threathunterplaybook.com
Open in
urlscan Pro
185.199.108.153
Public Scan
Submission: On November 09 via api from SI — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 8th 2021. Valid for: 3 months.
This is the only time threathunterplaybook.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
29 | 185.199.108.153 185.199.108.153 | 54113 (FASTLY) (FASTLY) | |
3 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700::68... 2606:4700::6810:7daf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
33 | 3 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com
threathunterplaybook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
threathunterplaybook.com
threathunterplaybook.com |
425 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
79 KB |
2 |
unpkg.com
1 redirects
unpkg.com |
433 KB |
33 | 3 |
Domain | Requested by | |
---|---|---|
29 | threathunterplaybook.com |
threathunterplaybook.com
|
3 | cdnjs.cloudflare.com |
threathunterplaybook.com
cdnjs.cloudflare.com |
2 | unpkg.com |
1 redirects
threathunterplaybook.com
|
33 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
jupyterbook.org |
github.com |
mybinder.org |
colab.research.google.com |
mordordatasets.com |
raw.githubusercontent.com |
twitter.com |
docs.microsoft.com |
www.harmj0y.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
threathunterplaybook.com R3 |
2021-10-08 - 2022-01-06 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://threathunterplaybook.com/notebooks/windows/06_credential_access/WIN-180815210510.html
Frame ID: A330D931076CF152EE997F7796B52BE7
Requests: 33 HTTP requests in this frame
18 Outgoing links
These are links going to different origins than the main page.
Title: Jupyter Book
Search URL Search Domain Scan URL
Title: repository
Search URL Search Domain Scan URL
Title: open issue
Search URL Search Domain Scan URL
Title: suggest edit
Search URL Search Domain Scan URL
Title: Binder
Search URL Search Domain Scan URL
Title: Colab
Search URL Search Domain Scan URL
Title: https://github.com/OTRF/ThreatHunter-Playbook/tree/master/docs/library/windows/active_directory_replication.md
Search URL Search Domain Scan URL
Title: https://mordordatasets.com/notebooks/small/windows/06_credential_access/SDWIN-190301174830.html
Search URL Search Domain Scan URL
Title: https://raw.githubusercontent.com/OTRF/mordor/master/datasets/small/windows/credential_access/host/empire_dcsync_dcerpc_drsuapi_DsGetNCChanges.zip
Search URL Search Domain Scan URL
Title: None
Search URL Search Domain Scan URL
Title: https://twitter.com/FuzzySec/status/1127249052175872000
Search URL Search Domain Scan URL
Title: https://github.com/OTRF/ThreatHunter-Playbook/blob/master/signatures/sigma/win_ad_replication_non_machine_account.yml
Search URL Search Domain Scan URL
Title: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/1522b774-6464-41a3-87a5-1e5633c3fbbb
Search URL Search Domain Scan URL
Title: https://docs.microsoft.com/en-us/windows/desktop/adschema/c-domain
Search URL Search Domain Scan URL
Title: https://docs.microsoft.com/en-us/windows/desktop/adschema/c-domaindns
Search URL Search Domain Scan URL
Title: http://www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/
Search URL Search Domain Scan URL
Title: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc782376(v=ws.10)
Search URL Search Domain Scan URL
Title: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-drsr/f977faaa-673e-4f66-b9bf-48c640241d47
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://unpkg.com/thebelab@latest/lib/index.js HTTP 302
- https://unpkg.com/thebelab@0.5.1/lib/index.js
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
WIN-180815210510.html
threathunterplaybook.com/notebooks/windows/06_credential_access/ |
48 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css
threathunterplaybook.com/_static/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.c5995385ac14fb8791e8eb36b4908be2.css
threathunterplaybook.com/_static/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
threathunterplaybook.com/_static/vendor/fontawesome/5.13.0/css/ |
57 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
threathunterplaybook.com/_static/vendor/fontawesome/5.13.0/webfonts/ |
78 KB 78 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
threathunterplaybook.com/_static/vendor/fontawesome/5.13.0/webfonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sphinx-book-theme.acff12b8f9c144ce68a297486a2fa670.css
threathunterplaybook.com/_static/ |
36 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pygments.css
threathunterplaybook.com/_static/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
togglebutton.css
threathunterplaybook.com/_static/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
copybutton.css
threathunterplaybook.com/_static/ |
1 KB 807 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mystnb.css
threathunterplaybook.com/_static/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sphinx-thebe.css
threathunterplaybook.com/_static/ |
2 KB 948 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
panels-main.c949a650a448cc0ae9fd3441c0e17fb0.css
threathunterplaybook.com/_static/ |
3 KB 993 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
panels-variables.06eb56fa6e07937060861dad626602ad.css
threathunterplaybook.com/_static/ |
228 B 427 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.1c5a1a01449ed65a7b51.js
threathunterplaybook.com/_static/js/ |
82 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
documentation_options.js
threathunterplaybook.com/_static/ |
345 B 435 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
threathunterplaybook.com/_static/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
underscore.js
threathunterplaybook.com/_static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
doctools.js
threathunterplaybook.com/_static/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language_data.js
threathunterplaybook.com/_static/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
togglebutton.js
threathunterplaybook.com/_static/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
threathunterplaybook.com/_static/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
copybutton.js
threathunterplaybook.com/_static/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sphinx-book-theme.12a9622fbb08dcb3a2a40b2c02b83a57.js
threathunterplaybook.com/_static/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.7/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
unpkg.com/thebelab@0.5.1/lib/ Redirect Chain
|
1 MB 433 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sphinx-thebe.js
threathunterplaybook.com/_static/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
threathunterplaybook.com/_static/ |
126 KB 127 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_binder.svg
threathunterplaybook.com/_static/images/ |
1 KB 788 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_colab.png
threathunterplaybook.com/_static/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
copy-button.svg
threathunterplaybook.com/_static/ |
711 B 668 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MathJax.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.7/ |
62 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TeX-AMS-MML_HTMLorMML.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.7/config/ |
239 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| DOCUMENTATION_OPTIONS function| $ function| jQuery function| _ object| Documentation function| $u object| stopwords function| Stemmer object| splitChars function| splitQuery function| initToggleItems function| toggleHidden function| toggleClickHandler function| addToggleToSelector function| ClipboardJS string| togglebuttonSelector function| initTriggerNavBar function| scrollToActive function| sbRunWhenDOMLoaded function| toggleFullScreen function| initTooltips function| initTocHide function| initThebeSBT string| kernelName function| initThebe function| detectLanguage object| MathJax object| webpackJsonp function| setImmediate function| clearImmediate object| Backbone function| CodeMirror object| thebelab0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
threathunterplaybook.com
unpkg.com
185.199.108.153
2606:4700::6810:135e
2606:4700::6810:7daf
0d7ce222765c199e06bcb1206fe1217e702cec0e7edee7d916d7e2fd87798c22
0f54107dd296c98c105868a00302cb51bcf111ccbfba5cedf7b317d62f083f44
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
2f9f61159d1fd57c2bdc259e60ba400fb1278309b24a2331dfb6c8ab89a4fabe
3002c188bd1f66c71a2f750cb1e449fc7b4832fc8f35ffa2d1adcbf1e01bd26d
3aa39ef2b1eeba1dbc1ae05b8151f6a0145aa8e62d106a8088f0fe92603c40ac
3c26739d12bd15bcbf0de2a19fbbf77c677f850ddf93f5e99847c2a91a30f296
3ce57223e2b2684fc69b6492f0ee07077cff21018eff651ba6ef52f98704fc45
41f6a846d5b6384ac82e1b69961124b68b06b7e84b1fd40a7161b330fe179f50
42d8fad13bc28fc726775196ec9ab953febf9bde175c5845128361c953fa17f4
450c2f8b53835f6c5a2985de6fc0f285ae3973fa3bc49de2ef75d3a77e03c1dc
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
68bbb664c58b203e20451c63ec3991bc9a71ccda3f1025e394dc569a20bd2cf9
7b7a86c597ae4b68b34681ba872921f0265bd757d8a1f456ea2e376c23447962
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
85f7a25bc4bb25d5c764d5bc088562cc70387856226d628afae9785535779acd
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8999c1e278bd59f7c441df9d697b061e92deb9725785a0494222a51ab6d504d2
8a1ebfbf9815a8ebd248a2679e450b3f414930eb0c3344b67deadc2b2b8d4a2f
8aa050bf57ebb68b3deff51f81ec5c172ee15137e3aba48dcebbfd23553f9fb8
8b78ab0cb1d1aaadb324e7597128c294512b07b688a13d9d09438e8c82d004e4
91969f01cea666f2b75b7bf5a4739c522c77d0e1d037aa54fcd3b6a0592a655c
983916d04390063f8fb88c62a6763f47d598c694e51dfcd0fee2d518f91dc43d
9d57c82859906abc5592c23614f5a736df529cbbc69bff9cafb5d3fc64fef342
a0b8a6328d5d79fd7aabec3437fcf30f076b512205c9594d5a60e9de6570d051
a214de8cae4cfee0b5e4e136e1214cadd60fe89e52a4d984269a36fcaa302326
a65de1b8859cafa956ec3d2acd9e2d3ca34a0b4469ff73a1a9efe97d7c8de3c3
b0b4e07f3b8ce8f05c89b4cb1c55e0a748641251494c3791ba9bc493f3de07fe
b5f5430dd646282c20aa60ec4d2f0908e81474a8e277375ffe24acf1264ba235
c05679d800886eed1678fb7d17dac7e478fc2502b53b312976d4fe16fb3a24fc
cbac1a6c9e64ed2b020a82c87c6dbae846b72a246fcd40faa3bb4d7190211b48
e6cd47280618d86f8a3531a52e3d940000e57002c881454025923b2917862efc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d