macrosec.tech Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3zbGmcK
Effective URL:
https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
Submission: On October 13 via api (October 13th 2023, 2:23:12 am UTC) from LU — Scanned from DE

Summary HTTP 108 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 108 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is macrosec.tech.
TLS certificate: Issued by GTS CA 1P5 on September 20th 2023. Valid for: 3 months.

This is the only time macrosec.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
87	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
108	6

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

macrosec.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	macrosec.tech macrosec.tech	3 MB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1192 syndication.twitter.com — Cisco Umbrella Rank: 1427	439 KB
3	gstatic.com fonts.gstatic.com	142 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 3393 pbs.twimg.com — Cisco Umbrella Rank: 1096	4 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6920	488 B
108	5

	Domain	Requested by
87	macrosec.tech	macrosec.tech
12	platform.twitter.com	macrosec.tech platform.twitter.com
3	syndication.twitter.com	platform.twitter.com
3	fonts.gstatic.com	macrosec.tech
1	pbs.twimg.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	bit.ly	1 redirects
108	7

This site contains links to these domains. Also see Links.

Domain
twitter.com
posts.specterops.io
www.linkedin.com
github.com
research.ifcr.dk
www.facebook.com
reddit.com
www.tumblr.com
pinterest.com
vk.com
www.macrotech-portal.com

Subject Issuer	Validity	Valid
macrosec.tech GTS CA 1P5	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
Frame ID: C09FD7AC2A42E03D7F5C66BB4475505E
Requests: 93 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fmacrosec.tech
Frame ID: 321343C3C43C92DB47BF4415D31DA23D
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Frame ID: 1965965C9238120097E7A83AF28C293F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Abusing CVE-2022-26923 through SOCKS5 on a Mythic C2 agent — MacroSEC

Page URL History Show full URLs

http://bit.ly/3zbGmcK HTTP 301
https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-ag... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Lightbox (JavaScript Libraries) Expand

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

108
Requests

99 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

4059 kB
Transfer

6475 kB
Size

1
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/Amarjit_Labu
Title: Amarjit Labhuram

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/certified-pre-owned-d95910965cd2
Title: https://posts.specterops.io/certified-pre-owned-d95910965cd2

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/aleem-ladha-78149a79/
Title: Aleem Ladha

Search URL Search Domain Scan URL

URL: https://github.com/ly4k/Certipy
Title: certipy

Search URL Search Domain Scan URL

URL: https://github.com/SecureAuthCorp/impacket
Title: impacket

Search URL Search Domain Scan URL

URL: https://github.com/haad/proxychains
Title: proxychains

Search URL Search Domain Scan URL

URL: https://github.com/Hackplayers/evil-winrm
Title: evil-winrm

Search URL Search Domain Scan URL

URL: https://github.com/its-a-feature/Mythic
Title: Mythic C2

Search URL Search Domain Scan URL

URL: https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4
Title: https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&t=Abusing%20CVE-2022-26923%20through%20SOCKS5%20on%20a%20Mythic%20C2%20agent
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&text=Abusing%20CVE-2022-26923%20through%20SOCKS5%20on%20a%20Mythic%20C2%20agent
Title: Twitter

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/&title=Abusing%20CVE-2022-26923%20through%20SOCKS5%20on%20a%20Mythic%20C2%20agent
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&title=Abusing%20CVE-2022-26923%20through%20SOCKS5%20on%20a%20Mythic%20C2%20agent&summary=ABUSING%20CVE-2022-26923%20THROUGH%20SOCKS5%20ON%20A%20MYTHIC%20C2%20AGENT%20%20%20%20%20%0D%0AThis%20blog%20post%20was%20written%20by%20Amarjit%20Labhuram%20%20%0D%0ACVE-2022-29623%20Vulnerability%20Introduction%0D%0AVulnerability%20Type%3A%20Elevation%20of%20Privilege%0D%0AVulnerability%20Component%3A%20Active%20Directory%20Certificate%20
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&name=Abusing%20CVE-2022-26923%20through%20SOCKS5%20on%20a%20Mythic%20C2%20agent&description=ABUSING%20CVE-2022-26923%20THROUGH%20SOCKS5%20ON%20A%20MYTHIC%20C2%20AGENT%20%20%20%20%20%0D%0AThis%20blog%20post%20was%20written%20by%20Amarjit%20Labhuram%20%20%0D%0ACVE-2022-29623%20Vulnerability%20Introduction%0D%0AVulnerability%20Type%3A%20Elevation%20of%20Privilege%0D%0AVulnerability%20Component%3A%20Active%20Directory%20Certificate%20Services%20%28AD%20CS%29
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&description=ABUSING%20CVE-2022-26923%20THROUGH%20SOCKS5%20ON%20A%20MYTHIC%20C2%20AGENT%20%20%20%20%20%0D%0AThis%20blog%20post%20was%20written%20by%20Amarjit%20Labhuram%20%20%0D%0ACVE-2022-29623%20Vulnerability%20Introduction%0D%0AVulnerability%20Type%3A%20Elevation%20of%20Privilege%0D%0AVulnerability%20Component%3A%20Active%20Directory%20Certificate%20Services%20%28AD%20CS%29&media=https%3A%2F%2Fmacrosec.tech%2Fwp-content%2Fuploads%2F2022%2F05%2FCVE-2022-29623.png
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&title=Abusing%20CVE-2022-26923%20through%20SOCKS5%20on%20a%20Mythic%20C2%20agent&description=ABUSING%20CVE-2022-26923%20THROUGH%20SOCKS5%20ON%20A%20MYTHIC%20C2%20AGENT%20%20%20%20%20%0D%0AThis%20blog%20post%20was%20written%20by%20Amarjit%20Labhuram%20%20%0D%0ACVE-2022-29623%20Vulnerability%20Introduction%0D%0AVulnerability%20Type%3A%20Elevation%20of%20Privilege%0D%0AVulnerability%20Component%3A%20Active%20Directory%20Certificate%20Services%20%28AD%20CS%29
Title: Vk

Search URL Search Domain Scan URL

URL: http://www.macrotech-portal.com/
Title: MacroTECH Portal Ltd

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3zbGmcK HTTP 301
https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
Redirect Chain

http://bit.ly/3zbGmcK
https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

106 KB
22 KB

5995ms
5908ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

953278e821cb5ca0fb28623b06cb56c03de606d11616cc676c9e3b45a5d60a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81541e349c185d96-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 13 Oct 2023 02:23:05 GMT
link: <https://macrosec.tech/index.php/wp-json/>; rel="https://api.w.org/", <https://macrosec.tech/index.php/wp-json/wp/v2/posts/1968>; rel="alternate"; type="application/json", <https://macrosec.tech/?p=1968>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9o4IncYTAmSXYiE9P9mkP5OHQist1vvCNcgkoNoRzNutMG8fTpT8UBY39%2BhgPpfotSmP%2BjKscYlYRAV4bfSMpDnZ%2FSyH%2Fmmq91tvaTKrd4WPbHQDrnHR5tTREYJMSj8Vl3xxQQXLWjXGU21"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: wp-load-alloptions-query;dur=1.96, wp-before-template;dur=1923.59
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-pingback: https://macrosec.tech/xmlrpc.php

Redirect headers

Cache-Control: private, max-age=90
Content-Length: 189
Content-Security-Policy: referrer always;
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Oct 2023 02:22:59 GMT
Location: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
Referrer-Policy: unsafe-url
Server: nginx
Via: 1.1 google

GET
H2 200 90feee297ece8127544253a98adfc8a5.min.css
macrosec.tech/wp-content/uploads/fusion-styles/ 1 MB
144 KB 546ms
545ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7508065f850e5fc76b731d45b6decfb568ef585a5a634464c2c9a22629ded681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Aug 2023 02:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtv7Gkj51mz4bG5%2BTVaYAa8QhLAck7LoEqHsD3rMsWceClQ3bgLH%2By8bndpsQoRxmcwv7GeePCEmVCaHQSnIEjx61c5t8O8zwh%2Fr7NRICZ0YRlWrI5LAeiBP49QEmHXYQXGBepL0TyH%2B8s81"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81541e599b1c5d96-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
macrosec.tech/wp-includes/js/jquery/ 85 KB
31 KB 537ms
535ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Aug 2023 21:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaX5NpwHy4k3tl%2F%2FpZRB9Y4t9iUXq5OG%2B%2F8%2FfpX7O0DQ3rX95WketINoBYgPUlGk5iMB4OJDH5iVWXGwXD7sTJ0kmMNAGdMpaEEZ3P%2BE7QdRiHN89o2c9%2B4kyG7U9boLeKCLMip5eC5f9GpP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e599b1d5d96-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
macrosec.tech/wp-includes/js/jquery/ 13 KB
5 KB 544ms
543ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Aug 2023 21:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLsodDyUfjuIoFoaVL6Szm2rqNC3g8e3qE%2Bnknbmef72Cp6qNJXFBKvedkBCzpjl93IL9XEPX8AhYG82iWQIvcGA0K2rg3gRrDM1BhsR0EmTh%2FVloBIbhZSQrljQhV0bslcXTZxF%2BLIYWtdi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e599b1e5d96-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 MobileIcon_1.png
macrosec.tech/wp-content/uploads/2018/04/ 4 KB
4 KB 534ms
533ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2018/04/MobileIcon_1.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebb5c3979c995d36fb823124f94d8f5b71e5a8b2523dc54d63164962ef440322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Apr 2018 09:30:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wZGN%2FG%2BnQXAVVYF8p0VPXhURd6aS6X5%2F4lU8QTtOGeRBcSzm%2FW8AomtItljXeV9B%2BA4jB%2Bj0D5AsECBk87Fxyxnk9oiv9tBii8MpxP9JtMSotf2PbeQOIDmAcJPTKsMrAAi2wcm81%2FMfgTJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e599b205d96-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3672

GET
H2 200 CVE-2022-29623.png
macrosec.tech/wp-content/uploads/2022/05/ 52 KB
53 KB 831ms
830ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/CVE-2022-29623.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f2b11bfe47b2722d6f2720aaf6faded8d39a39e723bf8908fdb85f677eb7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUG%2FmfK5kpBiwX%2FyYZ7OHtT6TqArymQJi5ZZT6sT1FmFk4v5ZMoFL3%2FFsrnhxzNmHDb2Q8dazGzlmJZo31A3x%2BVIG10q%2F%2F1qwQlcJinjKNkYsQ056PlkPO4QFnSx7HvrzBRfrnfvX668IqZ4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e599b1f5d96-FRA
alt-svc: h3=":443"; ma=86400
content-length: 53494

GET
H2 200 ADCS-workflow.png
macrosec.tech/wp-content/uploads/2022/05/ 58 KB
58 KB 862ms
861ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/ADCS-workflow.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea62068f7dbac4ea3741403816b938ad92c3597eb32fc3c598f50c9979a8a912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:19:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7H0qLli2RTntHQiRr1BNCtt86GspplJudQJRHySaEEVsipjd6FmkMhp%2B%2BDVNzTf6hwD9SZnniZ7MubJxmS9NnoQ6mtCIeh1G4mvlPWN6Esa3zTHipKqyi7MPBHMOnKtQOEoLGaVu%2FkHwpZ6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e599b225d96-FRA
alt-svc: h3=":443"; ma=86400
content-length: 59000

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 121ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:05 GMT
Content-Encoding: gzip
Age: 608
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/673A)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H3 200 Enumeration01.png
macrosec.tech/wp-content/uploads/2022/05/ 14 KB
14 KB 817ms
809ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/Enumeration01.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f0469d1736ee83543af13728fa2bdbad66810ea233252f2d8003f12559da23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:37:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnvr35yFiCOy4MM3A0cNRhwq09umSXE1oAZXpJIfqBNK%2FTAPF1XvShAkWs%2B4CKwdLEqO%2BIX3C9e1sUbWeSpmoV6ndiWwNy7daiYPMqmYqUCw1gCSV4WYdhXBlb21QrzaOlLz2tykJqPqI3TM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3336dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13834

GET
H3 200 Enumeration02-1200x353.png
macrosec.tech/wp-content/uploads/2022/05/ 349 KB
349 KB 1012ms
1004ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/Enumeration02-1200x353.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87996c04e3232d7c42c1d637c6814efdf814255d36ed8bca53411b8e63ad02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTG5eVqII7p5kGK%2BXqQQenzkXLpWbgPI4EKLsDB%2B8WhaZR9WYnRV7kutOXfkvKxQ%2F7rvEYCp8vZIAIBx%2BUBrhAN48jwlhOFSP8ArEZF%2FGXOgpA2%2B4PDzfavW3oPmd7Iv%2FgU5MKnpJ0y0M9cq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3436dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 356989

GET
H3 200 Mythic01-1200x494.png
macrosec.tech/wp-content/uploads/2022/05/ 68 KB
68 KB 936ms
928ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/Mythic01-1200x494.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2dd1bd47aa123d6770f92f540b564d4e0972a39292db8708745b4b974e8eec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1ke6QVBOv4U%2B%2F73xRKr%2F%2Bwjq2ZSUtKGMPJDoVAfvZlo4oTEwLfuq528ngyYo%2BVVm1EgQXx1fdG8muRIv%2Fsv5x7bIppA7hUxI7qx7NB6Z4HcA5c6nbc7dpxOBz%2BAeFk2G%2BUtUIIWP0dFARx9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3536dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 69335

GET
H3 200 Mythic02-1200x150.png
macrosec.tech/wp-content/uploads/2022/05/ 33 KB
34 KB 786ms
779ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/Mythic02-1200x150.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2153048f05101a566520223ad82ad39e6660554b81c9299a996732fc60f6247d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfdxjJHBMF8tkStbx5Ma8EFz1GAqupxWN6Kslk5kSrhYHQYPyrwMRnf%2BrFPWF8sTRwYE71qPErWmdPks6NHkAFRKJj7Snj0s0TbS1wHM8%2BgZgAt7yG9t%2B62GhzRS4syZO8tb9CLN%2F6DwjAcD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3636dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34044

GET
H3 200 proxychainsconfig.png
macrosec.tech/wp-content/uploads/2022/05/ 55 KB
55 KB 937ms
929ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/proxychainsconfig.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15a200efcb5af1bbebca242c06a42ebe462efe97210cf0e67f66dd95a169bcbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:47:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaYytcWq7U%2B8eOzouvy9RnFdTMMa6XTXxzoLI3g5%2B1q%2F0dVx8dW1gF4skKLwfFOkNLEfJpXSg9g5xNDdXUOkhfbIYKKhz6O1qf8UyFWSKmCPymkOqy4%2Fc1fOe1%2BAL%2BHEvqP4HOhcD2unsU%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3736dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 56333

GET
H3 200 enumeration-1200x505.png
macrosec.tech/wp-content/uploads/2022/05/ 305 KB
305 KB 957ms
950ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/enumeration-1200x505.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309e3361f146ba9737c592aa8df9bf338f32da9bdd1ddba5cd60bff7bc1b8375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:58:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6BXEZVPsdBiUIm4y8IovfWQFhl7N2dp0KHPX8UpaLwR7m9TfthybKbJsNL5y2tSiyFP%2FDVgwSbSogZWlqvWThVce%2Bj8XODWVRM8t6mgk3rk4bHX%2BHq9dp0SNUUfJiBwDiyTM7r51lJaASd4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3836dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 311831

GET
H3 200 attack01-1200x297.png
macrosec.tech/wp-content/uploads/2022/05/ 143 KB
144 KB 943ms
936ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/attack01-1200x297.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc13f8e8049ee41eac85bacd7a57c5d623dd8960e7e603cac18dae5b4e05f461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:56:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK7v1JKkTE3OcO51fRzRRbgM%2F1xYHl436pQNgjsJj9%2FroNJuGTTeyHa9S%2BfEFL3F6zrMUS7v%2FU4NGeSxjCgArakQdvCtd7LNtSGQISlN4ar4Sohiv7m60DqSnOFKDEhyl40RwE%2FWZdmfNKW5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3936dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 146672

GET
H3 200 attack02-1200x299.png
macrosec.tech/wp-content/uploads/2022/05/ 167 KB
168 KB 949ms
941ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/attack02-1200x299.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18d1996609d5252be8d0f0e60b69af5b374c361e611523d5793e5e4be1ada507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FU83scCJ2i4HjV3NTgv%2FRzFH57njsS1qu%2BnUVUIic1T03YGohjn5qvZl0TQLUiinCO%2Fmw5E6DCqU2a2fIf6X%2FmIoXlQ2%2FQPot73nzyS4nI4g3akZw07IWT%2BcSat7wWJq%2Fu8toyHr3JTAF7n6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dbb3a36dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 171367

GET
H3 200 attack03.png
macrosec.tech/wp-content/uploads/2022/05/ 65 KB
65 KB 961ms
954ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/attack03.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a65ee116b80b7b609f584b66c75bd16f07272b5772b4c9075d02b3cf9ecf614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsbNVztqP9MpQ3TB4JxiQUbarTZMbSkKqB2PVGMupxzVfhqhfl7nmCR5tGqCrj4sFwP9vqL7XOJ8FSNDHHRa0jXb5C5%2BNf4VPvkeiQZ6iUBVNAk9xN1LGmvorXeBcX3Itw%2FKuq75k%2F5xMdUl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb3c36dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 66339

GET
H3 200 attack04-1200x720.png
macrosec.tech/wp-content/uploads/2022/05/ 558 KB
558 KB 992ms
985ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/attack04-1200x720.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33f642fa26d2399143ea88245da6207f2e76ab01f63c4b0b45b9db4cb0257d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3QZq5X%2F2c4%2BK%2BYjraONfBC2GqkBXX7GGOLS8Y%2BTeRepY18NT0dUkQYYU1ejI%2BegSMY%2Fw68%2FMavituLkLOophzIbXT%2BZ5nOi7nHgKcxaolzhjxRyBpBiJdKxBCXdrrmuRa%2B5OkjOvm7xbrKs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb3e36dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 571106

GET
H3 200 attack05.png
macrosec.tech/wp-content/uploads/2022/05/ 58 KB
59 KB 985ms
978ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/05/attack05.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d54b26f033e2177b6214cd5e7140cefb038cd8e9dafb10e02473fcc32c0db9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 14:56:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm8ThjiDbqIB4D1zOTSoEznNGtveWDTgh4SJVVfI6V7n5jQaSSna6d6ArXzo%2Fm%2FoIfsUw%2Bu%2F0jvMOeOQv7Vyf%2FaGfRXHmaXW%2BiaSmhRsfOMmf0dmkcnz%2FSfo6vf3PNB7ZE2xcVh0d1XRVLuk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb3f36dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 59679

GET
H3 200 Auror-Project-500x383.png
macrosec.tech/wp-content/uploads/2022/04/ 147 KB
147 KB 641ms
633ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2022/04/Auror-Project-500x383.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e95cfb6addaf32f67fd7678ace3cc26ec40ad8e3e7a870d1ba87b4fb0dab789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 14:51:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3Th7ygmDb%2BnJXXN1NwAU8K6jnPFrHE%2B3VBMw6QkrScXdID6a5ZayYiDuMED5t3ooHlqzJD54uA1x%2BcNEDzL0dcvHBHL2NAbKk91hAJrvBf0uTuu4ih4R6PT2gUxJD1jELABw99QyTIiWa7m"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4036dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 150283

GET
H3 200 Mimikatz-Alert-500x383.png
macrosec.tech/wp-content/uploads/2021/11/ 44 KB
44 KB 664ms
657ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2021/11/Mimikatz-Alert-500x383.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e77f47d0224d8b08843a22650137afaefdc86735c0085a49e01ce014b4eded2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:56:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Fc6sXAXh2wcCkNsXszFCTII4uBjBEZSc4m0DW1819WuudcEheDD6u91N4Nz5PWaDEjPZPUA%2B1YffRC6oxFi9kLL9sd2kfuESjEWX6DdHAVGZ0Zi0pAbTpKFqWtHpZN3eYtTwXay6XYkOhO5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4236dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 44561

GET
H3 200 ad-lab-500x383.jpg
macrosec.tech/wp-content/uploads/2021/07/ 50 KB
51 KB 615ms
608ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2021/07/ad-lab-500x383.jpg

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe7e4c377956dbf5362b7444a7947866106380c1db490cceb2050b8181be221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jul 2021 03:15:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSj74lUcKFTxq4upuruYXY8l4jQs5iGlRDOqvum62bM733lb9R1cXGp7zGUn6kqtfnJsVw%2FKaH7eezVyp63AY33wel6TgM9hM2XMQ98wIv9ZoMyR8vvL4%2F8pjOWSLltZ0lnD8R0TqcGTKx%2Fo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4336dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 51634

GET
H3 200 new2-500x383.jpg
macrosec.tech/wp-content/uploads/2021/05/ 30 KB
30 KB 618ms
610ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2021/05/new2-500x383.jpg

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88e24ce8a95ebad7ab81fcde36e6f632ca33eb4e932430cf24c4c8a5a3a1aa8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Jun 2021 06:13:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5dq3nSxAfPf8Yc5NtFyAZF08M2%2FvkyUd4oSea%2FJYOvkYpi95yQdMZhzgtgqyLKEkT8bjLBvk%2FlIqBtnMS0dBZkBaxlqQR%2Fh5cCkdwFGZiVx6%2Fw2dqJhq50kmRHMF%2FYQe3GyOGtP0KUXjO2q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4436dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30355

GET
H3 200 new-500x383.jpg
macrosec.tech/wp-content/uploads/2021/05/ 67 KB
68 KB 646ms
639ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2021/05/new-500x383.jpg

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ab7dbbfc4b921063b4e914856ad00ab36972726dd456d4600973153cadc640c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Tue, 22 Jun 2021 07:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNo8iH5ZcmdSdNakm7lwkYy7NPZN%2FXO%2F%2F8VwckGctspOVznIYkkoCVC6KoRcNpOgTadfDG06oioFpRtCUSt4z9MOlEnj9UFzDgbi9z2v3CABzmD6zb5uZ79YuUYqnMFV90TGXA3rJzEOpq%2B8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4636dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 69050

GET
H3 200 email-decode.min.js Show response
macrosec.tech/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 07:45:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6523afb0-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSudpwBbx223dyAzqoYpEik9QfgTpL%2BhKcHR6t%2FjAgHz45iIlp74DwVR7QGhutY7Sdfq7fX0cwGRFp6mhc%2FrUJP3DWndHh5XIta8e8EutKlF4O9fwCGODF5575xGG1oSi6dMRmsKHUuggUge"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81541e5cea8836dc-FRA
expires: Sun, 15 Oct 2023 02:23:05 GMT

GET
H3 200 style.min.css
macrosec.tech/wp-includes/css/dist/block-library/ 102 KB
14 KB 552ms
552ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Aug 2023 21:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TewN02toyzf4%2BXUPFkkK%2F1Qfa5IznBQPE2TyU5YxGwcPusgSBZPgIE9fpzEYuQBRrQHwFixEUn2PrYAi6srHClWOP4ciznT6PpmuBQ%2FZbDrpRtYxxGm8fFROkNZ%2Fk9crS9BB561huaF7lKU%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81541e5d1a9d36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.js Show response
macrosec.tech/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 531ms
530ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Aug 2023 05:21:50 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KYatPCY8OctgooTeT0j1i7gbmi5py5nMWjUo%2FyqQPZ2hb%2ByCXJRW2G5ix0D0yK69y%2Fri1kn0znD5XhrHBYXZRs%2BbvjPTkq9CLios7FARlNbEzAsz9zTcB%2F9bpkDVh2siUSae6YsY25RTAcH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5daaea36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.js Show response
macrosec.tech/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 565ms
555ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Aug 2023 05:21:50 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmxxOCbbwqfLHPkSomzAHhCJjaNHqq6Hxb2kTBnMPX5LY9hvbARwGEV8QS0pI2cXQ612WXYa0NOEmnbrWnBa%2Ftpt1GWZa46XlLlClWhn8uALLOsuE%2BqFV05mBcG64xyCkMSoXsYkwam%2B%2BnuF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaef36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
macrosec.tech/wp-includes/js/ 3 KB
2 KB 531ms
522ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-includes/js/comment-reply.min.js?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 24 May 2022 21:42:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVCGpqvXsGEfLcTECEYULMRvAwX8bo5VrV3vds%2B9Frazj8yDwu%2FhNpOBuaI%2FtJQNVWFD50snQxEnlPzTMaZ9NIW%2F4I3sn253oTZeDgw6vw5qnhIOSbQFnkfGTstVyHwh9LI%2Fink1WwyzTF9u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaf036dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-vertical-menu-widget.js Show response
macrosec.tech/wp-content/plugins/fusion-core/js/min/ 1 KB
939 B 628ms
619ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e261145d067cf6c8b350f680488b099c870f9f6e64f0d0c275bca6ad8ed58b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:38:36 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDTi8eZJdBuf%2Fj2O1aQJ%2BHnMouHbcYp10nsghUCZTfHU4LXZim2d2sLUPWyi0C4FhvOhL9%2FPQ4y5lMNng9zlmfrFcLqSBgNGiNjYTG7yUwpPHnzHAwyV4X3hYcERNexpEu8VXJ9lZkjcn01z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaf136dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cssua.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 591ms
582ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2F2o0HeldRpCA9iTKulSILtbpGtwpJOuDAVYMWwatOKlnAqSRJcwYWYDl5%2FfstAcbr6YmTZbpX26kAqbXwlqTgJ34e4bozT%2Bb0g5JMErSd2QH5ePlS2aMcge9yhOYOeaz8aH26UJ3ZUxIGv3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaf436dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 modernizr.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 13 KB
5 KB 537ms
528ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FSrS4h7hOH8%2FmTrPFxkhS6QKFzrVAkrVZ1vVtpdvfdfGFrLvZtfXc0%2FcX5Nt%2BZrn0LFZkELFuMeBz9ESQYPyesfK2XK%2FrOyS7VfDFWyz4ekKFhOhPQUGSdVZ3SYWgz0t5JMcOQ3FFgcOomf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaf536dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 4 KB
2 KB 558ms
549ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c13d9e4af00e319f622cc306225f1286dff17721033f52d7cf91c51e18d0f6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJN9HlQQyxtwZSrWTqTxbGnf1a3XaM9mlJdUBzxxs%2FmYeHjtuKKJNXc6QXiQ6M6yhNxGyf%2BZzyvguwvh2dzeT5ZpbEfhqO6hZGb%2Bhcqf4hIcKELfFUqxDE9b5Es3j1HbE0xU0ewdPzZ7oZ%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaf736dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.transition.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 741 B
831 B 534ms
526ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.transition.js?ver=3.3.6

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd6def1ae1509946499390f95acaa1fd39a76452c8312f165d2bc0b791c9e0ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ggs1K7wpXciU7VMX1NBrU2AH4m%2BR9V2zN%2FWwfxbAODaAwG%2BRdg0K0zEfI1PCz4173ABmDWlMNsAi0MOosy8yqK3438wYmZVV8ffuB1V1UAjgXxIYfNwObb9f0YAY6SEoqBRgXGD2r44GIWd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaf836dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.tooltip.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 11 KB
4 KB 591ms
582ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23263a19c0dc4b29036a56f858a2b6f915ea0e415ed7c46071a071f170626c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiSYbt7fyKE7GD1sgoh44koorQvJVwwCPDQ6fUmUL4wQhr7AS7ADQkAnjlGqSozdY%2FxkXWgBYn1KV5V9mgZt7FZE3K66ghw3egBoWSCCQlSfDmXlBgcQ54E22XT7LBPgpEUnbCHF6d6cdIkl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbafa36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.requestAnimationFrame.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 695 B
806 B 558ms
549ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCGTrPQyPC1wcbTmHRIQbx42XcZZB7l9LDv2WeJd9zP2IiprPCZdYKgAbPZNs%2BG59i6KjFzWHp%2FnZbJK1ZvN2sOsr4irfR1gryV8BvjQ%2BoAeg0TUo%2BrqU5CSP1YFApxEwY5XjppqjS0hMtCE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbafb36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.carouFredSel.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 53 KB
14 KB 559ms
550ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.carouFredSel.js?ver=6.2.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33056a360b494e52a39670ea95d729ad26ec6383525712d75bd8f238a322e9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B3oax%2Bdfb%2BUIlHnlU4zVruFWvGxRJvH2keMv71oGYMgufdP1gUJAlNUzLoWGy1UTY87mDecqguiZWoG33z8EhwYDNYBSC4owOvf%2Bnl05Ze6grz7BEXvvkTYHMg4ZFLDv3bSBAYh92vb3W%2Fa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbafd36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.easing.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 539ms
530ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c066c331d08eaf858338789a0499c5ad85cfc6325d7685ea8a9463750d8684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9%2B9xE6orUY2Z4NJofboiAK6NuV45eD5JKEgXuLpRwzCy1KF9DBA8cJESoL3xh3IsHKcWlk6ji4jj7LZ7BbARNY%2F0CWulTPOy2YjVdbP9hvzn6QwD7i2rilxyBVY6k42r5SMrki3hcFpFd1N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbafe36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.fitvids.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 549ms
540ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G81NdeDPX%2FmtlPo%2BEPHNLxFA3BRc3fqNWYyo8T2dthgFcxS5%2BOHH26frybpqLpj6L3Y6tyB8GfxCy4gy6ZoeSoPhEnGbHVMqFqpwhxt%2BJ14fHwufXZ5N1fRAITCmiHcngqRzfppKfh%2Bla7Jq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbaff36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.flexslider.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 22 KB
7 KB 591ms
583ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d424362aca158ad49da19b48c212e687fbed93ece9fed06fcf8871f5f64c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcpCJgYno3VN9%2F197UQOaE4qxkeTzj9Hf35eeQhMOrYUJf6QpgnT4dycasuRVlZQ9%2F%2FeIAuMNm9RSe2V9RKzZaDKu6k8Kb5rb1RJQdSS9YFpEXLFZ5ru828vhCOEQHg1G1Z50DxLbzHDFYBF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0036dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.ilightbox.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 81 KB
25 KB 564ms
556ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3155f5d3a27524f5f79015c4928cd84829456bf916357719e79a96f98a50684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDI6LPGyfQOgH27dtUKUs8PaNFJTwH5ecSOVncTKpqHpVCpI2JTlZq6CI5%2BYwTuaA0ADFXo7ZX354ASbDmwY7mpI5WEEEk4vG%2BzJZNIBX%2BepqlA6OZ8rm2xKOP99jVBXoNZ0Te%2B87UPK%2ByRu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0236dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.mousewheel.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
2 KB 593ms
584ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce83fa2c5096e414c0e32c9fc07ba011e2f4d67a51f9c4155651122329ec0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXML4dCxhG4acVF0hcc5TkOLohsbUpZVxtnD51bzWoi60V7Nm0WSqvAo%2B3rpTosBz1%2F4%2BjLC0qWrvJ4TD%2FOSszinrL9XQ1TcYNy2L3FWuXXe03NUTaVibX%2FDvYfIVeXfYS%2FY1%2BcM9EQB%2FOuN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0336dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.placeholder.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
1 KB 598ms
590ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wEas0VVN9Wj9cMjFgOxC9tNyq9Dn20YEcERx392Wu%2FA9g4%2BaK3yftUA1qKLhofQk7dsA4mwxy1lyBSTiqCPY2jno%2FW5pVHzPvjKdBMKRFNA1Aqn9oiLYzT%2F5WGAXblKlcCoVparGUeYYVi6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0436dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.touchSwipe.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 9 KB
4 KB 616ms
608ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.touchSwipe.js?ver=1.6.6

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

500c7d5254541fc7049b6d79925f7510bd8a886e87c418d0812002bec8bf2d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ji6q6HC0xo0fjb%2FhEy%2FqQYNgcJbUVcvLVQhCvpbRDOowRp2Mu1vithqRGRcjSCU1BNRj8zEYcZAPaXtS%2FoHYWfkpdf50QbZNe1XFhimln8TNGZBWAslNJ99sXTmn6Y1dH9KTH88AlTlSN7Sa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0636dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.fade.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 1 KB
919 B 593ms
585ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16fA5DEkYPmOtuUT0CvSvMgNwFISrLZ5dJEnr6p8kSlwdIu2GuDQa4RmZOqxGBVMnjg4AWHbZwnqNOWuwMllMu0pdjzijtn%2BXg7PS7ctefx%2BQTrRNEAVIHTGKhc7HS6rAK4xg51BnFp6W66y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0736dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-equal-heights.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 1 KB
1 KB 617ms
609ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3d1fc3b726f87e9440670838b6d33dc22ee1c854274724b27de90be75d1069c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWIeBeN6c6JUokQM9aGaX5NMQcQ%2FlikWgxqrMTD5jXyD9Oh4LRfRTP2IwmCAF8vkzEl8b9TXfgR0vUSO8CfsWudyWDLgXVN1C%2Fae1z1tZpEq%2FAYNXtp21To39YStCkNnTOmZBr3U9KlWwMml"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0836dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-parallax.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 12 KB
3 KB 593ms
585ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1e265af7b140bf70ba7a061b8ddee61e32ced0c50d985f0b05cdfe061112cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw8EN6er4TsEHgeHanwSljha6MQ87VZaQxJUCkoaS3DnyHOyqUswJA%2B4EDGZIITpq0GNdebY3r3u9bz4F%2B9JzkQYODCIjVcxmDeFljTEbXhg%2Bkb06lBkT2JCTYZSVz1eZreczmGxJ5LSbNXR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0936dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-video-general.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
1 KB 594ms
585ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2dd31704608166bfd31e6c1b54027061ea568cd9aa1163656843a5907ac45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMMfuKsGBIqcThvjmaQ5p%2BvTLQhDi%2FUmxJalU6jaDUMbQAvLIx%2FIrWfYJ2500%2BG2fV7z%2B6EHU7nFce2GFgk%2FfNJdNxdvln91sL5hrNV570GbPSfSIM0vFEnyX7t2gz2YYu2XkrtUplcovVEX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0a36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-video-bg.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 4 KB
2 KB 594ms
586ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46af13bd348d946968c6bd1c844dccbca02856ecdcaa8dcb35969e99d1399562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3bPep%2BT%2BPSPVdDUtPjBLTmRPb0QZGWBeizXjuEEEjXWnjSdVjDpYm70RIoM2pbqllPke%2BieMe9np1XlUwMkYthf3mk6gSRYetiv6z6YfiF%2B0x7u2pFw4uc%2FJ9P6N5Wlm0hKY1a0k74VTPFu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0b36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-lightbox.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 7 KB
3 KB 617ms
609ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d5f2281324f8a87ce2bdf811d8d1fd5ca4781618754a490a0fce0f166d479c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTvmLq6Aghp8DuagOC5w4V5i63UJ4o0kHkd78qwl3Rs97PEz2tF0koN%2BjnW70vYFa3B3H7%2BxVVf1X%2FP%2B2L6s87lQZZK91KaGALjqB1Z8f8WdB4oqi%2B4QWy1Ox7qMvTdYQ%2BSEzpAqFCDYt6e7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0c36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-tooltip.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 849 B
793 B 595ms
586ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ea735c25bb36d6130e169c43dd545f9ab091b791672b1538046ebedef3308f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTLG8s4wlKICAV7aY%2BLA2xkpaNo9I7c6Spr8lpSIinp7hOIrZZQjdotLKclH%2BnCN8KDUvkxDRMvDZ8EP4CFfkRVgdhFpTppPUJqQdMmrt44V5BqXIVGw0pLkJOqKqZlmdtS6OUlvYjwKVfkJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0d36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-sharing-box.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 945 B
798 B 595ms
586ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a6eea93903fe37410887ca5eb4605572ecfaf1968387365ec9ed9331a36487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQsgfa8HXEnahLMv6WOtmm4Dnfk5CHqskbxsjvINad3Kxwr%2FLvJtXCoQA91ICzRh3yZw0KL4Gkr%2FXiyLLHQygk5GJQo0lQj4EeeWB2JdGr6Ah8h1t4ahEao4iJf8QtmiJNzelJXSPWsNOQ2A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0e36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sticky-kit.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 6 KB
3 KB 539ms
530ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e2b8ef435756c4dc18bc450f4ec0fbe6db2ceb7b99a7d656877bc49eb342ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z774UwjL4EkbxRwFXsqM82tbjjEZbtGiUCDVfzJb6e3aYCU%2BPKvmxSnTHkU1dyuxJt1nBo1%2F7Wof4xxS4W2%2B41HztXQjHukNge2Zr8XqbAqrwTs9TsGVCJncUFC0okyb97UoDtiZJZTgfKf3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb0f36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-youtube.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 4 KB
2 KB 595ms
586ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-youtube.js?ver=2.2.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

828ef7357ef25a04a505c7f21b1418620b4c13faec1ac0d562e2127400c751fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nVhCSRr9rYbyi8oP896uOaszwKbsAeneKbdnfC2eStkEXmtzAB7Mf5%2F3OIFQByaVb82Q3b4LEc08YRazt5hQCZzpEjduIvcWllkT1viSIq8U%2BQnt4WxGbMd5OEfVxjNMpNTBbNoub4WueyT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1036dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 vimeoPlayer.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 16 KB
6 KB 595ms
587ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c333ac0620c35e62b5259491dfda266c5ef7708685b5a624fd2c9bf5a7a6be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=16573
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5a0KSnRZm4TQsi7cqih1ubdIwbeNv3xULfYFzyFGU%2FJ9TYukOkV9cfJBi3oe%2Ft9M6Nsikv%2B4ny7GAlmI4a9BcINObz17XQehqA%2FYeoXqZZCkk0qBUZE7VzflcWLFrzZPSc5HEakADZt2nQi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1136dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-general-footer.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 413 B
669 B 617ms
609ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61e7bb6d0210c308eb1f6153f18b4063eb715fde885b7d20b4d209d3fcb5a217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMAR%2BXa0hNAMTYFKdThy9dBwa6wSc0skaNWJHHDBs2B3NDjbmWaSxrOmFP7VoiG2neDeZ47R8I%2BMKpsR8d22gTIgX4F%2FaKf5hIcgZGdXyP0Nqu3%2Bw2h558tYiC2t%2FnZHrZOLYHtEMupIGTQ0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1236dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-quantity.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 2 KB
1 KB 621ms
613ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893ed74f27210911877234fad64cae770cf4af4b2b9b2c75b80d401c43f281d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lUTKDXbNSEg61GPAH24q1isf38auWtyZEqMCCBIM5gxuWUgPH3H3SnVT%2Bp3Z6ZxsaHyZqF63vple5EbdKcLQvRJYcdeGFgzLT0CIe%2BFDdffk6Pj0VKtICZ4e3NcN22iIoBTCVEl2p%2FdNSeo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1336dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-crossfade-images.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 418 B
663 B 617ms
609ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-crossfade-images.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e9a74251b9a8f1f7e72a0ea7cbd8905e4777b931e92b09f545087161fa0b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi8NnCYbUxH8Adi4QDMRfDV8vR9pb18ZB6BsF6umOYNzy8Jk7BVUKssTmrZeL3O%2BiS3dGn0gbvyovEJLM7pNYakBjzDtR4uWyu13HpIibyZz%2FCUcPtXJKlZF%2FTHmfizWoq29NcAedZW2x5Rx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1436dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-select.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 886 B
811 B 643ms
635ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3722b93fa395dc556c14f331f86a9d5e31fa813e46f0cfcb8afd19fae33034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pP5ntFKN1Lo02zW3hbzl09%2BhrVjSox6bN3slt7P0irRFLoTZVAl8SZFB0uBQr6MwZlMPmPyZc6BjDYuF9CSLDkuxlQEFWxXqYQ6yv6uDx0KYjxQsfcg3rZAWdO81%2BtV%2BVMLYSGSHIhuHhjiU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1536dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-tabs-widget.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 503 B
715 B 595ms
587ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6afaae08a9346fc9ca891d0d80f8483905c1421bca9f918506150566d3912e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsYuKL2gGxzhbAOa%2Fy3kUYyvmdFXVAxmJdhPGMuJ%2Bhg0AyRDftMdgvuO7I3DJw4cmYcnbBoWRFxRnewcNEE99xwg8lgsKT02QTHacBMc4TEMks7ZWu7DwsZENIEp0MqECwb8IrFL6RZW5arK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1636dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-contact-form-7.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 2 KB
999 B 644ms
636ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-contact-form-7.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e522f9b51816efe21c097ca670efe58f65d8399c0cc8a93b74e873596fc08a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BFAMfbnYdXaAgZ0BYx0jm2uFyE3n3G%2Bi6Bxl9A0Ydl%2FT2trMcIIeRN6QhuILsEesRvwW%2Bs9%2FO5CHbM6D1FttJCb8u3FCFf8RKvNmYPeaxz0%2FfMzxpxnnj4WQvWsvSJR6kashlV1RlrFkol8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1736dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.elasticslider.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/library/ 4 KB
2 KB 596ms
588ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/library/jquery.elasticslider.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f4df8462b2edc6add3928ab5f30dcab77f69c29c0e175b1888f4cb6275823c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87aCIQCvsHxlqfXFGDh4eCjecp3z%2Be33zXHQIU9ET5VPqcgcgVztW4KC0b1B1O0mkf%2BcYGYeBn9MMAdk%2FLWd%2BiPll9E7T0oS3tADgSJVOCnRf0Y9PXmlUPDhhbW44e1E3bWYpBigbh45Ohqx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1836dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-live-search.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 3 KB
1 KB 597ms
589ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9bf057820b3b0223c468e08beb0d41a12b451e224308149bc05f0d4a607fcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S28N1m6Xo565VqrqXQgk%2BeWvfdabH%2FaDvbqBgkC%2BHqYZ%2F%2F%2BOQfpUi1HFv%2FUWO1%2FFgDjXbhiIQ2pBLS3FvVDo3o1Wbg2zg3aTnf598ee8x9KknNNb%2Foowgfd4R%2BrBfkZ94Zw4NvYZiOe%2F5RfE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1936dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-comments.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 1 KB
926 B 632ms
624ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-comments.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533e8584fd371930ebddd9c847766750939d7f11e3bed6c1ce6b5bc126ba5eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F25nQFgeRhDggE3rcMy2t8tVBdJN2Nc6QEX6eX%2FSBaz4udgM6q4yj%2BQW9Kl2Lx2rduXXiA%2F6pmQ%2B4J4CrjsBJgU9YJ7txPfjis2H4K%2FBUgjwmGHroGFNoPEUCcqCMjfzpCEkDOyVrIa%2FtNUE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1a36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-alert.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 260 B
662 B 597ms
589ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb6481e44617b3e40d345b2df5e20965503b4ab87c9346a43894f93a601ccde7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1g2dzGjCqs9MwYPi5vi%2FCkXDilV%2F0a8EEBeQAArqox8SRUm%2BbXOKHNqbd7qwV%2B5EPdGX%2BgZlVugZFBAe%2BbhMQeF3VN2HxGtuYTb2ke41YhlUKgSVOZsLvhcEI7u4MKdpmw2fIaNDyOam2Jb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1b36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 awb-off-canvas.js Show response
macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/ 11 KB
4 KB 598ms
590ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/awb-off-canvas.js?ver=3.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21ce45f8b67515136b06230ed6dfe558bc5782879860f51871c9bea157fb3cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:38:07 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZj3jJ%2Bxpbdscgij7DWIA9amj%2F5jpXXIyPmxbkmsBjsonCTs5l4zFyGS%2FW0gW6qzSauriO5XuO%2BkDzoZwf98jyMJHp7WDchwGOtFlOHGvpLUETaTPfzH5n%2Fm42F1%2BrfH3xQ4byLgcGrxD9VM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1c36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-flexslider.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 6 KB
2 KB 599ms
591ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb56816d72e7289b2aab8ba19bd1bdb4708cbbc7e70d7f38f9138a4dd10215a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DGZElFbgmmJ9ZbNDvrqSwQUXnlkmvru%2FmH2s3Jw5iT8lHiFCeJT2uxbNS1FKmgWl50A7S%2FR%2BpMklsxZkqcc5XuelBKIinth5l5vH2XSl2ICOHwLSoavU2lgLUfzlQa2MNvEi1kQOdRkuBXx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1d36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-animations.js Show response
macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 600ms
592ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e52dea09005063c3ff69fc36c11c7008b8efa5d4a97e38e7161ffaf0b0aedb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:38:07 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXmfx16IMbOyVnLnfM9deKFNdKdSmE7WDupGP0vIYsNpBylyH%2BOGOvn7xfpmH6exCSCqq4mRrci0K4L7v55ZigB83WeOrbbzcxa3rnsj7xO%2BsgTu%2FQADvqKAt9nXlfdd67K2mMRSBM0sKq%2BR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1e36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-column-legacy.js Show response
macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
918 B 600ms
592ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-legacy.js?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc7b145a0eb35703d5ce10b9204920b9d09e4454bc2288addc9ed5142862f9cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:38:07 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7G6s1fqcnJCaZzHiIsCQ2jPjINRGcup%2Bp0OZ%2FHuC8N6Y9sOSv%2Bkq7FMWPMj6yJJC0mZ75F82aB42hxFPams9H1sKy33vGvWb%2FNCW31yBqr0784MGnmIy1HOiMyma59D7H%2FwOmW8CfgTY1UCh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb1f36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-carousel.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 5 KB
2 KB 601ms
593ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-carousel.js?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6415d3eb28da6b19a8b6b3434520bcb7f6002f1fc11f81ffce9e028f9da64114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6akTxnNIXMW5WTzVVwAoangY8WGB3UgrQObb%2FJPEhyAiNVJfZAmpoDemzC%2FYXYpzjMO8FkO6MrBrRR9YkJX%2B4iq%2BGeyLpFVoe%2F3FtpF1q%2FAS0uH2vsE2QO1C3Nj%2BHJIlL3T3neej1KfSs8ki"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2036dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-container.js Show response
macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/ 15 KB
4 KB 616ms
608ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

302e4a11fe14abdf45b26118996ce8a468fa0d9a9db5f378c56c12ef4d2a6d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:38:07 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1OfPOxrCUy%2BDkJCpgC%2FKFVaU4n7EYluqMWr9mUAsbZa7nqeiJqkR0ZCY%2FfDHmySETRH4u9VtsC2odda1piwUWWsInyVjUfCZUcoWXWbF70g8EFbyFs1pvwwklWc6WkcmYmdu9Sxf%2FiCrvpp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2136dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-elastic-slider.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 565 B
707 B 653ms
645ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-elastic-slider.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3647d841b21197b1efa74e92c861a3bf4cebef0f9a33f5a4c0ea276d74c768b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSAI17fgwZzrL6%2BmKcoL3DV7Bb8GXC3n3a3M9glLVIDLpAHJMQR33x%2BzX%2BkJnTLX4DwLfWONQbK3R34Z2hZ6bMUfgsNRHHh5WEd6UF%2F1clmU6PDg4hnPReuHtRpdASYgsZ1v8TbR1u31wt3a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2236dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-drop-down.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 6 KB
2 KB 658ms
651ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579683e317a76a9a6758e42680b394e80957cbdd2863c25abac9a875852abfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZhhG%2FdjJXNi6tHWRA2i5dJ8Emlc1nbxDtYJl897n3WKGQxtaRxw2XRyw5B1WddPmBY6x4d0GZhAKcFfHi7BnMrh6emTDmutvMy1oPGC9n5Bw%2BHTUwFxWRebLIDJFqcJ2C3g6%2BJ48HhsArH1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2436dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-to-top.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 1017 B
923 B 646ms
638ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-to-top.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b2c2f9810fbe4d8643c2f6b9359daa7dd67b78cffa63e6746202c76d068547e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXSXY7ppgsbYaoVg7BBdeO363QhAg84ru9laBYp6d801767%2BKGwtO0ZbI4%2FKdhBAta8OQLg%2F6D1q6NUwyxFpNqtEB626Qved%2FQHGgD1Gfkv5KUoWAZsFy0jp2YlTftK0qH0fgVReccdiXIYX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2636dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-header.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 31 KB
5 KB 654ms
646ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-header.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80669a9bb1655e529ea0f150945f879706df8fc3957bc1c02d07cdbb6862f60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5PqYx%2FfkKuHL1yTo62YmLPIwzlY8cbnUkQvQ9i1lpUn8HgRvraajxIZxGlqPyyqTuY4LMVXLD4PpUL%2FhKfMQpDcHvoPjjN%2BR9qjUYoQU6WP2vH5mOizwnW1olAv16MEczgiCzSLAwTJcJ2r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2736dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-menu.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 39 KB
7 KB 616ms
608ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-menu.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11181d395c0be8cd6705515ab1e773e64dadf2eb342badf535ebe21d3825897f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B8SBB0g2m7dRIMOBl8VY1cmdj3pWK9bsbAYBYqCqSoMtvNwY6C4Pc3JhTp%2FavR3mbeumZ%2FJolQQcGkZDoz2TUwGLxPMTsA8S1xJW6sBXQWB6AKIcdQIbX4EuqrHrDCCLmikxY3nlSIrvwUd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2936dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.scrollspy.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/library/ 3 KB
2 KB 616ms
609ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c569522330e4e6b040229701ae98650839c5baa9912e15f821ffef8341187f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yjvbOWW2sH2qIsZEePG%2FQEuY5oGBjWW3Vrsi457OrvPx8HpFJYiQf0xZZXjBTnXEGj0kk1qOFrFEj5rV1dXixcOi5CrXZDOhQJgfvPQfQ1Qs7%2BRsN8LQJ%2FhN56TkeUBpO9yMG31HdKpP%2F%2FR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2a36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 avada-scrollspy.js Show response
macrosec.tech/wp-content/themes/Avada/assets/min/js/general/ 845 B
809 B 665ms
657ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.7.1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b66b53112e230d6a90572fd4af0506b89a3021fedad6e9395ad85dc7a3b32094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPxyQieIYK4MmIkfuFveKXW0s1kq1W0PqGlvh%2FGvlizV1NEQTMrTEXtUhw4zq0ADA95HIQyuQxJjcyPpE8I%2BQBKeHQNWQgCcXoLXLwxXMBn10hdKrNN3e0uTNIXfeGpjKHrDKtLiSP9BHW0Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2b36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-responsive-typography.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 3 KB
1 KB 619ms
612ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cb4122592bfa905b2f19c491d0beb0f47a6e609694998e2f002e5e5d403b521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D12K1rrJSxddTe3deqUJ7UFSI%2Fazo8EJPZ7zTCO7gDL0DFW2BlnTBfds6QGz93YOSHmWTh%2BQfRcC7TaUE%2BskPKlCWqan3%2FNRzuGOCt%2Fk0F594eTrNB0BhBWkYrBa%2BNdinObBh9fz2BqxUtIy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2e36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-scroll-to-anchor.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 6 KB
2 KB 672ms
665ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fccd8bdf42b040242f021f0e21737c993e4b83502ca7e262114658cb9f0b4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldmaemvRPpdgAyN32m6k6QM11kYLikNXpDtNrIFnM%2BjIUSUcc%2Bbo9dNmtK0Figrw82xmZanuOTAw0jkR6Xu%2F7h5U0iKdQUZfeU0ZwdXsGWJawDBGgJpQX2UkNy%2FnjZrGqGGc8DXC8ByBsRKj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb2f36dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-general-global.js Show response
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 496 B
710 B 616ms
609ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

709432d669fa084fba23a097defbdecc8097a07717c30ac6f915314bf2a05933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqWLMgcTY6BjylGDRI1Oj1LxjDlxzvftmRZ9sYFI1%2ByTzfKMxXg1Pnr%2B1lIF3VsCW6J7OE0dCcdId7ApGRMAWj0IiCE3mPgNOwA8AajTM1tgpxsx%2FQU%2FiaDtIhyBRuKOLAMXA1tMN%2BjKs0sV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb3036dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-video.js Show response
macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
1 KB 658ms
650ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0a34bc67f5d3623591214473ac2d449be18a8ce1cb5e531b185ef22a09b31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:38:07 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EV%2FOsBT2WIl8X1dN4c6Obp5NHUld2KfF7%2FYC0pHOyE5YVIr2EVjnJOybpb3UK4kB%2BM7YxQFMSxxllBlhXU5HPOKEwIjCDZX9XZrnuA9M%2FkAt5rrnn6IgPjkqY1d6KLyZaSjWmScGfMy1tY4e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb3136dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fusion-column.js Show response
macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/ 666 B
753 B 654ms
646ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dfc6869335d78decb5a3d0fe0220dd780f6d14312a294341c8e42db6d0d21b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:38:07 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZC%2FAnY5tvNA2%2F2EddQMOBdD9WNq478hbJ3zE%2BSbezt1DpHiUYx5xscDVBdQB0j9Cd1e06wjnyFdcmwcoVOqD9bD%2BnBjmD9FW5keRAYj0j7US%2BXDKn8g1vBscDS4mceVSAKgvIB0PdNza%2BIh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e5dbb3236dc-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK a8d58483-851c-4853-80eb-441d8145a1de
https://macrosec.tech/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://macrosec.tech/a8d58483-851c-4853-80eb-441d8145a1de
Requested by: Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 page_title_bg.png
macrosec.tech/wp-content/themes/Avada/assets/images/ 49 KB
50 KB 656ms
656ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/themes/Avada/assets/images/page_title_bg.png

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6490da8fa414a3ee09c42b4b0557ee396bd60c3dd7654c9df31c50f35a3fa122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GidAyQQKfQfndWwXIFRx2D9V%2Bu%2FH9l4N2URzECWBycUsD0H99r5b2T1e0g61tlu%2B75vxCXA2wcq%2FoMejfNRPxfxjmhNBOx%2B4%2B9JXq%2BCOWVsSxtpeEZsal0cgkRTU6Osx%2B4vhKOw%2FieoCwla"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4836dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 50495

GET
H3 200 85204.jpg
macrosec.tech/wp-content/uploads/2020/01/ 747 KB
748 KB 659ms
658ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2020/01/85204.jpg

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f556cd5311363266aff751b1f62f1c7135f2966f6f805ccd2766e022e4cc0367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Jan 2020 11:24:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdBVZwNUnrJmwFqKTKVRWNSd6BD7GbC0WwiL3t8oC6VSLfKy%2BYHLOAc%2BZkhU7wjZtkjDPl8i4fimeFi7KFAlVQP3ebIjt98KKT7Sj%2FVe43DmCiP7mHC2rmAVkp1a20x6prrO3VYYaESd2kBw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4936dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 765066

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 271ms
154ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://macrosec.tech/
Origin: https://macrosec.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 580807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 09:02:59 GMT

GET
H3 200 awb-icons.woff
macrosec.tech/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
20 KB 599ms
599ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1
Origin: https://macrosec.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 11:32:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLEbyKd9HjHC%2Br4cCqFHILHgYwN3Cs8J8FL70HKHswT6ZlvvZuA3%2FxORO3mp6Eyy0PHlRwmB3qFDVXywoWgxHcBvgXrJMijcyPKisneuDZ1Sf0JzacsFmCbqkCZ8pzxG6bPsACSG2JL0wsLM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e5dcb4a36dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20076

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 49 KB
50 KB 172ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://macrosec.tech/
Origin: https://macrosec.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:49:45 GMT
x-content-type-options: nosniff
age: 538401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:13:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 20:49:45 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 234ms
118ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/wp-content/uploads/fusion-styles/90feee297ece8127544253a98adfc8a5.min.css?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://macrosec.tech/
Origin: https://macrosec.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:38:48 GMT
x-content-type-options: nosniff
age: 585858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 07:38:48 GMT

GET
H3 200 wp-emoji-release.min.js Show response
macrosec.tech/wp-includes/js/ 18 KB
5 KB 203ms
203ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://macrosec.tech/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: macrosec.tech
URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Mar 2023 21:40:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm%2BZUaGy8Qf4gEjTg%2FmaZ4ZhEwqZ1B2Vjaxywx52%2Fhh16kWupvF9yhxea8Q2mTWmDbc0NhBJjXsKjgDWncaGJWQjyqyGcDhS04JUa3Qer12rC42Ub2xUr%2FvcXSJIyFDOkD344O%2B%2FN6PCuFp%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81541e623d7836dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 3213 319 KB
104 KB 31ms
31ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fmacrosec.tech
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://macrosec.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 280232
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Oct 2023 02:23:06 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3213 869 B
658 B 201ms
135ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d3788c53f0f84a8e009b5889cd84f7594216f4af

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fmacrosec.tech

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 13 Oct 2023 02:23:06 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 13 Oct 2023 02:23:06 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 20e9aa085e392061
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 8633de7dad18747ad72fbfd6f2707596de527e5e9ea891f7d92ad51080ab1abd
content-length: 337

GET
H/1.1 200
OK tweet.2d13d9c81f3c2ba95ef78654d9a09632.js Show response
platform.twitter.com/js/ 8 KB
3 KB 28ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.2d13d9c81f3c2ba95ef78654d9a09632.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: c1a684357f3962d1a9f8e930221d66b2be480972f48ab3017dbee0ca92bf1a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:06 GMT
Content-Encoding: gzip
Age: 280234
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2724
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (frb/674B)
Etag: "f98aa7152272757269c4c8178e28219f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 1965 345 B
919 B 29ms
28ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5

Request headers

Referer: https://macrosec.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1234
Cache-Control: public, max-age=1800
Content-Length: 345
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Oct 2023 02:23:06 GMT
Etag: "f6d70a110dacf784d914a7bbb2a7d61b"
Last-Modified: Sat, 07 Oct 2023 22:50:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK embed.runtime.30e39e232aef74d6b314.js Show response
platform.twitter.com/embed/ Frame 1965 9 KB
5 KB 28ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 4231
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/6712)
Etag: "a94f2c8e562dd94ba8264b04299bbc31+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9449.143d97ea3ade6f4824dc.js Show response
platform.twitter.com/embed/ Frame 1965 488 KB
160 KB 57ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 162768
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/6762)
Etag: "a096d4d712d8664b5f72fc16777f624e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.61c9a11318b778002223.js Show response
platform.twitter.com/embed/ Frame 1965 33 KB
14 KB 82ms
29ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.61c9a11318b778002223.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 14004
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/67DF)
Etag: "72cf5b19f8c06f163ed659346b6c0234+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.749.467388cca0b3fe9c3291.js Show response
platform.twitter.com/embed/ Frame 1965 19 KB
7 KB 29ms
29ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6789
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/67F2)
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js Show response
platform.twitter.com/embed/ Frame 1965 4 KB
2 KB 28ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1583
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/6762)
Etag: "11ef2c964d5d614da8c769c495a8855b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js Show response
platform.twitter.com/embed/ Frame 1965 35 KB
12 KB 29ms
29ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 11289
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/6724)
Etag: "df117930505b95292615fd76b0e9369c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9203.97b040640e3b329435c9.js Show response
platform.twitter.com/embed/ Frame 1965 267 KB
82 KB 31ms
30ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9203.97b040640e3b329435c9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 83738
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/67D5)
Etag: "691b9586fce0d937b25fcf4f3130bc97+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.af3480c242f6c21a47e5.js Show response
platform.twitter.com/embed/ Frame 1965 88 KB
21 KB 28ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.af3480c242f6c21a47e5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=amarjit_labu&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1531595886547152900&lang=en&origin=https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F&sessionId=d3788c53f0f84a8e009b5889cd84f7594216f4af&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 02:23:07 GMT
Content-Encoding: gzip
Age: 280235
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 20752
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (frb/67D4)
Etag: "984e7cbd45e0ff91dc7b610ed59f333d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame 1965 1 KB
1 KB 294ms
185ms XHR
application/json 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1531595886547152900&lang=en&token=3pnnewdsse&ztbcc6=fe18yzebol3n&mctvow=183z8k7q5kbx&1728nu=eg08r0t1ysv&qrmkis=m3s08bi2uzsh&4cd1z8=1wb8v7ozai71&jfnxof=t58aid1oapck

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

2e0a19ceeda001f2f52cbaa82d21b2888a018aae2f04b4926cb97b3836d64e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-powered-by: Express
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ
content-length: 676
x-response-time: 144
server: tsa_f
etag: W/"40f-M3NoJFV/WamQE7O7qcru9qVRQa8"
vary: Accept-Encoding, Accept-Language
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9e4d4d30a2e438b5
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 025cdba7105073e70f9f581f618cc7c622541abadc28d20181faaa1edacf6259
x-tw-cdn: VZ, VZ, VZ
access-contol-allow-origin: platform.twitter.com

GET
H3 200 MobileIcon_Retine.png
macrosec.tech/wp-content/uploads/2018/04/ 8 KB
8 KB 203ms
203ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://macrosec.tech/wp-content/uploads/2018/04/MobileIcon_Retine.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a3839d3947d2415e6460f78bc2a18f219f9a50a8afa2274bd41d838f022653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Apr 2018 09:30:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdHsjn09XeasYUnFjugrb%2B4vUyXMYO4BAIOsVnmV6khqrHGaZOhpjPEqFlV%2BuGNF3QDHKxVbUNyf7hazAoZauw8GVgNxO%2BclolJPVhLRG6Oei1YN9awKAg884O2XcfYn4y4D20cGfBvkmdBN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81541e67285236dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7952

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 1965 43 B
150 B 134ms
134ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697163787639%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22amarjit_labu%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221531595886547152900%22%5D%2C%22item_details%22%3A%7B%221531595886547152900%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 13 Oct 2023 02:23:07 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 13 Oct 2023 02:23:07 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: b0dc824317bbf962
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 8633de7dad18747ad72fbfd6f2707596de527e5e9ea891f7d92ad51080ab1abd
content-length: 43

GET
H2 200 H2K3T97z_normal.jpg
pbs.twimg.com/profile_images/1570649933065199617/ Frame 1965 2 KB
3 KB 34ms
27ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1570649933065199617/H2K3T97z_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

770de43d1a0c6e8ccccd9d62e9c583d3f8a505c847ed0d5205c7556adfd94d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:23:07 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 561526
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2187
x-response-time: 114
surrogate-key: profile_images profile_images/bucket/3 profile_images/1570649933065199617
last-modified: Fri, 16 Sep 2022 05:42:59 GMT
server: ECS (frb/6760)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2a113e5b4a24c2fc
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 6a27ae21dbb6cb48295f8afe074e1322a2c9f8d5ee462b492549892d53a2bc81
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 1965 43 B
96 B 136ms
135ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697163787797%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmacrosec.tech%2Findex.php%2F2022%2F06%2F01%2Fabusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22amarjit_labu%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221531595886547152900%22%5D%2C%22item_details%22%3A%7B%221531595886547152900%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A830.7000007629395%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 13 Oct 2023 02:23:07 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 13 Oct 2023 02:23:07 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 97f39bb6a44cafb9
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 8633de7dad18747ad72fbfd6f2707596de527e5e9ea891f7d92ad51080ab1abd
content-length: 43

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 19:45:15	Name: _bit Value: n9d2mX-44838ef6be65c1fb62-009

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/ Message: Mixed Content: The page at 'https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/' was loaded over HTTPS, but requested an insecure element 'http://macrosec.tech/wp-content/uploads/2018/04/MobileIcon_1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/(Line 412) Message: Mixed Content: The page at 'https://macrosec.tech/index.php/2022/06/01/abusing-cve-2022-26923-through-socks5-on-a-mythic-c2-agent/' was loaded over HTTPS, but requested an insecure element 'http://macrosec.tech/wp-content/uploads/2018/04/MobileIcon_1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cdn.syndication.twimg.com
fonts.gstatic.com
macrosec.tech
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
104.244.42.136
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:812::2003
2a06:98c1:3121::3
67.199.248.10
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
11181d395c0be8cd6705515ab1e773e64dadf2eb342badf535ebe21d3825897f
11f4df8462b2edc6add3928ab5f30dcab77f69c29c0e175b1888f4cb6275823c
129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c
15a200efcb5af1bbebca242c06a42ebe462efe97210cf0e67f66dd95a169bcbf
16f0469d1736ee83543af13728fa2bdbad66810ea233252f2d8003f12559da23
18d1996609d5252be8d0f0e60b69af5b374c361e611523d5793e5e4be1ada507
19e2b8ef435756c4dc18bc450f4ec0fbe6db2ceb7b99a7d656877bc49eb342ec
1a65ee116b80b7b609f584b66c75bd16f07272b5772b4c9075d02b3cf9ecf614
1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf
2153048f05101a566520223ad82ad39e6660554b81c9299a996732fc60f6247d
21ce45f8b67515136b06230ed6dfe558bc5782879860f51871c9bea157fb3cfd
23263a19c0dc4b29036a56f858a2b6f915ea0e415ed7c46071a071f170626c88
233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b2c2f9810fbe4d8643c2f6b9359daa7dd67b78cffa63e6746202c76d068547e
2dfc6869335d78decb5a3d0fe0220dd780f6d14312a294341c8e42db6d0d21b8
2e0a19ceeda001f2f52cbaa82d21b2888a018aae2f04b4926cb97b3836d64e17
2e52dea09005063c3ff69fc36c11c7008b8efa5d4a97e38e7161ffaf0b0aedb6
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
302e4a11fe14abdf45b26118996ce8a468fa0d9a9db5f378c56c12ef4d2a6d4a
309e3361f146ba9737c592aa8df9bf338f32da9bdd1ddba5cd60bff7bc1b8375
33056a360b494e52a39670ea95d729ad26ec6383525712d75bd8f238a322e9dd
33f642fa26d2399143ea88245da6207f2e76ab01f63c4b0b45b9db4cb0257d42
34a3839d3947d2415e6460f78bc2a18f219f9a50a8afa2274bd41d838f022653
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
3647d841b21197b1efa74e92c861a3bf4cebef0f9a33f5a4c0ea276d74c768b0
37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf
45a6eea93903fe37410887ca5eb4605572ecfaf1968387365ec9ed9331a36487
46af13bd348d946968c6bd1c844dccbca02856ecdcaa8dcb35969e99d1399562
4cb4122592bfa905b2f19c491d0beb0f47a6e609694998e2f002e5e5d403b521
4ea735c25bb36d6130e169c43dd545f9ab091b791672b1538046ebedef3308f6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe7e4c377956dbf5362b7444a7947866106380c1db490cceb2050b8181be221
500c7d5254541fc7049b6d79925f7510bd8a886e87c418d0812002bec8bf2d2b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
533e8584fd371930ebddd9c847766750939d7f11e3bed6c1ce6b5bc126ba5eca
54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8
579683e317a76a9a6758e42680b394e80957cbdd2863c25abac9a875852abfc7
5ab7dbbfc4b921063b4e914856ad00ab36972726dd456d4600973153cadc640c
5c569522330e4e6b040229701ae98650839c5baa9912e15f821ffef8341187f5
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5e77f47d0224d8b08843a22650137afaefdc86735c0085a49e01ce014b4eded2
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
61e7bb6d0210c308eb1f6153f18b4063eb715fde885b7d20b4d209d3fcb5a217
6415d3eb28da6b19a8b6b3434520bcb7f6002f1fc11f81ffce9e028f9da64114
6490da8fa414a3ee09c42b4b0557ee396bd60c3dd7654c9df31c50f35a3fa122
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6afaae08a9346fc9ca891d0d80f8483905c1421bca9f918506150566d3912e9a
709432d669fa084fba23a097defbdecc8097a07717c30ac6f915314bf2a05933
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7508065f850e5fc76b731d45b6decfb568ef585a5a634464c2c9a22629ded681
770de43d1a0c6e8ccccd9d62e9c583d3f8a505c847ed0d5205c7556adfd94d21
78c333ac0620c35e62b5259491dfda266c5ef7708685b5a624fd2c9bf5a7a6be
7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e95cfb6addaf32f67fd7678ace3cc26ec40ad8e3e7a870d1ba87b4fb0dab789
80669a9bb1655e529ea0f150945f879706df8fc3957bc1c02d07cdbb6862f60b
80e9a74251b9a8f1f7e72a0ea7cbd8905e4777b931e92b09f545087161fa0b37
81f2b11bfe47b2722d6f2720aaf6faded8d39a39e723bf8908fdb85f677eb7eb
828ef7357ef25a04a505c7f21b1418620b4c13faec1ac0d562e2127400c751fb
836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37
88e24ce8a95ebad7ab81fcde36e6f632ca33eb4e932430cf24c4c8a5a3a1aa8e
893ed74f27210911877234fad64cae770cf4af4b2b9b2c75b80d401c43f281d1
8fccd8bdf42b040242f021f0e21737c993e4b83502ca7e262114658cb9f0b4bc
93d5f2281324f8a87ce2bdf811d8d1fd5ca4781618754a490a0fce0f166d479c
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
953278e821cb5ca0fb28623b06cb56c03de606d11616cc676c9e3b45a5d60a24
980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904
9a0a34bc67f5d3623591214473ac2d449be18a8ce1cb5e531b185ef22a09b31f
a1e265af7b140bf70ba7a061b8ddee61e32ced0c50d985f0b05cdfe061112cb5
a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b66b53112e230d6a90572fd4af0506b89a3021fedad6e9395ad85dc7a3b32094
b87996c04e3232d7c42c1d637c6814efdf814255d36ed8bca53411b8e63ad02b
bc7b145a0eb35703d5ce10b9204920b9d09e4454bc2288addc9ed5142862f9cd
bd6def1ae1509946499390f95acaa1fd39a76452c8312f165d2bc0b791c9e0ef
bf3722b93fa395dc556c14f331f86a9d5e31fa813e46f0cfcb8afd19fae33034
c13d9e4af00e319f622cc306225f1286dff17721033f52d7cf91c51e18d0f6eb
c1a684357f3962d1a9f8e930221d66b2be480972f48ab3017dbee0ca92bf1a11
c3155f5d3a27524f5f79015c4928cd84829456bf916357719e79a96f98a50684
c8c066c331d08eaf858338789a0499c5ad85cfc6325d7685ea8a9463750d8684
c9bf057820b3b0223c468e08beb0d41a12b451e224308149bc05f0d4a607fcab
cb56816d72e7289b2aab8ba19bd1bdb4708cbbc7e70d7f38f9138a4dd10215a5
cc13f8e8049ee41eac85bacd7a57c5d623dd8960e7e603cac18dae5b4e05f461
cce83fa2c5096e414c0e32c9fc07ba011e2f4d67a51f9c4155651122329ec0dc
d3d1fc3b726f87e9440670838b6d33dc22ee1c854274724b27de90be75d1069c
d54b26f033e2177b6214cd5e7140cefb038cd8e9dafb10e02473fcc32c0db9c5
d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971
daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada
dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e261145d067cf6c8b350f680488b099c870f9f6e64f0d0c275bca6ad8ed58b58
e2dd1bd47aa123d6770f92f540b564d4e0972a39292db8708745b4b974e8eec8
e522f9b51816efe21c097ca670efe58f65d8399c0cc8a93b74e873596fc08a8d
ea2dd31704608166bfd31e6c1b54027061ea568cd9aa1163656843a5907ac45d
ea62068f7dbac4ea3741403816b938ad92c3597eb32fc3c598f50c9979a8a912
eb6481e44617b3e40d345b2df5e20965503b4ab87c9346a43894f93a601ccde7
ebb5c3979c995d36fb823124f94d8f5b71e5a8b2523dc54d63164962ef440322
f2d424362aca158ad49da19b48c212e687fbed93ece9fed06fcf8871f5f64c5f
f556cd5311363266aff751b1f62f1c7135f2966f6f805ccd2766e022e4cc0367
fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267

macrosec.tech Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

99 %HTTPS

67 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

4059 kBTransfer

6475 kBSize

1 Cookies

17 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

macrosec.tech Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

99 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

4059 kB
Transfer

6475 kB
Size

1
Cookies

108 HTTP transactions
0 data transactions