22.pdf
breakingsecurity.net/wp-content/uploads/dlm_uploads/2018/07/ 		345 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://breakingsecurity.net/wp-content/uploads/dlm_uploads/2018/07/Remcos_Instructions_Manual_rev22.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10019.sucuri.net
Software
nginx /
Resource Hash
d5c03451b7d7612ee858523f2bd21e4e9760e0da7b0dd7d29efa212734ef0186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=315360000
content-length
1179807
content-type
application/pdf
date
Fri, 10 May 2024 07:04:53 GMT
etag
"646cf91a-12009f"
expires
Thu, 31 Dec 2037 23:55:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
last-modified
Tue, 23 May 2023 17:34:18 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-proxy-cache-info
DT:1
x-sucuri-cache
REVALIDATED
x-sucuri-id
15019
x-xss-protection
1; mode=block
circuit_256.png
breakingsecurity.net/wp-content/uploads/2021/05/
Redirect Chain
  • https://breakingsecurity.net/favicon.ico
  • https://breakingsecurity.net/wp-content/uploads/2021/05/circuit_256.png
11 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://breakingsecurity.net/wp-content/uploads/2021/05/circuit_256.png
Protocol
H2
Server
192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10019.sucuri.net
Software
nginx /
Resource Hash
2e9096ed0afa801366df03b0effc5b88abb577972146ff88fe16385d0586eaa1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://breakingsecurity.net/wp-content/uploads/dlm_uploads/2018/07/Remcos_Instructions_Manual_rev22.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 10 May 2024 07:04:53 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-proxy-cache-info
DT:1
x-sucuri-cache
HIT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
10972
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 14:53:53 GMT
server
nginx
etag
"65942381-2adc"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

x-proxy-cache
MISS
date
Fri, 10 May 2024 07:04:53 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-cache-enabled
True
x-redirect-by
WordPress
x-proxy-cache-info
0302 NC:000000 UP:
x-sucuri-cache
EXPIRED
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://breakingsecurity.net/wp-content/uploads/2021/05/circuit_256.png
x-httpd
1
cache-control
max-age=315360000
x-sucuri-id
15019
link
<https://breakingsecurity.net/wp-json/>; rel="https://api.w.org/"
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

breakingsecurity.net
192.124.249.19
2e9096ed0afa801366df03b0effc5b88abb577972146ff88fe16385d0586eaa1
d5c03451b7d7612ee858523f2bd21e4e9760e0da7b0dd7d29efa212734ef0186