urlscan.io logo urlscan.io
SecurityTrails logo

attack.stealthbits.com Open in urlscan Pro
72.52.131.173  Public Scan

Go To Rescan Add Verdict Report
URL: https://attack.stealthbits.com/
Submission: On February 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 35 HTTP transactions. The main IP is 72.52.131.173, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is attack.stealthbits.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 18th 2018. Valid for: 2 years.
This is the only time attack.stealthbits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 72.52.131.173 32244 (LIQUIDWEB)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.174.78.146 14618 (AMAZON-AES)
35 8
23    72.52.131.173 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
attack.stealthbits.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
1    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:81b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:809::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:825::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    35.174.78.146 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-5-ue1.aws.pardot.com
pi.pardot.com
Domain Requested by
23 attack.stealthbits.com attack.stealthbits.com
4 fonts.gstatic.com attack.stealthbits.com
2 pi.pardot.com attack.stealthbits.com
pi.pardot.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.googletagmanager.com attack.stealthbits.com
1 www.google.de attack.stealthbits.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 fonts.googleapis.com attack.stealthbits.com
1 use.fontawesome.com attack.stealthbits.com
35 10

This site contains links to these domains. Also see Links.

Domain
www.stealthbits.com
Subject Issuer Validity Valid
attack.stealthbits.com
Go Daddy Secure Certificate Authority - G2		 2018-06-18 -
2020-04-05		 2 years crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2018-09-17 -
2019-11-21		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-02-13 -
2019-05-08		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-02-13 -
2019-05-08		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh
*.pardot.com
DigiCert SHA2 Secure Server CA		 2019-01-21 -
2020-01-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://attack.stealthbits.com/
Frame ID: ADD4030E67210F76B12F06223A302B68
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^pi(?:Tracker|Hostname|Protocol|CId|AId)$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

35
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

1384 kB
Transfer

2195 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=458425309&t=pageview&_s=1&dl=https%3A%2F%2Fattack.stealthbits.com%2F&ul=en-us&de=UTF-8&dt=Mitigate%2C%20Detect%2C%20and%20Prevent%20Credential%20and%20Data%20Theft%20%7C%20STEALTHbits%20Cyber%20Kill%20Chain%20Attack%20Catalog&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=677806690&gjid=770393149&cid=2099552910.1551385857&tid=UA-1582554-7&_gid=136305105.1551385857&_r=1&gtm=2ou241&z=667014291 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_gid=136305105.1551385857&gjid=770393149&_v=j73&z=667014291 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_v=j73&z=667014291 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_v=j73&z=667014291&slf_rd=1&random=3646638852

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
attack.stealthbits.com/ 		28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
8019b478134aee45eb18720b286626284cecbb94bac0aa535ef1a4310ba75d80
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
attack.stealthbits.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Last-Modified
Thu, 28 Feb 2019 20:30:56 GMT
ETag
"433fe8c27145c397a7006eead9fc7608-gzip"
Content-Encoding
gzip
Referrer-Policy
Content-Length
7020
Keep-Alive
timeout=2, max=150
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
all.js
use.fontawesome.com/releases/v5.0.9/js/ 		682 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.9/js/all.js
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://attack.stealthbits.com/
Origin
https://attack.stealthbits.com

Response headers

date
Thu, 28 Feb 2019 20:30:56 GMT
content-encoding
gzip
last-modified
Tue, 27 Mar 2018 21:11:37 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"bffc6023835e717c0348c41583e56eba"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
bootstrap.css
attack.stealthbits.com/wp-content/themes/nisarg/css/ 		144 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-content/themes/nisarg/css/bootstrap.css?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
d2301edb8df987a87ebd17a966efe5c8b77c91ad8feb58908f710bf0cb8cd0f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 11 Dec 2018 19:39:11 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"2407a-57cc43c5215c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=149
Content-Length
21588
Expires
Fri, 28 Feb 2020 20:30:56 GMT
font-awesome.min.css
attack.stealthbits.com/wp-content/themes/nisarg/font-awesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-content/themes/nisarg/font-awesome/css/font-awesome.min.css?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 06 Feb 2018 20:22:43 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"5cbb-56490f0e6f36a-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=148
Content-Length
5443
Expires
Fri, 28 Feb 2020 20:30:56 GMT
style.css
attack.stealthbits.com/wp-content/themes/nisarg/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-content/themes/nisarg/style.css?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
1f77dfd2ecba9b442befc4e122ba579823e8e1764dbf71b023afbfc146af9478
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 11 Dec 2018 19:11:22 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"884a-57cc3d8d72a80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
7675
Expires
Fri, 28 Feb 2020 20:30:56 GMT
css
fonts.googleapis.com/ 		7 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
eaf8fd4bc3ac8bcca934351063d6f9243f1a6db1b4ea48967064748990735bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 28 Feb 2019 20:30:56 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 28 Feb 2019 20:30:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 28 Feb 2019 20:30:56 GMT
jquery.js
attack.stealthbits.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Mon, 23 May 2016 13:00:30 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"17ba0-53382066b1780-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
33766
Expires
Fri, 28 Feb 2020 20:30:56 GMT
jquery-migrate.min.js
attack.stealthbits.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 20 May 2016 10:11:28 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"2748-5334350625400-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
4014
Expires
Fri, 28 Feb 2020 20:30:56 GMT
admin-sdholder.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/admin-sdholder.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
62a7043f331a1d9d8b3c88d1b6f30e5f8d5f80acb9cc0cf09e39fa3084e5f3e1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:05 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"dd2-568a4f43ea8f8"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
3538
Expires
Fri, 28 Feb 2020 20:30:56 GMT
dcshadow.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/dcshadow.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
aac06504515c2454f04b7b9d9ddc68cece1e187ee5af1309e88a83a42f8ed28b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:05 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"ed3-568a4f44413b1"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=149
Content-Length
3795
Expires
Fri, 28 Feb 2020 20:30:57 GMT
dcsync.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/dcsync.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
ec404a104ad815bc75e7c0a875ca58ba4584ac89cd7c5a744f373cd4b062fd9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:05 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"d7e-568a4f448f1c9"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=149
Content-Length
3454
Expires
Fri, 28 Feb 2020 20:30:57 GMT
golden-ticket.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/golden-ticket.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
316fafbbd34b076f4b5896f791e2dc7fe4e04e53d83709e6ea4e032914d61f87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:06 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"93b-568a4f44da8d1"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=149
Content-Length
2363
Expires
Fri, 28 Feb 2020 20:30:57 GMT
kerberoasting.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/kerberoasting.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
bfb3a107c5261079472112104001d59364ee7afcf0894288060b8889f03a2017
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:06 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"e60-568a4f4526b91"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=147
Content-Length
3680
Expires
Fri, 28 Feb 2020 20:30:57 GMT
ldap-recon.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/ldap-recon.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
08e6d61ee7dcf11a3fee28345c5e1a0457e73b7b47b3d2353005bfaddbad7fec
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:06 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"b4f-568a4f45712f9"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=147
Content-Length
2895
Expires
Fri, 28 Feb 2020 20:30:57 GMT
ntds-password-extraction.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/ntds-password-extraction.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
5665d6b959eb7ca991ea2b51a8a605e0714c6f581f2104480d9b5e7b8ffc230a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:07 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"13e2-568a4f45bc619"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=148
Content-Length
5090
Expires
Fri, 28 Feb 2020 20:30:57 GMT
pass-the-hash.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/pass-the-hash.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
a1f0fc6a45e2ac579ef1acd4fd7e6be8714946e2533120fc1c4b385674c37ad3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:07 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"ee6-568a4f460bf89"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=146
Content-Length
3814
Expires
Fri, 28 Feb 2020 20:30:57 GMT
password-spraying.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/password-spraying.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
1c2bc457d6fcf5bede48f5e8d76c5168ddc5d49ea3429164c6485f4b34634da8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:07 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"c55-568a4f4655f22"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=146
Content-Length
3157
Expires
Fri, 28 Feb 2020 20:30:57 GMT
plaintext-password-extraction.png
attack.stealthbits.com/wp-content/uploads/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/03/plaintext-password-extraction.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
bba9890947fe4b898968649a05dbfec3e332dff4ae980688228413896cc70cbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Fri, 30 Mar 2018 17:56:08 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"a9f-568a4f46a1242"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=148
Content-Length
2719
Expires
Fri, 28 Feb 2020 20:30:57 GMT
bootstrap.js
attack.stealthbits.com/wp-content/themes/nisarg/js/ 		67 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-content/themes/nisarg/js/bootstrap.js?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 06 Feb 2018 20:22:43 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"10d1a-56490f0e6ef82-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
14122
Expires
Fri, 28 Feb 2020 20:30:56 GMT
navigation.js
attack.stealthbits.com/wp-content/themes/nisarg/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-content/themes/nisarg/js/navigation.js?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
a6e9a4d24ddc59d459a87d112a1b4aeb825a43beb56041b40a1efe09b5a491ba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:56 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 06 Feb 2018 20:22:43 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"c86-56490f0e6ef82-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=149
Content-Length
1155
Expires
Fri, 28 Feb 2020 20:30:56 GMT
skip-link-focus-fix.js
attack.stealthbits.com/wp-content/themes/nisarg/js/ 		751 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-content/themes/nisarg/js/skip-link-focus-fix.js?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 06 Feb 2018 20:22:43 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"2ef-56490f0e6ef82-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=149
Content-Length
379
Expires
Fri, 28 Feb 2020 20:30:57 GMT
nisarg.js
attack.stealthbits.com/wp-content/themes/nisarg/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-content/themes/nisarg/js/nisarg.js?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
b73ec855361ff486832406e9f53820cf95319765a68d0e2d94eeb528125939b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 06 Feb 2018 20:22:43 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"8db-56490f0e6ef82-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=148
Content-Length
798
Expires
Fri, 28 Feb 2020 20:30:57 GMT
wp-embed.min.js
attack.stealthbits.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Wed, 23 Nov 2016 18:38:34 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"576-541fc323d5e80-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=148
Content-Length
751
Expires
Fri, 28 Feb 2020 20:30:57 GMT
js
www.googletagmanager.com/gtag/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1582554-7
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
8845878e7fc0db159de3cd7ad10b739d42a0f9048d5c66dc252968c3b7fa24a1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 28 Feb 2019 20:30:57 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
23694
x-xss-protection
1; mode=block
expires
Thu, 28 Feb 2019 20:30:57 GMT
wp-emoji-release.min.js
attack.stealthbits.com/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attack.stealthbits.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://attack.stealthbits.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 03 Aug 2018 08:59:17 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"2efa-5728424849a10-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=148
Content-Length
4382
Expires
Fri, 28 Feb 2020 20:30:57 GMT
cropped-city-background-new.png
attack.stealthbits.com/wp-content/uploads/2018/02/ 		836 KB
836 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attack.stealthbits.com/wp-content/uploads/2018/02/cropped-city-background-new.png
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.131.173 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
Apache /
Resource Hash
8107a3df4213d5973e8783adb854e6b24a2b6c775c567bc1b3149bc457d94191
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
attack.stealthbits.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://attack.stealthbits.com/wp-content/themes/nisarg/style.css?ver=4.9.8
Connection
keep-alive
Cache-Control
no-cache
Referer
https://attack.stealthbits.com/wp-content/themes/nisarg/style.css?ver=4.9.8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:57 GMT
Referrer-Policy
Last-Modified
Wed, 07 Feb 2018 21:03:25 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"d0faf-564a5a04ad61a"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=147
Content-Length
855983
Expires
Fri, 28 Feb 2020 20:30:57 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Origin
https://attack.stealthbits.com

Response headers

date
Fri, 25 Jan 2019 14:59:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:48 GMT
server
sffe
age
2957510
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12960
x-xss-protection
1; mode=block
expires
Sat, 25 Jan 2020 14:59:07 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Origin
https://attack.stealthbits.com

Response headers

date
Tue, 12 Feb 2019 11:41:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
1414152
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14076
x-xss-protection
1; mode=block
expires
Wed, 12 Feb 2020 11:41:45 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Origin
https://attack.stealthbits.com

Response headers

date
Tue, 29 Jan 2019 08:45:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
2634356
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13944
x-xss-protection
1; mode=block
expires
Wed, 29 Jan 2020 08:45:01 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d48183c5037dadb91300e66ceeee886c74102fbc5b7f86766cf544cc700c34eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Origin
https://attack.stealthbits.com

Response headers

date
Mon, 14 Jan 2019 19:46:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:49 GMT
server
sffe
age
3890696
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12200
x-xss-protection
1; mode=block
expires
Tue, 14 Jan 2020 19:46:01 GMT
gtm.js
www.googletagmanager.com/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-FWMT2WK
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
2e04888f78c5920cb318fd7a3026476a91a67bf3f8f7d0b505429551a1411fe7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 28 Feb 2019 20:30:57 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
19391
x-xss-protection
1; mode=block
expires
Thu, 28 Feb 2019 20:30:57 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1582554-7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
7164
date
Thu, 28 Feb 2019 18:31:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Thu, 28 Feb 2019 20:31:33 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=458425309&t=pageview&_s=1&dl=https%3A%2F%2Fattack.stealthbits.com%2F&ul=en-us&de=UTF-8&dt=Mitigate%2C%20Detect%2C%20and%20Prevent%20Credentia...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_gid=136305105.1551385857&gjid=770393149&_v=j73&z=667014291
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_v=j73&z=667014291
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_v=j73&z=667014291&slf_rd=1&random=3646638852
42 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_v=j73&z=667014291&slf_rd=1&random=3646638852
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Feb 2019 20:30:57 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Feb 2019 20:30:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1582554-7&cid=2099552910.1551385857&jid=677806690&_v=j73&z=667014291&slf_rd=1&random=3646638852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: attack.stealthbits.com
URL: https://attack.stealthbits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.78.146 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6

Request headers

Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Feb 2019 20:30:58 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified
Mon, 29 Oct 2018 21:18:00 GMT
Server
PardotServer
ETag
"13e7-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1817
Expires
Sat, 27 Feb 2021 20:30:58 GMT
analytics
pi.pardot.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=55912&account_id=72852&title=Mitigate%2C%20Detect%2C%20and%20Prevent%20Credential%20and%20Data%20Theft%20%7C%20STEALTHbits%20Cyber%20Kill%20Chain%20Attack%20Catalog&url=https%3A%2F%2Fattack.stealthbits.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.78.146 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
09527115d1ddfa3f918c86ee330a096603c450fd05020bbfe416278ca02610f2

Request headers

Referer
https://attack.stealthbits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Feb 2019 20:30:58 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp
16/53/219
Vary
Accept-Encoding,User-Agent
P3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
966
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings undefined| $ function| jQuery object| jQuery1124036015095914197204 object| screenReaderText object| wp object| dataLayer function| gtag string| piAId string| piCId string| piHostname object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome number| height object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twemoji function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piEnableTracking function| piDisableTracking function| piResponse

3 Cookies

Domain/Path Name / Value
.stealthbits.com/ Name: _gat_gtag_UA_1582554_7
Value: 1
.stealthbits.com/ Name: _gid
Value: GA1.2.136305105.1551385857
.stealthbits.com/ Name: _ga
Value: GA1.2.2099552910.1551385857

1 Console Messages

Source Level URL
Text
console-api log URL: https://attack.stealthbits.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attack.stealthbits.com
fonts.googleapis.com
fonts.gstatic.com
pi.pardot.com
stats.g.doubleclick.net
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
23.111.9.35
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81b::2008
2a00:1450:4001:825::2004
2a00:1450:400c:c0a::9c
35.174.78.146
72.52.131.173
08e6d61ee7dcf11a3fee28345c5e1a0457e73b7b47b3d2353005bfaddbad7fec
09527115d1ddfa3f918c86ee330a096603c450fd05020bbfe416278ca02610f2
1c2bc457d6fcf5bede48f5e8d76c5168ddc5d49ea3429164c6485f4b34634da8
1f77dfd2ecba9b442befc4e122ba579823e8e1764dbf71b023afbfc146af9478
2e04888f78c5920cb318fd7a3026476a91a67bf3f8f7d0b505429551a1411fe7
316fafbbd34b076f4b5896f791e2dc7fe4e04e53d83709e6ea4e032914d61f87
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
5665d6b959eb7ca991ea2b51a8a605e0714c6f581f2104480d9b5e7b8ffc230a
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
62a7043f331a1d9d8b3c88d1b6f30e5f8d5f80acb9cc0cf09e39fa3084e5f3e1
8019b478134aee45eb18720b286626284cecbb94bac0aa535ef1a4310ba75d80
8107a3df4213d5973e8783adb854e6b24a2b6c775c567bc1b3149bc457d94191
8845878e7fc0db159de3cd7ad10b739d42a0f9048d5c66dc252968c3b7fa24a1
a1f0fc6a45e2ac579ef1acd4fd7e6be8714946e2533120fc1c4b385674c37ad3
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a6e9a4d24ddc59d459a87d112a1b4aeb825a43beb56041b40a1efe09b5a491ba
aac06504515c2454f04b7b9d9ddc68cece1e187ee5af1309e88a83a42f8ed28b
b73ec855361ff486832406e9f53820cf95319765a68d0e2d94eeb528125939b8
bba9890947fe4b898968649a05dbfec3e332dff4ae980688228413896cc70cbe
bfb3a107c5261079472112104001d59364ee7afcf0894288060b8889f03a2017
d2301edb8df987a87ebd17a966efe5c8b77c91ad8feb58908f710bf0cb8cd0f6
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0
d48183c5037dadb91300e66ceeee886c74102fbc5b7f86766cf544cc700c34eb
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
eaf8fd4bc3ac8bcca934351063d6f9243f1a6db1b4ea48967064748990735bf3
ec404a104ad815bc75e7c0a875ca58ba4584ac89cd7c5a744f373cd4b062fd9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e