www.labs.greynoise.io Open in urlscan Pro
54.147.120.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
Submission: On September 14 via api (September 14th 2024, 6:24:43 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 43 HTTP transactions. The main IP is 54.147.120.112, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.labs.greynoise.io.
TLS certificate: Issued by R10 on August 11th 2024. Valid for: 3 months.

This is the only time www.labs.greynoise.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	54.147.120.112 54.147.120.112	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
43	10

26 54.147.120.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-120-112.compute-1.amazonaws.com

www.labs.greynoise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	greynoise.io www.labs.greynoise.io	2 MB
4	gstatic.com fonts.gstatic.com	88 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	380 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4054
1	google.de www.google.de — Cisco Umbrella Rank: 10137	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	258 B
43	8

	Domain	Requested by
26	www.labs.greynoise.io	www.labs.greynoise.io
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	www.labs.greynoise.io www.googletagmanager.com
3	fonts.googleapis.com	www.labs.greynoise.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
1	www.google.de	www.labs.greynoise.io
1	stats.g.doubleclick.net	www.googletagmanager.com
43	8

This site contains links to these domains. Also see Links.

Domain
greynoise.io
viz.greynoise.io
www.solarwinds.com
support.solarwinds.com
www.greynoise.io
attackerkb.com
twitter.com
github.com
x.com
superuser.com
www.google.com
www.fileformat.info
en.wiktionary.org
gist.github.com
infosec.exchange

Subject Issuer	Validity	Valid
www.labs.greynoise.io R10	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.de WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
Frame ID: 4FC86DD8B5BEC493B9BE639834CF9A01
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GreyNoise Labs - SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

43
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

8
Subdomains

10
IPs

3
Countries

2367 kB
Transfer

3156 kB
Size

7
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://greynoise.io/
Title: GreyNoise Home

Search URL Search Domain Scan URL

URL: https://viz.greynoise.io/
Title: Explore our data

Search URL Search Domain Scan URL

URL: https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995
Title: an advisory

Search URL Search Domain Scan URL

URL: https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-2-Hotfix-2-Release-Notes
Title: SolarWinds Serv-U 15.4.2 HF 2

Search URL Search Domain Scan URL

URL: https://www.greynoise.io/blog/whats-going-on-with-checkpoint-cve-2024-24919
Title: Check Point vulnerability

Search URL Search Domain Scan URL

URL: https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis
Title: Rapid 7’s analysis

Search URL Search Domain Scan URL

URL: https://twitter.com/stephenfewer
Title: Stephen Fewer

Search URL Search Domain Scan URL

URL: https://github.com/bigb0x/CVE-2024-28995/blob/main/CVE-2024-28995.py
Title: scanner

Search URL Search Domain Scan URL

URL: https://x.com/MohamedNab1l/status/1801931326452322604
Title: written by @MohamedNab1l

Search URL Search Domain Scan URL

URL: https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis#:~:text=InternalDir%3D%5C..%5C..%5C..%5C..%5Cetc
Title: matches up very cleanly with Stephen’s analysis

Search URL Search Domain Scan URL

URL: https://github.com/bigb0x/CVE-2024-28995/blob/main/CVE-2024-28995.py#L74
Title: public scanner

Search URL Search Domain Scan URL

URL: https://viz.greynoise.io/ip/185.196.10.2
Title: 185.196.10.2

Search URL Search Domain Scan URL

URL: https://superuser.com/questions/1391577/what-does-represent-in-windows-command-line
Title: carets as escape characters

Search URL Search Domain Scan URL

URL: https://viz.greynoise.io/ip/120.245.64.189
Title: 120.245.64.189

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=utf8+E38081
Title: “utf8 e38081”

Search URL Search Domain Scan URL

URL: https://www.fileformat.info/info/unicode/char/3001/index.htm
Title: “idiographic comma”

Search URL Search Domain Scan URL

URL: https://en.wiktionary.org/wiki/%E3%80%81
Title: used in Chinese and Japanese

Search URL Search Domain Scan URL

URL: https://viz.greynoise.io/ip/221.4.215.215
Title: 221.4.215.215

Search URL Search Domain Scan URL

URL: https://gist.github.com/iagox86/45accd66cbfeda2d6cbcf54e0220e8ca
Title: uploaded to Gist

Search URL Search Domain Scan URL

URL: https://github.com/HuaQiPro/seacms/issues/23
Title: a vulnerability a Chinese CMS called SeaCms

Search URL Search Domain Scan URL

URL: https://github.com/HuaQiPro/seacms/blob/master/js/player/dmplayer/dmku/index.php#L70
Title: was

Search URL Search Domain Scan URL

URL: https://github.com/HuaQiPro/seacms/blob/master/js/player/dmplayer/dmku/class/danmu.class.php#L50
Title: patched

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@greynoise

Search URL Search Domain Scan URL

URL: https://twitter.com/greynoiseio

Search URL Search Domain Scan URL

URL: https://github.com/GreyNoise-Intelligence

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/ 61 KB
61 KB 300ms
92ms Document
text/html 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

87fce51aa7f431eba1dde67be66f869598152118f2a6b9a44f10b90495987cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 62213
content-type: text/html
date: Sat, 14 Sep 2024 18:24:38 GMT
etag: "66c75173-f305"
last-modified: Thu, 22 Aug 2024 14:55:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 quarto-nav.js Show response
www.labs.greynoise.io/site_libs/quarto-nav/ 8 KB
9 KB 351ms
348ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-nav/quarto-nav.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

669889c3be96671d6341bec5afa4fa3cc7dce305545c4cc51f2753cd41e2fca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-21a9"
content-length: 8617
content-type: application/javascript

GET
H2 200 headroom.min.js Show response
www.labs.greynoise.io/site_libs/quarto-nav/ 4 KB
5 KB 352ms
349ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-nav/headroom.min.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

5b80cc4165a661a3f2060d6bdb5ccff591f04c4f8e39a06c12d3c2544587cb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-11da"
content-length: 4570
content-type: application/javascript

GET
H2 200 clipboard.min.js Show response
www.labs.greynoise.io/site_libs/clipboard/ 9 KB
9 KB 536ms
533ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/clipboard/clipboard.min.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:14 GMT
accept-ranges: bytes
etag: "66c75152-23c8"
content-length: 9160
content-type: application/javascript

GET
H2 200 autocomplete.umd.js Show response
www.labs.greynoise.io/site_libs/quarto-search/ 91 KB
91 KB 353ms
350ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-search/autocomplete.umd.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

f48d81545d5edda68f4a8fc0e8aa8f542e7698703993669ba84fc1cb47ae4cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-16b2b"
content-length: 92971
content-type: application/javascript

GET
H2 200 fuse.min.js Show response
www.labs.greynoise.io/site_libs/quarto-search/ 23 KB
23 KB 257ms
254ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-search/fuse.min.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

c57339c3fa16b1d69d9a6b46749a8139ef8d4fc9bbfe48144ff897aa7d4222ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-5bf3"
content-length: 23539
content-type: application/javascript

GET
H2 200 quarto-search.js Show response
www.labs.greynoise.io/site_libs/quarto-search/ 36 KB
36 KB 534ms
532ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-search/quarto-search.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

d8199acdf4c7584bdc1b41168bceb853c8eee0c660c60abd88c4270e3a100e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-90fd"
content-length: 37117
content-type: application/javascript

GET
H2 200 cookie-consent.js Show response
www.labs.greynoise.io/site_libs/cookie-consent/ 202 KB
202 KB 168ms
166ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/cookie-consent/cookie-consent.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

8189a7bda73ab443551e4d375affab93f1b4be7a2fa79d030aeba3f6fd8d5f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:14 GMT
accept-ranges: bytes
etag: "66c75152-3283d"
content-length: 206909
content-type: application/javascript

GET
H2 200 cookie-consent.css
www.labs.greynoise.io/site_libs/cookie-consent/ 75 B
252 B 166ms
164ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/cookie-consent/cookie-consent.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

9be199c11f99e906de71b99a9d4e7e113b979007c90125d7c49a593bc7f22e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:14 GMT
accept-ranges: bytes
etag: "66c75152-4b"
content-length: 75
content-type: text/css

GET
H2 200 quarto.js Show response
www.labs.greynoise.io/site_libs/quarto-html/ 28 KB
28 KB 258ms
256ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-html/quarto.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

561af7e71cbfaddaefa3c72853afcb68ec04765b7f9883621fc64721d90eb990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-6f0b"
content-length: 28427
content-type: application/javascript

GET
H2 200 popper.min.js Show response
www.labs.greynoise.io/site_libs/quarto-html/ 20 KB
20 KB 537ms
534ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-html/popper.min.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

4d50586b184724d39ddfe0f6582861664eddd5e806e5a79e0dbaa832361414d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-4e74"
content-length: 20084
content-type: application/javascript

GET
H2 200 tippy.umd.min.js Show response
www.labs.greynoise.io/site_libs/quarto-html/ 23 KB
24 KB 536ms
534ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-html/tippy.umd.min.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

41181eeec6d7ba64cb9165f0e95563e34e026bde79e7c13aeec83270429b6fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-5de1"
content-length: 24033
content-type: application/javascript

GET
H2 200 anchor.min.js Show response
www.labs.greynoise.io/site_libs/quarto-html/ 6 KB
6 KB 625ms
623ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-html/anchor.min.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

69098e105d990f834cff1b7886d873444228ff63c590e5ff834d568f1115ed8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-1700"
content-length: 5888
content-type: application/javascript

GET
H2 200 tippy.css
www.labs.greynoise.io/site_libs/quarto-html/ 1 KB
2 KB 537ms
535ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-html/tippy.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

5969f497d9158d7682f8219c6f13fa67269cdf5bf50a3931d95327151dee5678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-581"
content-length: 1409
content-type: text/css

GET
H2 200 quarto-syntax-highlighting.css
www.labs.greynoise.io/site_libs/quarto-html/ 3 KB
3 KB 538ms
536ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-html/quarto-syntax-highlighting.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

a2f4c6428fb2e6e3147dddea68c133e9fd7181fcd0c1e0f1595812b94dce903c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:29 GMT
accept-ranges: bytes
etag: "66c75161-b22"
content-length: 2850
content-type: text/css

GET
H2 200 quarto-syntax-highlighting-dark.css
www.labs.greynoise.io/site_libs/quarto-html/ 3 KB
3 KB 538ms
537ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/quarto-html/quarto-syntax-highlighting-dark.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

9e579812244249b28a0ed409825cbede6561a2d15a83c276a4ea3948d2558eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:28 GMT
accept-ranges: bytes
etag: "66c75160-b22"
content-length: 2850
content-type: text/css

GET
H2 200 bootstrap.min.js Show response
www.labs.greynoise.io/site_libs/bootstrap/ 79 KB
79 KB 625ms
624ms Script
application/javascript 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap.min.js

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-13b1c"
content-length: 80668
content-type: application/javascript

GET
H2 200 bootstrap-icons.css
www.labs.greynoise.io/site_libs/bootstrap/ 96 KB
96 KB 539ms
537ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap-icons.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

152fd5debd2be7258c7cd5e1bedb0555205864cb7fbb86f6f03a3ae647ce52d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-17f73"
content-length: 98163
content-type: text/css

GET
H2 200 bootstrap.min.css
www.labs.greynoise.io/site_libs/bootstrap/ 463 KB
463 KB 542ms
540ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap.min.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

726836b83f6643ba66374932e63cf169cd6cfcef6461cc743b15cea375b99eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:51 GMT
accept-ranges: bytes
etag: "66c75177-73aa6"
content-length: 473766
content-type: text/css

GET
H2 200 bootstrap-dark.min.css
www.labs.greynoise.io/site_libs/bootstrap/ 463 KB
463 KB 541ms
540ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap-dark.min.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

e52452599e5c6bc920a0c58217ff5321fdd14b27b3f6e524079d19a1f6e72c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:51 GMT
accept-ranges: bytes
etag: "66c75177-73a1f"
content-length: 473631
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 333 KB
108 KB 97ms
47ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VZZJZLWQ2Q

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

678cb8ec386a6da4fbb24121fc5cb6a3c39443076b15f239920a19c8f0f943e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Sep 2024 18:24:39 GMT

GET
H2 200 styles.css
www.labs.greynoise.io/scss/ 680 B
858 B 540ms
539ms Stylesheet
text/css 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/scss/styles.css

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

46674a08f354eb3356991809933577d8a780a006b22ace7298f037c3f8f91d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:14 GMT
accept-ranges: bytes
etag: "66c75152-2a8"
content-length: 680
content-type: text/css

GET
H2 200 GN-Labs_Dark_Horizontal.png
www.labs.greynoise.io/static/ 40 KB
40 KB 626ms
625ms Image
image/png 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.labs.greynoise.io/static/GN-Labs_Dark_Horizontal.png

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

6e37d8e0107c5ce5d2d455d817144d1659a463178cc564193733216e65d677c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:14 GMT
accept-ranges: bytes
etag: "66c75152-9fdb"
content-length: 40923
content-type: image/png

GET
H2 200 css2
fonts.googleapis.com/ 761 B
792 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Sep 2024 18:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 16:51:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Sep 2024 18:24:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
589 B 41ms
18ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inconsolata&display=swap

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a86f72c1cff933d18b8b5f4c0af9a25e630ed17db548ee89c67601fd4c33f1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Sep 2024 18:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 18:12:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Sep 2024 18:24:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
529 B 43ms
20ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Sep 2024 18:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 17:21:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Sep 2024 18:24:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109603231-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZZJZLWQ2Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d35a70175312591f083f682e7aae71d4474110cabb81601a33fbc9ec067f4dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76643
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Sep 2024 18:24:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 336 KB
105 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56PTMZZ

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d90c809e6ba9cc4ec2c525ffd8cd814742edada741c9f0e365262186adbdd9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107838
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Sep 2024 18:24:39 GMT

GET
H2 200 GN-Labs_Light_Horizontal.png
www.labs.greynoise.io/static/ 35 KB
35 KB 92ms
92ms Image
image/png 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.labs.greynoise.io/static/GN-Labs_Light_Horizontal.png

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap-dark.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

54f956d29f212a2c22f7923ff0e8d40c620e49e494be5e081d49a7e717475f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap-dark.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:14 GMT
accept-ranges: bytes
etag: "66c75152-8a2c"
content-length: 35372
content-type: image/png

GET
DATA 200
OK truncated
/ 310 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 989b3c8aefad9b32f0e65c13d179279326d99619d1eb2bb8edd00a0fda90650e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
fonts.gstatic.com/s/inconsolata/v32/ 17 KB
18 KB 37ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v32/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inconsolata&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8293f6a4b7a557268b083c68c43f190304a43f755b85af21a57221fd9805663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labs.greynoise.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 22:22:54 GMT
x-content-type-options: nosniff
age: 72105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17732
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Sep 2025 22:22:54 GMT

GET
H2 200 bootstrap-icons.woff
www.labs.greynoise.io/site_libs/bootstrap/ 172 KB
172 KB 92ms
92ms Font
font/woff 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap-icons.woff?2820a3852bdb9a5832199cc61cec4e65

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap-icons.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

4d4572ef314e1b734cdd6485f913b0396d81bedf4d216a47cfde0cdf32a9316e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/site_libs/bootstrap/bootstrap-icons.css
Origin: https://www.labs.greynoise.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Feb 2024 14:37:15 GMT
accept-ranges: bytes
etag: "65ce219b-2b048"
content-length: 176200
content-type: font/woff

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 50ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labs.greynoise.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:40:48 GMT
x-content-type-options: nosniff
age: 369831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:40:48 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 40ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labs.greynoise.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:55:31 GMT
x-content-type-options: nosniff
age: 368948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:55:31 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 46ms
18ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labs.greynoise.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 369757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:42:02 GMT

GET
H2 200 listings.json Show response
www.labs.greynoise.io/ 2 KB
2 KB 155ms
155ms Fetch
application/json 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io/listings.json

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/site_libs/quarto-html/quarto.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

a7830b2b624400257c2bb413a318bc7cf662b0f4510e9b181c6a08808b941233

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:53 GMT
accept-ranges: bytes
etag: "66c75179-790"
content-length: 1936
content-type: application/json

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 46ms
16ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VZZJZLWQ2Q&gtm=45je4990v890945685za200&_p=1726338279548&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1846222405.1726338280&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1726338279&sct=1&seg=0&dl=https%3A%2F%2Fwww.labs.greynoise.io%2Fgrimoire%2F2024-06-solarwinds-serv-u%2F&dt=GreyNoise%20Labs%20-%20SolarWinds%20Serv-U%20(CVE-2024-28995)%20exploitation%3A%20We%20see%20you!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=1390
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZZJZLWQ2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 18:24:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.labs.greynoise.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 67ms
20ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VZZJZLWQ2Q&cid=1846222405.1726338280&gtm=45je4990v890945685za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZZJZLWQ2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 18:24:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.labs.greynoise.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 89ms
46ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VZZJZLWQ2Q&cid=1846222405.1726338280&gtm=45je4990v890945685za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1042137370

Requested by

Host: www.labs.greynoise.io
URL: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 18:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd6e6b8fbbb66de60ab1590e8d1a6f0fcace709e355ac3a67a25a13645eb5159

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 996 B
996 B Font
n/a

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae53e6a7f12c42b50bf79e03f33632ef86f8b953ad5fd0875825c1b740b068bb

Request headers

Referer
Origin: https://www.labs.greynoise.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: n/a

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109603231-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Sep 2024 18:02:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1355
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 14 Sep 2024 20:02:04 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 265 KB
92 KB 29ms
29ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-344080959&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PTMZZ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fd8c9bb4854f31f0e6bf9651dc99249dfa45347856f4ce239cfa6577a77905df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93660
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Sep 2024 18:24:39 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VZZJZLWQ2Q&gtm=45je4990v890945685za200&_p=1726338279548&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1846222405.1726338280&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1726338279&sct=1&seg=0&dl=https%3A%2F%2Fwww.labs.greynoise.io%2Fgrimoire%2F2024-06-solarwinds-serv-u%2F&dt=GreyNoise%20Labs%20-%20SolarWinds%20Serv-U%20(CVE-2024-28995)%20exploitation%3A%20We%20see%20you!&en=scroll&ep.anonymize_ip=true&epn.percent_scrolled=90&_et=1&tfd=1489
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZZJZLWQ2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 18:24:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.labs.greynoise.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 18ms
17ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=329276207&t=pageview&_s=1&dl=https%3A%2F%2Fwww.labs.greynoise.io%2Fgrimoire%2F2024-06-solarwinds-serv-u%2F&ul=de-de&de=UTF-8&dt=GreyNoise%20Labs%20-%20SolarWinds%20Serv-U%20(CVE-2024-28995)%20exploitation%3A%20We%20see%20you!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1851171078&gjid=1711025455&cid=1846222405.1726338280&tid=UA-109603231-1&_gid=1892374426.1726338280&_r=1&gtm=457e4990z8890945685za200zb890945685&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1811280340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.labs.greynoise.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 18:24:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.labs.greynoise.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
www.labs.greynoise.io//static/ 2 KB
2 KB 93ms
93ms Other
image/x-icon 54.147.120.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labs.greynoise.io//static/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.120.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-120-112.compute-1.amazonaws.com

Software

Resource Hash

29e6a228360303a3e5ec3e813bd4f86cf0e33e1f0189524a07aa511e8268a385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 18:24:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 22 Aug 2024 14:55:14 GMT
accept-ranges: bytes
etag: "66c75152-8be"
content-length: 2238
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.labs.greynoise.io/	1970-01-21 09:08:18	Name: cookie_consent_user_consent_token Value: 6DmvgfT4mNIj
www.labs.greynoise.io/	1970-01-21 01:01:35	Name: cookie_consent_level Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Atrue%2C%22tracking%22%3Atrue%2C%22targeting%22%3Atrue%7D
.greynoise.io/	1970-01-21 01:41:54	Name: _gcl_au Value: 1.1.2051594754.1726338280
.greynoise.io/	1970-01-21 09:08:18	Name: _ga_VZZJZLWQ2Q Value: GS1.1.1726338279.1.1.1726338279.60.0.0
.greynoise.io/	1970-01-21 09:08:18	Name: _ga Value: GA1.2.1846222405.1726338280
.greynoise.io/	1970-01-20 23:33:44	Name: _gid Value: GA1.2.1892374426.1726338280
.greynoise.io/	1970-01-20 23:32:18	Name: _gat_gtag_UA_109603231_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.labs.greynoise.io
142.250.186.136
142.250.186.99
2001:4860:4802:34::36
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c00::9b
54.147.120.112
152fd5debd2be7258c7cd5e1bedb0555205864cb7fbb86f6f03a3ae647ce52d0
29e6a228360303a3e5ec3e813bd4f86cf0e33e1f0189524a07aa511e8268a385
41181eeec6d7ba64cb9165f0e95563e34e026bde79e7c13aeec83270429b6fae
46674a08f354eb3356991809933577d8a780a006b22ace7298f037c3f8f91d69
4d4572ef314e1b734cdd6485f913b0396d81bedf4d216a47cfde0cdf32a9316e
4d50586b184724d39ddfe0f6582861664eddd5e806e5a79e0dbaa832361414d0
54f956d29f212a2c22f7923ff0e8d40c620e49e494be5e081d49a7e717475f9a
561af7e71cbfaddaefa3c72853afcb68ec04765b7f9883621fc64721d90eb990
5969f497d9158d7682f8219c6f13fa67269cdf5bf50a3931d95327151dee5678
5b80cc4165a661a3f2060d6bdb5ccff591f04c4f8e39a06c12d3c2544587cb17
669889c3be96671d6341bec5afa4fa3cc7dce305545c4cc51f2753cd41e2fca9
678cb8ec386a6da4fbb24121fc5cb6a3c39443076b15f239920a19c8f0f943e6
69098e105d990f834cff1b7886d873444228ff63c590e5ff834d568f1115ed8b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e37d8e0107c5ce5d2d455d817144d1659a463178cc564193733216e65d677c3
726836b83f6643ba66374932e63cf169cd6cfcef6461cc743b15cea375b99eda
8189a7bda73ab443551e4d375affab93f1b4be7a2fa79d030aeba3f6fd8d5f02
87fce51aa7f431eba1dde67be66f869598152118f2a6b9a44f10b90495987cf3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
989b3c8aefad9b32f0e65c13d179279326d99619d1eb2bb8edd00a0fda90650e
9be199c11f99e906de71b99a9d4e7e113b979007c90125d7c49a593bc7f22e28
9e579812244249b28a0ed409825cbede6561a2d15a83c276a4ea3948d2558eed
a2f4c6428fb2e6e3147dddea68c133e9fd7181fcd0c1e0f1595812b94dce903c
a7830b2b624400257c2bb413a318bc7cf662b0f4510e9b181c6a08808b941233
a86f72c1cff933d18b8b5f4c0af9a25e630ed17db548ee89c67601fd4c33f1dc
ae53e6a7f12c42b50bf79e03f33632ef86f8b953ad5fd0875825c1b740b068bb
b8293f6a4b7a557268b083c68c43f190304a43f755b85af21a57221fd9805663
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bd6e6b8fbbb66de60ab1590e8d1a6f0fcace709e355ac3a67a25a13645eb5159
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c57339c3fa16b1d69d9a6b46749a8139ef8d4fc9bbfe48144ff897aa7d4222ec
d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5
d35a70175312591f083f682e7aae71d4474110cabb81601a33fbc9ec067f4dee
d8199acdf4c7584bdc1b41168bceb853c8eee0c660c60abd88c4270e3a100e18
d90c809e6ba9cc4ec2c525ffd8cd814742edada741c9f0e365262186adbdd9dc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52452599e5c6bc920a0c58217ff5321fdd14b27b3f6e524079d19a1f6e72c71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48d81545d5edda68f4a8fc0e8aa8f542e7698703993669ba84fc1cb47ae4cfc
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
fd8c9bb4854f31f0e6bf9651dc99249dfa45347856f4ce239cfa6577a77905df

www.labs.greynoise.io Open in urlscan Pro 54.147.120.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

67 %IPv6

8 Domains

8 Subdomains

10 IPs

3 Countries

2367 kBTransfer

3156 kBSize

7 Cookies

25 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.labs.greynoise.io Open in urlscan Pro
54.147.120.112 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

8
Subdomains

10
IPs

3
Countries

2367 kB
Transfer

3156 kB
Size

7
Cookies

43 HTTP transactions
3 data transactions