attack.mitre.org Open in urlscan Pro
2606:50c0:8003::153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f
Effective URL:
https://attack.mitre.org/techniques/T1566/002/
Submission: On August 10 via manual (August 10th 2023, 3:41:32 pm UTC) from MX — Scanned from DE

Summary HTTP 43 Redirects Links 118 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 43 HTTP transactions. The main IP is 2606:50c0:8003::153, located in United States and belongs to FASTLY, US. The main domain is attack.mitre.org. The Cisco Umbrella rank of the primary domain is 287939.
TLS certificate: Issued by R3 on July 29th 2023. Valid for: 3 months.

This is the only time attack.mitre.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Formulario.rar 19 KB application/x-rar

SHA256: 3a44c6af3079e6778d9f4c96484d96b5ec96f74492038c5f692a6a8bcffd85ab

MIME: RAR archive data, v5

Size: 19 KB (19033 bytes, 100% done)

Downloaded from: https://cym-files-download.s3.eu-west-1.amazonaws.com/apt-files/7c204fb0-3714-11ee-8b6a-4f9df6dbeb7c/64d42e9a420fd51a6209b49f/Formulario.rar?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=AKIAJPJC2Q3D5GWFTK3Q%2F20230810%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20230810T004840Z&X-Amz-Expires=259200&X-Amz-Signature=860dc04f95ded2a3c699ee844fe062852692cd5aa77240ca070874a773f58f8a&X-Amz-SignedHeaders=host&x-id=GetObject

Domain & IP information

	IP Address	AS Autonomous System
1	54.154.126.21 54.154.126.21	16509 (AMAZON-02) (AMAZON-02)
1	52.218.24.64 52.218.24.64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 35	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
43	8

1 54.154.126.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-126-21.eu-west-1.compute.amazonaws.com

support-eu.lionnets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.24.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

cym-files-download.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4f1 (United States)

ASN13335 (CLOUDFLARENET, US)

app.cymulate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:50c0:8003::153 (United States) 1 redirects

ASN54113 (FASTLY, US)

attack.mitre.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	mitre.org 1 redirects attack.mitre.org — Cisco Umbrella Rank: 287939	4 MB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	130 KB
1	cymulate.com app.cymulate.com — Cisco Umbrella Rank: 259098
1	amazonaws.com cym-files-download.s3.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 901352
1	lionnets.com support-eu.lionnets.com	2 KB
43	6

	Domain	Requested by
35	attack.mitre.org	1 redirects support-eu.lionnets.com attack.mitre.org
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	attack.mitre.org www.googletagmanager.com
1	app.cymulate.com	support-eu.lionnets.com
1	cym-files-download.s3.eu-west-1.amazonaws.com	support-eu.lionnets.com
1	support-eu.lionnets.com
43	7

This site contains links to these domains. Also see Links.

Domain
medium.com
us-cert.cisa.gov
blog.trendmicro.com
www.microsoft.com
o365blog.com
www.fireeye.com
www.justice.gov
www.welivesecurity.com
www.secureworks.com
www.slideshare.net
www.cybereason.com
www.volexity.com
www.amnestyusa.org
www.symantec.com
www.iranwatch.org
www.zscaler.com
www.crowdstrike.com
www.proofpoint.com
blog.talosintelligence.com
www.trendmicro.com
web.archive.org
www.csmonitor.com
unit42.paloaltonetworks.com
securelist.com
www.cisecurity.org
support.malwarebytes.com
www.us-cert.gov
www.picussecurity.com
blog.google
www.mandiant.com
www2.fireeye.com
securityintelligence.com
threatpost.com
blog.alyac.co.kr
asert.arbornetworks.com
www.boho.or.kr
www.malwarebytes.com
threatvector.cylance.com
www.clearskysec.com
blog.certfa.com
foxitsecurity.files.wordpress.com
www.anomali.com
www.mcafee.com
scadahacker.com
researchcenter.paloaltonetworks.com
s7d2.scene7.com
documents.trendmicro.com
blog.malwarebytes.com
www.kroll.com
success.trendmicro.com
cybersecurity.att.com
groupib.pathfactory.com
cdn-cybersecurity.att.com
cybleinc.com
assets.sentinelone.com
www.sans.org
thedfirreport.com
blogs.microsoft.com
docs.microsoft.com
www.cyber.gov.au
www.mitre.org
twitter.com

Subject Issuer	Validity	Valid
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-05-31`	a year	crt.sh
cymulate.com Cloudflare Inc ECC CA-3	`2022-12-09` - `2023-12-09`	a year	crt.sh
attack.mitre.org R3	`2023-07-29` - `2023-10-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://attack.mitre.org/techniques/T1566/002/
Frame ID: 73D6E434139DD403DA9BD6903A10E6C2
Requests: 44 HTTP requests in this frame

Frame: https://cym-files-download.s3.eu-west-1.amazonaws.com/apt-files/7c204fb0-3714-11ee-8b6a-4f9df6dbeb7c/64d42e9a420fd51a6209b49f/Formulario.rar?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=AKIAJPJC2Q3D5GWFTK3Q%2F20230810%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20230810T004840Z&X-Amz-Expires=259200&X-Amz-Signature=860dc04f95ded2a3c699ee844fe062852692cd5aa77240ca070874a773f58f8a&X-Amz-SignedHeaders=host&x-id=GetObject
Frame ID: 811177700A240C861BB1FF97EE651CD8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phishing: Spearphishing Link, Sub-technique T1566.002 - Enterprise | MITRE ATT&CK®

Page URL History Show full URLs

http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f Page URL
https://attack.mitre.org/techniques/T1192/ Page URL
https://attack.mitre.org/techniques/T1566/002 HTTP 301
https://attack.mitre.org/techniques/T1566/002/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

4057 kB
Transfer

14700 kB
Size

4
Cookies

118 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/mitre-attack/
Title: Blog

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/tips/ST05-016
Title: [1]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-abuses-open-authentication-advanced-social-engineering-attacks
Title: [2]

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/07/14/microsoft-delivers-comprehensive-solution-to-battle-rise-in-consent-phishing-emails/
Title: [3]

Search URL Search Domain Scan URL

URL: https://o365blog.com/aadinternals
Title: [4]

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa21-048a
Title: [5]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf
Title: [6]

Search URL Search Domain Scan URL

URL: https://www.justice.gov/file/1080281/download
Title: [7]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2019/05/22/journey-zebrocy-land/
Title: [8]

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/page/file/1098481/download
Title: [9]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/research/iron-twilight-supports-active-measures
Title: [10]

Search URL Search Domain Scan URL

URL: http://www.slideshare.net/MatthewDunwoody1/no-easy-breach-derby-con-2016
Title: [11]

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/
Title: [12]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/blog/usaid-themed-phishing-campaign-leverages-us-elections-lure
Title: [13]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html
Title: [14]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2018/03/13/oceanlotus-ships-new-backdoor/
Title: [15]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/operation-cobalt-kitty-apt
Title: [16]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2020/04/apt32-targeting-chinese-government-in-covid-19-related-espionage.html
Title: [17]

Search URL Search Domain Scan URL

URL: https://www.volexity.com/blog/2020/11/06/oceanlotus-extending-cyber-espionage-operations-through-fake-websites/
Title: [18]

Search URL Search Domain Scan URL

URL: https://www.amnestyusa.org/wp-content/uploads/2021/02/Click-and-Bait_Vietnamese-Human-Rights-Defenders-Targeted-with-Spyware-Attacks.pdf
Title: [19]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/09/apt33-insights-into-iranian-cyber-espionage.html
Title: [20]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/blogs/threat-intelligence/elfin-apt33-espionage
Title: [21]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2019/01/apt39-iranian-cyber-espionage-group-focused-on-personal-information.html
Title: [22]

Search URL Search Domain Scan URL

URL: https://www.iranwatch.org/sites/default/files/public-intelligence-alert.pdf
Title: [23]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/a-bazar-of-tricks-following-team9s-development-cycles
Title: [24]

Search URL Search Domain Scan URL

URL: https://www.zscaler.com/blogs/research/spear-phishing-campaign-delivers-buer-and-bazar-malware
Title: [25]

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/wizard-spider-adversary-update/
Title: [26]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/following-trail-blacktech-cyber-espionage-campaigns/
Title: [27]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/blog/threat-insight/bumblebee-is-still-transforming
Title: [28]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/threat-analysis-report-bumblebee-loader-the-high-road-to-enterprise-domain-control
Title: [29]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2022/07/transparent-tribe-targets-education.html
Title: [30]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/11/not-so-cozy-an-uncomfortable-examination-of-a-suspected-apt29-phishing-campaign.html
Title: [31]

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2018/12/03/analysis-of-cyberattack-on-u-s-think-tanks-non-profits-public-sector-by-unidentified-attackers/
Title: [32]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/07/multiple-cobalt-personality-disorder.html
Title: [33]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/blog/cybercriminals-increasingly-trying-to-ensnare-the-big-financial-fish
Title: [34]

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/21/h/confucius-uses-pegasus-spyware-related-lures-to-target-pakistani.html
Title: [35]

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf
Title: [36]

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190717233006/http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-elderwood-project.pdf
Title: [37]

Search URL Search Domain Scan URL

URL: https://www.csmonitor.com/USA/2012/0914/Stealing-US-business-secrets-Experts-ID-two-huge-cyber-gangs-in-China
Title: [38]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/ukraine-targeted-outsteel-saintbot/
Title: [39]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/new-banking-malware-uses-network-sniffing-for-data-theft/
Title: [40]

Search URL Search Domain Scan URL

URL: https://securelist.com/the-banking-trojan-emotet-detailed-analysis/69560/
Title: [41]

Search URL Search Domain Scan URL

URL: https://www.cisecurity.org/blog/emotet-changes-ttp-and-arrives-in-united-states/
Title: [42]

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/docs/DOC-2295
Title: [43]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/blogs/threat-intelligence/evolution-emotet-trojan-distributor
Title: [44]

Search URL Search Domain Scan URL

URL: https://www.us-cert.gov/ncas/alerts/TA18-201A
Title: [45]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2019/01/return-of-emotet.html
Title: [46]

Search URL Search Domain Scan URL

URL: https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc.html
Title: [47]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2020/07/09/more-evil-deep-look-evilnum-toolset/
Title: [48]

Search URL Search Domain Scan URL

URL: https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/
Title: [49]

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/sites/default/files/2021-09/rpt-fin4.pdf
Title: [50]

Search URL Search Domain Scan URL

URL: https://www2.fireeye.com/WBNR-14Q4NAMFIN4.html
Title: [51]

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/carbon-spider-embraces-big-game-hunting-part-1/
Title: [52]

Search URL Search Domain Scan URL

URL: https://www2.fireeye.com/WBNR-Know-Your-Enemy-UNC622-Spear-Phishing.html
Title: [53]

Search URL Search Domain Scan URL

URL: https://securityintelligence.com/posts/grandoreiro-malware-now-targeting-banks-in-spain/
Title: [54]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2020/04/28/grandoreiro-how-engorged-can-exe-get/
Title: [55]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/guloader-installing-netwire-rat/
Title: [56]

Search URL Search Domain Scan URL

URL: https://threatpost.com/spammers-revive-hancitor-downloader-campaigns/123011/
Title: [57]

Search URL Search Domain Scan URL

URL: https://securelist.com/the-tetrade-brazilian-banking-malware/97779/
Title: [58]

Search URL Search Domain Scan URL

URL: https://blog.alyac.co.kr/2234
Title: [59]

Search URL Search Domain Scan URL

URL: https://asert.arbornetworks.com/stolen-pencil-campaign-targets-academia/
Title: [60]

Search URL Search Domain Scan URL

URL: https://www.boho.or.kr/krcert/publicationView.do?bulletin_writing_sequence=35936
Title: [61]

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/resources/files/2021/02/lazyscripter.pdf
Title: [62]

Search URL Search Domain Scan URL

URL: https://securelist.com/lazarus-threatneedle/100803/
Title: [63]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets
Title: [64]

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa21-200a
Title: [65]

Search URL Search Domain Scan URL

URL: https://securelist.com/apt-luminousmoth/103332/
Title: [66]

Search URL Search Domain Scan URL

URL: https://threatvector.cylance.com/en_us/home/el-machete-malware-attacks-cut-through-latam.html
Title: [67]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2019/08/ESET_Machete.pdf
Title: [68]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations
Title: [69]

Search URL Search Domain Scan URL

URL: https://www.clearskysec.com/wp-content/uploads/2020/08/The-Kittens-are-Back-in-Town-3.pdf
Title: [70]

Search URL Search Domain Scan URL

URL: https://blog.certfa.com/posts/charming-kitten-christmas-gift/
Title: [71]

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2021/11/16/evolving-trends-in-iranian-threat-actor-activity-mstic-presentation-at-cyberwarcon-2021
Title: [72]

Search URL Search Domain Scan URL

URL: https://foxitsecurity.files.wordpress.com/2016/06/fox-it_mofang_threatreport_tlp-white.pdf
Title: [73]

Search URL Search Domain Scan URL

URL: https://securelist.com/gaza-cybergang-group1-operation-sneakypastes/90068/
Title: [74]

Search URL Search Domain Scan URL

URL: https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies
Title: [75]

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/21/c/earth-vetala---muddywater-continues-to-target-organizations-in-t.html
Title: [76]

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-operation-dianxun.pdf
Title: [77]

Search URL Search Domain Scan URL

URL: https://scadahacker.com/library/Documents/Cyber_Events/McAfee%20-%20Night%20Dragon%20-%20Global%20Energy%20Cyberattacks.pdf
Title: [78]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/02/unit42-oopsie-oilrig-uses-threedollars-deliver-new-trojan/
Title: [79]

Search URL Search Domain Scan URL

URL: https://www.clearskysec.com/wp-content/uploads/2020/08/Dream-Job-Campaign.pdf
Title: [80]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2020/06/ESET_Operation_Interception.pdf
Title: [81]

Search URL Search Domain Scan URL

URL: https://s7d2.scene7.com/is/content/cylance/prod/cylance-web/en-us/resources/knowledge-center/resource-library/reports/Op_Dust_Storm_Report.pdf
Title: [82]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2021/01/12/operation-spalax-targeted-malware-attacks-colombia/
Title: [83]

Search URL Search Domain Scan URL

URL: http://www.symantec.com/connect/blogs/patchwork-cyberespionage-group-expands-targets-governments-wide-range-industries
Title: [84]

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/assets/tech-brief-untangling-the-patchwork-cyberespionage-group.pdf
Title: [85]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/updated-backconfig-malware-targeting-government-and-military-organizations/
Title: [86]

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2015/11/no-money-but-pony-from-a-mail-to-a-trojan-horse/
Title: [87]

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/vinfo/ph/security/news/cybercrime-and-digital-threats/qakbot-resurges-spreads-through-vbs-files
Title: [88]

Search URL Search Domain Scan URL

URL: https://www.kroll.com/en/insights/publications/cyber/qakbot-malware-exfiltrating-emails-thread-hijacking-attacks
Title: [89]

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/solution/000283381
Title: [90]

Search URL Search Domain Scan URL

URL: https://cybersecurity.att.com/blogs/labs-research/the-rise-of-qakbot
Title: [91]

Search URL Search Domain Scan URL

URL: https://securelist.com/qakbot-technical-analysis/103931/
Title: [92]

Search URL Search Domain Scan URL

URL: https://groupib.pathfactory.com/ransomware-reports/prolock_wp
Title: [93]

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/22/j/black-basta-infiltrates-networks-via-qakbot-brute-ratel-and-coba.html
Title: [94]

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/press-release/file/1328521/download
Title: [95]

Search URL Search Domain Scan URL

URL: https://cdn-cybersecurity.att.com/docs/global-perspective-of-the-sidewinder-apt.pdf
Title: [96]

Search URL Search Domain Scan URL

URL: https://cybleinc.com/2020/09/26/sidewinder-apt-targets-with-futuristic-tactics-and-techniques/
Title: [97]

Search URL Search Domain Scan URL

URL: https://www.zscaler.com/blogs/security-research/squirrelwaffle-new-loader-delivering-cobalt-strike
Title: [98]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter
Title: [99]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/servhelper-and-flawedgrace-new-malware-introduced-ta505
Title: [100]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/shifting-tactics-breaking-down-ta505-groups-use-of-html-rats-and-other-techniques-in-latest-campaigns/
Title: [101]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/ta505-distributes-new-sdbbot-remote-access-trojan-get2-downloader
Title: [102]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2021/02/obliquerat-new-campaign.html
Title: [103]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
Title: [104]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/dropping-anchor-from-a-trickbot-infection-to-the-discovery-of-the-anchor-malware
Title: [105]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2018/01/ESET_Turla_Mosquito.pdf
Title: [106]

Search URL Search Domain Scan URL

URL: https://assets.sentinelone.com/labs/sentinel-one-valak-i
Title: [107]

Search URL Search Domain Scan URL

URL: https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1554718868.pdf
Title: [108]

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa20-302a
Title: [109]

Search URL Search Domain Scan URL

URL: https://thedfirreport.com/2020/11/05/ryuk-speed-run-2-hours-to-ransom/
Title: [110]

Search URL Search Domain Scan URL

URL: https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/
Title: [111]

Search URL Search Domain Scan URL

URL: https://blog.google/threat-analysis-group/how-were-tackling-evolving-online-threats/
Title: [112]

Search URL Search Domain Scan URL

URL: https://www.zscaler.com/blogs/security-research/apt-31-leverages-covid-19-vaccine-theme-and-abuses-legitimate-online
Title: [113]

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spoofing-protection?view=o365-worldwide
Title: [114]

Search URL Search Domain Scan URL

URL: https://www.cyber.gov.au/sites/default/files/2019-03/spoof_email_sender_policy_framework.pdf
Title: [115]

Search URL Search Domain Scan URL

URL: https://www.mitre.org/

Search URL Search Domain Scan URL

URL: https://twitter.com/MITREattack
Title: @MITREattack

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f Page URL
https://attack.mitre.org/techniques/T1192/ Page URL
https://attack.mitre.org/techniques/T1566/002 HTTP 301
https://attack.mitre.org/techniques/T1566/002/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK download Show response
support-eu.lionnets.com/ 1 KB
2 KB 160ms
50ms Document
text/html 54.154.126.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f

Protocol

HTTP/1.1

Server

54.154.126.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-126-21.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3734af43ab485366f1217f7cd9f34c680372f7367061ca17ec54519e9b0f3051

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'self' http:// 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 1452
Content-Security-Policy: default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=utf-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Thu, 10 Aug 2023 15:41:25 GMT
ETag: W/"5ac-LR+lpReIgj+Ag5BDynqYDAZOJEo"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
x-cym: true

GET
H/1.1 200
OK Formulario.rar
cym-files-download.s3.eu-west-1.amazonaws.com/apt-files/7c204fb0-3714-11ee-8b6a-4f9df6dbeb7c/64d42e9a420fd51a6209b49f/ Frame 8111 0
0 189ms
96ms Document
application/octet-stream 52.218.24.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cym-files-download.s3.eu-west-1.amazonaws.com/apt-files/7c204fb0-3714-11ee-8b6a-4f9df6dbeb7c/64d42e9a420fd51a6209b49f/Formulario.rar?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=AKIAJPJC2Q3D5GWFTK3Q%2F20230810%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20230810T004840Z&X-Amz-Expires=259200&X-Amz-Signature=860dc04f95ded2a3c699ee844fe062852692cd5aa77240ca070874a773f58f8a&X-Amz-SignedHeaders=host&x-id=GetObject
Requested by: Host: support-eu.lionnets.com
URL: http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.24.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 19033
Content-Type: application/octet-stream
Date: Thu, 10 Aug 2023 15:41:26 GMT
ETag: "897e9a27b53e9112ddcd1e672aed3fea"
Last-Modified: Thu, 10 Aug 2023 00:48:41 GMT
Server: AmazonS3
x-amz-expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="remove-old-files-apt-files"
x-amz-id-2: WzZOvfKUyQa7GenNSVyIOq9RbJvThu02OJdqfYL35K/7cS2NE3DPyKvwg/xYbfR6pArIZak80l8=
x-amz-replication-status: COMPLETED
x-amz-request-id: 7661PP9J87HRZ1CW
x-amz-server-side-encryption: AES256
x-amz-version-id: qdN4m3aXVchMjUiNqt0jonJnTjB.Hik5

GET
H2 200 64d42e9a420fd51a6209b49f
app.cymulate.com/api/phishing/clicked/ 0
0 177ms
124ms Fetch
text/html 2606:4700:10::6816:4f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cymulate.com/api/phishing/clicked/64d42e9a420fd51a6209b49f

Requested by

Host: support-eu.lionnets.com
URL: http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 15:41:25 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 975fd5d0332c1e0796bab30e0bb30a24.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS1-P3
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-encoding: br
x-xss-protection: 0
x-cym: true
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
access-control-allow-credentials: true
cf-ray: 7f4957c90c11372c-FRA
x-amz-cf-id: hzVBpW_Izz6pTcnywIj9_O8KaDkSCLcxQPUMgtBvbEIFApn5cwyMJg==

GET
H2 200 / Show response
attack.mitre.org/techniques/T1192/ 67 B
442 B 278ms
137ms Document
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/techniques/T1192/
Requested by: Host: support-eu.lionnets.com
URL: http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 474446b53291573891b1056f2b98c44efaeffb2b114883e0ad152255d55a5ca0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-length: 67
content-type: text/html; charset=utf-8
date: Thu, 10 Aug 2023 15:41:26 GMT
etag: "64a85005-43"
expires: Thu, 10 Aug 2023 15:51:26 GMT
last-modified: Fri, 07 Jul 2023 17:48:53 GMT
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 676ddd99e7f9fb4725e390599e4610c89ec433d4
x-github-request-id: 8C86:34AC:207B5C9:2163122:64D50525
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230040-FRA
x-timer: S1691682086.374504,VS0,VE101

GET
H2

200

Primary Request / Show response
attack.mitre.org/techniques/T1566/002/
Redirect Chain

https://attack.mitre.org/techniques/T1566/002
https://attack.mitre.org/techniques/T1566/002/

512 KB
55 KB

115ms
114ms

Document
text/html

2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 0b1491c19b4fed56dff4c03dfb02a46bb1a6a5297f3be79e166b7078202acc45

Request headers

Referer: https://attack.mitre.org/techniques/T1192/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 56494
content-type: text/html; charset=utf-8
date: Thu, 10 Aug 2023 15:41:26 GMT
etag: W/"64a85006-801b1"
expires: Thu, 10 Aug 2023 15:51:26 GMT
last-modified: Fri, 07 Jul 2023 17:48:54 GMT
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 46616cb694e4c3e55ac7f3229f969adea48cc406
x-github-request-id: 300C:0969:207461C:215BDF5:64D50526
x-origin-cache: HIT
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230040-FRA
x-timer: S1691682087.636680,VS0,VE103

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-length: 162
content-type: text/html
date: Thu, 10 Aug 2023 15:41:26 GMT
expires: Thu, 10 Aug 2023 15:51:26 GMT
location: https://attack.mitre.org/techniques/T1566/002/
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 812323c1c5b30f1dcfa484951c1059aa8f4c18cd
x-github-request-id: 2C2E:6E52:21C0C1C:22A95DC:64D50526
x-origin-cache: HIT
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230040-FRA
x-timer: S1691682087.528312,VS0,VE100

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 52ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62667723-1

Requested by

Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7176c6dd7e777599369721113f25f00a7d0d2874f5e6bb6ef76b84a70262eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49325
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 15:41:26 GMT

GET
H2 200 bootstrap.min.css
attack.mitre.org/theme/style/ 152 KB
23 KB 34ms
33ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/style/bootstrap.min.css
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 1aadf5cb0920f4f028c60c71f23944c407980532
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 90
x-cache: HIT
x-proxy-cache: MISS
content-length: 23620
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: F736:3414:827C63:85864D:64C850FE
x-timer: S1691682087.758231,VS0,VE2
etag: W/"64a85007-2606e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 01 Aug 2023 00:35:35 GMT

GET
H2 200 bootstrap-glyphicon.min.css
attack.mitre.org/theme/style/ 12 KB
3 KB 39ms
38ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/style/bootstrap-glyphicon.min.css
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 8117b34e40b234c456830e62ca1e0c3758d7a97111678b28c4d55a1ef3d28d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 215f2c164552879f860b0dc4b5e68e777a824487
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 437
x-cache: HIT
x-proxy-cache: MISS
content-length: 2641
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 7CF2:50FA:203F621:211FD28:64CB468A
x-timer: S1691682087.758624,VS0,VE2
etag: W/"64a85007-31d3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 06:27:46 GMT

GET
H2 200 bootstrap-tourist.css
attack.mitre.org/theme/style/ 2 KB
850 B 38ms
37ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/style/bootstrap-tourist.css
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 50d579034cf5e54e53ad48172173f27b9eae3cd1c493c554526510386ac0200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 881656f6683533a614f09247a8f528b089d09358
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 90
x-cache: HIT
x-proxy-cache: HIT
content-length: 671
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: E5EC:50FA:1395612:1411CA2:64C99750
x-timer: S1691682087.758549,VS0,VE2
etag: W/"64a85007-978"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 01 Aug 2023 23:43:35 GMT

GET
H2 200 bootstrap-select.min.css
attack.mitre.org/theme/style/ 11 KB
2 KB 24ms
24ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/style/bootstrap-select.min.css
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: faa7d4abdcc134a5c975663c134d4e2cf9b91a46
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 90
x-cache: HIT
x-proxy-cache: HIT
content-length: 2262
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: D346:E230:14ECA0:15D5DA:64CC6BF8
x-timer: S1691682087.758555,VS0,VE1
etag: W/"64a85007-2bb0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Fri, 04 Aug 2023 03:19:23 GMT

GET
H2 200 style.min.css
attack.mitre.org/theme/ 45 KB
8 KB 40ms
39ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/style.min.css?32a923e1
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 45424597b815f4abb6950cd904ff6c99ab0c6373e7a9048cfad94f7a17d2e981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 3749b17d78010b21e76aec79076191f0a3fb5aec
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 90
x-cache: HIT
x-proxy-cache: MISS
content-length: 8376
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 4B14:1050C:EB796:F4F00:64CC55BD
x-timer: S1691682087.758601,VS0,VE3
etag: W/"64a85007-b522"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Fri, 04 Aug 2023 01:44:53 GMT

GET
H2 200 mitre_attack_logo.png
attack.mitre.org/theme/images/ 8 KB
9 KB 37ms
37ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/theme/images/mitre_attack_logo.png
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3ae6a7bfab7524a73fda8afb924ee4ebcaede820e4aacbbadfa7a958a45bef93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 627e8ad20aae9e4aa17ad5381a3d9a0af35fb88f
date: Thu, 10 Aug 2023 15:41:26 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 90
x-cache: HIT
x-proxy-cache: HIT
content-length: 8461
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 345E:345A:37353C:38D5EC:64D18DF9
x-timer: S1691682087.764961,VS0,VE1
etag: "64a85007-210d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 08 Aug 2023 00:42:21 GMT

GET
H2 200 external-site.svg
attack.mitre.org/theme/images/ 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/theme/images/external-site.svg
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 92232d88078e2a618a3a4a02443fa1df4649718289bb9cec2a3bbd5910b337a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 1b256ad22379b06cd2c3f7b03b74ade97cd4447c
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 118
x-cache: HIT
x-proxy-cache: MISS
content-length: 1022
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 1296:CAB2:14A8DA8:152AA61:64C9ADB6
x-timer: S1691682087.765066,VS0,VE1
etag: W/"64a85007-7c6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 02 Aug 2023 01:23:26 GMT

GET
H2 200 mitrelogowhiteontrans.gif
attack.mitre.org/theme/images/ 661 B
878 B 24ms
23ms Image
image/gif 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/theme/images/mitrelogowhiteontrans.gif
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 1fb5209b8b048bdc99b6cd35cba4ff025eeabeda
date: Thu, 10 Aug 2023 15:41:26 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 183
x-cache: HIT
x-proxy-cache: MISS
content-length: 661
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 0DA6:13388:2C382:2D3EF:64CB6233
x-timer: S1691682087.780256,VS0,VE2
etag: "64a85007-295"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 08:25:47 GMT

GET
H2 200 twitter.png
attack.mitre.org/theme/images/ 11 KB
11 KB 28ms
27ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/theme/images/twitter.png
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: fa56d1290557a7b0734f0b53ee6b8b31e4e36276cfb622f1a48fed56c3188730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: ba3865e2e48c87e0d440639c98e0ca1603eb2baf
date: Thu, 10 Aug 2023 15:41:26 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 183
x-cache: HIT
x-proxy-cache: MISS
content-length: 11502
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 097E:0CD0:BA9D3:C0C8F:64C98FF2
x-timer: S1691682087.780455,VS0,VE1
etag: "64a85007-2cee"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 01 Aug 2023 23:16:28 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
attack.mitre.org/theme/scripts/ 87 KB
31 KB 34ms
33ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/jquery-3.5.1.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 0aacdc83aefdc0cc4443cda60f1319c08c61120e
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 499
x-cache: HIT
x-proxy-cache: MISS
content-length: 31147
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 71EE:34AC:6B84CF:6EF2AB:64D20AA2
x-timer: S1691682087.780488,VS0,VE1
etag: W/"64a85007-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 08 Aug 2023 09:38:02 GMT

GET
H2 200 popper.min.js Show response
attack.mitre.org/theme/scripts/ 20 KB
6 KB 45ms
44ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/popper.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 9be13a73691f31ae4d05917222b5e7f4e6d7f406
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 118
x-cache: HIT
x-proxy-cache: MISS
content-length: 6148
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 8810:A748:9B5FF6:9F1B29:64C8804F
x-timer: S1691682087.784801,VS0,VE2
etag: W/"64a85007-5050"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 01 Aug 2023 03:57:28 GMT

GET
H2 200 bootstrap-select.min.js Show response
attack.mitre.org/theme/scripts/ 52 KB
16 KB 37ms
35ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/bootstrap-select.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 76cc695a3853f6d2ca8cecd53394f4d815a927f1
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 118
x-cache: HIT
x-proxy-cache: MISS
content-length: 16053
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 0ADA:0C8C:E52D4D:EBBC81:64C05789
x-timer: S1691682087.784811,VS0,VE1
etag: W/"64a85007-d18c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 25 Jul 2023 23:25:22 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
attack.mitre.org/theme/scripts/ 79 KB
23 KB 62ms
61ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/bootstrap.bundle.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 124bbd8d249b86351701081fde6f3584811ecaeaa6a179154ea170d6ad48eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: fd6a3df534da5d8870ccb69675abfb17c8eb2ff0
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 118
x-cache: HIT
x-proxy-cache: HIT
content-length: 22985
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: E1C2:34AC:DC8CBA:E33B38:64D2EB0E
x-timer: S1691682087.785862,VS0,VE2
etag: W/"64a85007-13b3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 09 Aug 2023 01:33:33 GMT

GET
H2 200 site.js Show response
attack.mitre.org/theme/scripts/ 1 KB
667 B 56ms
55ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/site.js?4320
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 8262a137e2548569bb05474333def30bfdc5415d8a37348ee727b6600db493a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 92dad037d152850068d8ccae726485aa23895bce
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 118
x-cache: HIT
x-proxy-cache: MISS
content-length: 452
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 160A:13388:1595E4:16117C:64CB7F3B
x-timer: S1691682087.785749,VS0,VE2
etag: W/"64a85007-408"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 10:29:39 GMT

GET
H2 200 settings.js Show response
attack.mitre.org/theme/scripts/ 299 B
430 B 56ms
55ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/settings.js?1098
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 68e2c8df7986bd3319505fd883e8de7c9ce7e50ea24dfb1421c6dee387f2782c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 031eda90fd4f1eaa6ef93c28cc947c2308c54c99
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 183
x-cache: HIT
x-proxy-cache: MISS
content-length: 223
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 4E18:1C0D:88D9E:8C139:64CB6BA6
x-timer: S1691682087.785542,VS0,VE2
etag: W/"64a85007-12b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 09:06:06 GMT

GET
H2 200 search_bundle.js Show response
attack.mitre.org/theme/scripts/ 400 KB
106 KB 55ms
54ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 4c46ae428c0391165e1db1aa7c8231828ded1cf34482ba941eb45404a7e7c88a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 323f05feb5e412b6cb48db50a7ffe83b450e76cf
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 183
x-cache: HIT
x-proxy-cache: HIT
content-length: 107845
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 0DA0:1250C:43CDB8:45E6ED:64C1B9FB
x-timer: S1691682087.785523,VS0,VE2
etag: W/"64a85007-63f8d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 27 Jul 2023 00:37:20 GMT

GET
H2 200 navigation.js Show response
attack.mitre.org/theme/scripts/ 3 KB
1 KB 56ms
55ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/navigation.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 734a6a3d4a437089ce38cb1ede5a893f2760014278bd9fc9f6e447d0505ab801

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 74f224d507a0cb635ee4dde35726ecff9bd62eae
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 341
x-cache: HIT
x-proxy-cache: MISS
content-length: 1055
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: A962:3B1D:1F7F2B:205F04:64C87939
x-timer: S1691682087.785631,VS0,VE2
etag: W/"64a85007-cb2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 01 Aug 2023 03:27:15 GMT

GET
H2 200 bootstrap-tourist.js Show response
attack.mitre.org/theme/scripts/ 80 KB
20 KB 62ms
61ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/bootstrap-tourist.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: dfdca3b05eab23d6bb097f95ac5a75f3094e3e213e8f6c152c31d526201f05f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 1b5906d7c6759bfdf817d27bc78c1e7a61ceefac
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 90
x-cache: HIT
x-proxy-cache: HIT
content-length: 19993
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: FC9A:A77D:D66C64:DD0550:64D2E52D
x-timer: S1691682087.790599,VS0,VE2
etag: W/"64a85007-13f1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 09 Aug 2023 01:07:12 GMT

GET
H2 200 settings.js Show response
attack.mitre.org/theme/scripts/ 299 B
380 B 62ms
61ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/settings.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 68e2c8df7986bd3319505fd883e8de7c9ce7e50ea24dfb1421c6dee387f2782c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 8a5fd5e27c14d1099da28eaf1caf7b32ef61ad97
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 2
age: 183
x-cache: HIT
x-proxy-cache: MISS
content-length: 223
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 4E18:1C0D:88D9E:8C139:64CB6BA6
x-timer: S1691682087.790403,VS0,VE1
etag: W/"64a85007-12b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 09:06:06 GMT

GET
H2 200 tour-subtechniques.js Show response
attack.mitre.org/theme/scripts/tour/ 2 KB
1020 B 62ms
62ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/scripts/tour/tour-subtechniques.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/techniques/T1566/002/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 5a0a3b9de1516d3bb9cb4f99c8f202117f6888ba5ecca722c1dd05146a202bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/techniques/T1566/002/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 29248969c03f928b2e5bb3c5ea292e6e873f6827
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 290
x-cache: HIT
x-proxy-cache: MISS
content-length: 844
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: CA3A:C996:E07614:E748CF:64D2F5F7
x-timer: S1691682087.790418,VS0,VE2
etag: W/"64a85007-94a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 09 Aug 2023 02:22:08 GMT

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55b6d0fa4ad23fca99b440bc7cf5f3c9c0d0eface004a2dbbacc7a0e95c37f25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54afb34633a8680500183f5f99ee59437dbe274df4c5eec3d9570b8ac44ff4a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Roboto-Regular.ttf
attack.mitre.org/theme/fonts/Roboto/ 168 KB
89 KB 57ms
57ms Font
font/ttf 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/fonts/Roboto/Roboto-Regular.ttf
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/style.min.css?32a923e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

Referer: https://attack.mitre.org/theme/style.min.css?32a923e1
Origin: https://attack.mitre.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 36c9e4f1bc2919183188ef3866d0431883048ef5
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 465
x-cache: HIT
x-proxy-cache: MISS
content-length: 91002
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: A88E:AAB6:200436:20C716:64D4A097
x-timer: S1691682087.818818,VS0,VE2
etag: W/"64a85007-29e9c"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 10 Aug 2023 08:42:23 GMT

GET
H2 200 Roboto-Light.ttf
attack.mitre.org/theme/fonts/Roboto/ 166 KB
89 KB 53ms
53ms Font
font/ttf 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/fonts/Roboto/Roboto-Light.ttf
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/style.min.css?32a923e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6

Request headers

Referer: https://attack.mitre.org/theme/style.min.css?32a923e1
Origin: https://attack.mitre.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 3d71c4957c06c3e6f4cfd22c7c345e7b440b0906
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 465
x-cache: HIT
x-proxy-cache: MISS
content-length: 90875
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: E4C4:FC6C:200EB91:20DBA38:64CAEF49
x-timer: S1691682087.823112,VS0,VE2
etag: W/"64a85007-299b4"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 00:15:30 GMT

GET
H2 200 Roboto-Thin.ttf
attack.mitre.org/theme/fonts/Roboto/ 168 KB
88 KB 50ms
50ms Font
font/ttf 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/theme/fonts/Roboto/Roboto-Thin.ttf
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/style.min.css?32a923e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5

Request headers

Referer: https://attack.mitre.org/theme/style.min.css?32a923e1
Origin: https://attack.mitre.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: a19eb998a93a1a492b137179173eebd788eedd78
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 341
x-cache: HIT
x-proxy-cache: MISS
content-length: 89365
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:55 GMT
server: GitHub.com
x-github-request-id: 946C:1025E:1A2393A:1AEE63D:64D4874F
x-timer: S1691682087.827561,VS0,VE2
etag: W/"64a85007-29f80"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 10 Aug 2023 06:54:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62667723-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70afbaf2a625c000be5ae6cfb96c29be57b3725ae89581ef30fc2689b7c399da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82805
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 15:41:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62667723-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 13:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7023
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 10 Aug 2023 15:44:23 GMT

GET
H2 200 campaigns.json Show response
attack.mitre.org/search/ 143 KB
37 KB 12ms
12ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/campaigns.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 2fd6f83ac5b18733d149c87a9009016df6629a9f1ec90a455965edceddfb8e54

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: c5b80208dd544bc2f9b3ec5bc6a4fcd0f2328e1e
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 47
x-cache: HIT
x-proxy-cache: MISS
content-length: 37171
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 70AE:4E26:931DD2:970595:64CAFE1B
x-timer: S1691682087.960590,VS0,VE2
etag: W/"64a85004-23a03"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 01:18:44 GMT

GET
H2 200 datasources.json Show response
attack.mitre.org/search/ 776 KB
162 KB 19ms
19ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/datasources.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 9547c0128ae015532c24b5f0ab46b633eef58e3ace63a5d4768014e7032a0329

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 566c33e6e22636effd66e6ebabc73c8701a7a96a
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 465
x-cache: HIT
x-proxy-cache: HIT
content-length: 165922
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 26CC:DB75:884417:8B676D:64C85808
x-timer: S1691682087.961500,VS0,VE2
etag: W/"64a85004-c1e0e"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 01 Aug 2023 01:02:27 GMT

GET
H2 200 groups.json Show response
attack.mitre.org/search/ 1 MB
274 KB 18ms
18ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/groups.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: abf366824b83e70952d38aef60e540325fe60a571d7f0bd51492429820cee959

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 2bb811f24e7132c8f5a80a79d1425d03728eada9
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 465
x-cache: HIT
x-proxy-cache: MISS
content-length: 280114
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 7A5A:0969:4EE82B:51A1AA:64D1D986
x-timer: S1691682087.961824,VS0,VE3
etag: W/"64a85004-1343a6"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 08 Aug 2023 06:08:31 GMT

GET
H2 200 matrices.json Show response
attack.mitre.org/search/ 162 KB
17 KB 58ms
58ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/matrices.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 86d45b4603ed85fdb799012f53b5ca7055c201260ab002f50a2359ba9103addb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 0edbb6efc03072c2bcd79fd2b7557aa501fc795c
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 465
x-cache: HIT
x-proxy-cache: MISS
content-length: 16906
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 3F50:6AF7:2534:266D:64CC2D3A
x-timer: S1691682087.966376,VS0,VE2
etag: W/"64a85004-28853"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Thu, 03 Aug 2023 22:52:02 GMT

GET
H2 200 misc.json Show response
attack.mitre.org/search/ 523 KB
141 KB 57ms
57ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/misc.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 43793ea699220d7fa263ee3d69961b81a9cefc9119c4a637ce12f0ce087b7b0e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: fd557a05ad062c586e5f22312ab278b5b45d82a9
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 47
x-cache: HIT
x-proxy-cache: MISS
content-length: 143520
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 6350:675D:88BA0A:8BDDC3:64C85808
x-timer: S1691682087.966361,VS0,VE2
etag: W/"64a85004-82a7d"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 01 Aug 2023 01:05:36 GMT

GET
H2 200 mitigations.json Show response
attack.mitre.org/search/ 512 KB
108 KB 56ms
56ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/mitigations.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 117bc65c2ce02d3f999b4c3e2136e27765e2e7256a3ee75e1310a683d171d3b9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 490e379a20e5e9c197f8c2b4d540f98767e4e404
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 47
x-cache: HIT
x-proxy-cache: MISS
content-length: 110821
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 11B8:EAD6:3AF450:3CCAA4:64D19C1A
x-timer: S1691682087.966369,VS0,VE2
etag: W/"64a85004-80102"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 08 Aug 2023 01:46:26 GMT

GET
H2 200 software.json Show response
attack.mitre.org/search/ 2 MB
588 KB 56ms
56ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/software.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: a8dfc125ca7b8409ed5b4468980b423e0d73f29d566b989aed57f8083259da2f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: d541efb8ee41bccb99c0eeeac5462d0d9f4c6412
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 47
x-cache: HIT
x-proxy-cache: HIT
content-length: 601129
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 7400:EAD6:EFF5BE:F7D019:64D33AF1
x-timer: S1691682087.966291,VS0,VE2
etag: W/"64a85004-2206b3"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 09 Aug 2023 07:16:05 GMT

GET
H2 200 tactics.json Show response
attack.mitre.org/search/ 461 KB
126 KB 56ms
56ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/tactics.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 5f62d01c7dc5a5fd0838b99e610ab615942947964633180f89284d43d8f8bde2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 1b80b69b5d741db6e9e8d0c6960e504ec3d1eccb
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 465
x-cache: HIT
x-proxy-cache: MISS
content-length: 128611
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: 83AA:50FA:1E6E9F7:1F3AE63:64CAEF9E
x-timer: S1691682087.967496,VS0,VE3
etag: W/"64a85004-734ba"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 03 Aug 2023 00:16:54 GMT

GET
H2 200 techniques.json Show response
attack.mitre.org/search/ 6 MB
2 MB 55ms
55ms XHR
application/json 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/search/techniques.json
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/theme/scripts/search_bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 2e2b8b0f75125d80b19ed1ac29edbef813b5bf4276b47968cd9f8982c7d1e105

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://attack.mitre.org/techniques/T1566/002/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-fastly-request-id: 4c2cc3b610efa9745e7d6eeaff2743b062394ac4
date: Thu, 10 Aug 2023 15:41:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 47
x-cache: HIT
x-proxy-cache: MISS
content-length: 1909749
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 07 Jul 2023 17:48:52 GMT
server: GitHub.com
x-github-request-id: E55E:7260:DC5C04:E22380:64D4BB3D
x-timer: S1691682087.968043,VS0,VE5
etag: W/"64a85004-62b346"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 10 Aug 2023 10:36:05 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 15ms
15ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=294249916&t=pageview&_s=1&dl=https%3A%2F%2Fattack.mitre.org%2Ftechniques%2FT1566%2F002%2F&ul=en-us&de=UTF-8&dt=Phishing%3A%20Spearphishing%20Link%2C%20Sub-technique%20T1566.002%20-%20Enterprise%20%7C%20MITRE%20ATT%26CK%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=264142002&gjid=184872746&cid=20845828.1691682087&tid=UA-62667723-1&_gid=1299103439.1691682087&_r=1&gtm=457e3890&jsscut=1&z=543711819

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://attack.mitre.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 15:41:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://attack.mitre.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 41ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C8EHW4DS2X&gtm=45je3890&_p=294249916&cid=20845828.1691682087&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1691682087&sct=1&seg=0&dl=https%3A%2F%2Fattack.mitre.org%2Ftechniques%2FT1566%2F002%2F&dr=https%3A%2F%2Fattack.mitre.org%2Ftechniques%2FT1192%2F&dt=Phishing%3A%20Spearphishing%20Link%2C%20Sub-technique%20T1566.002%20-%20Enterprise%20%7C%20MITRE%20ATT%26CK%C2%AE&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 15:41:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://attack.mitre.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 28ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C8EHW4DS2X&gtm=45je3890&_p=294249916&cid=20845828.1691682087&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1691682087&sct=1&seg=0&dl=https%3A%2F%2Fattack.mitre.org%2Ftechniques%2FT1566%2F002%2F&dr=https%3A%2F%2Fattack.mitre.org%2Ftechniques%2FT1192%2F&dt=Phishing%3A%20Spearphishing%20Link%2C%20Sub-technique%20T1566.002%20-%20Enterprise%20%7C%20MITRE%20ATT%26CK%C2%AE&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 15:41:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://attack.mitre.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mitre.org/	1970-01-20 13:56:08	Name: _gid Value: GA1.2.1299103439.1691682087
.mitre.org/	1970-01-20 13:54:42	Name: _gat_gtag_UA_62667723_1 Value: 1
.mitre.org/	1970-01-20 23:30:42	Name: _ga Value: GA1.1.20845828.1691682087
.mitre.org/	1970-01-20 23:30:42	Name: _ga_C8EHW4DS2X Value: GS1.1.1691682087.1.0.1691682087.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	warning	URL: http://support-eu.lionnets.com/download?a=64d42e9a420fd51a6209b49f Message: The page requested an origin-keyed agent cluster using the Origin-Agent-Cluster header, but could not be origin-keyed since the origin 'http://support-eu.lionnets.com' had previously been placed in a site-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src ; style-src 'self' http:// 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.cymulate.com
attack.mitre.org
cym-files-download.s3.eu-west-1.amazonaws.com
region1.google-analytics.com
support-eu.lionnets.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:10::6816:4f1
2606:50c0:8003::153
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
52.218.24.64
54.154.126.21
0b1491c19b4fed56dff4c03dfb02a46bb1a6a5297f3be79e166b7078202acc45
117bc65c2ce02d3f999b4c3e2136e27765e2e7256a3ee75e1310a683d171d3b9
124bbd8d249b86351701081fde6f3584811ecaeaa6a179154ea170d6ad48eff8
2e2b8b0f75125d80b19ed1ac29edbef813b5bf4276b47968cd9f8982c7d1e105
2fd6f83ac5b18733d149c87a9009016df6629a9f1ec90a455965edceddfb8e54
3734af43ab485366f1217f7cd9f34c680372f7367061ca17ec54519e9b0f3051
3ae6a7bfab7524a73fda8afb924ee4ebcaede820e4aacbbadfa7a958a45bef93
3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5
43793ea699220d7fa263ee3d69961b81a9cefc9119c4a637ce12f0ce087b7b0e
45424597b815f4abb6950cd904ff6c99ab0c6373e7a9048cfad94f7a17d2e981
474446b53291573891b1056f2b98c44efaeffb2b114883e0ad152255d55a5ca0
4c46ae428c0391165e1db1aa7c8231828ded1cf34482ba941eb45404a7e7c88a
50d579034cf5e54e53ad48172173f27b9eae3cd1c493c554526510386ac0200c
54afb34633a8680500183f5f99ee59437dbe274df4c5eec3d9570b8ac44ff4a6
55b6d0fa4ad23fca99b440bc7cf5f3c9c0d0eface004a2dbbacc7a0e95c37f25
55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503
5a0a3b9de1516d3bb9cb4f99c8f202117f6888ba5ecca722c1dd05146a202bf2
5f62d01c7dc5a5fd0838b99e610ab615942947964633180f89284d43d8f8bde2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
68e2c8df7986bd3319505fd883e8de7c9ce7e50ea24dfb1421c6dee387f2782c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70afbaf2a625c000be5ae6cfb96c29be57b3725ae89581ef30fc2689b7c399da
734a6a3d4a437089ce38cb1ede5a893f2760014278bd9fc9f6e447d0505ab801
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
8117b34e40b234c456830e62ca1e0c3758d7a97111678b28c4d55a1ef3d28d48
8262a137e2548569bb05474333def30bfdc5415d8a37348ee727b6600db493a5
86d45b4603ed85fdb799012f53b5ca7055c201260ab002f50a2359ba9103addb
92232d88078e2a618a3a4a02443fa1df4649718289bb9cec2a3bbd5910b337a4
9547c0128ae015532c24b5f0ab46b633eef58e3ace63a5d4768014e7032a0329
976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6
a8dfc125ca7b8409ed5b4468980b423e0d73f29d566b989aed57f8083259da2f
aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815
abf366824b83e70952d38aef60e540325fe60a571d7f0bd51492429820cee959
c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdca3b05eab23d6bb097f95ac5a75f3094e3e213e8f6c152c31d526201f05f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7176c6dd7e777599369721113f25f00a7d0d2874f5e6bb6ef76b84a70262eda
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa56d1290557a7b0734f0b53ee6b8b31e4e36276cfb622f1a48fed56c3188730

attack.mitre.org Open in urlscan Pro 2606:50c0:8003::153 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

8 IPs

3 Countries

4057 kBTransfer

14700 kBSize

4 Cookies

118 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

attack.mitre.org Open in urlscan Pro
2606:50c0:8003::153 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

4057 kB
Transfer

14700 kB
Size

4
Cookies

43 HTTP transactions
2 data transactions