Submitted URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Effective URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations...
Submission: On June 13 via manual from IN — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 46 HTTP transactions. The main IP is 162.240.109.111, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is itglobalnews.info.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 4th 2023. Valid for: a year.
This is the only time itglobalnews.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 162.240.109.111 46606 (UNIFIEDLA...)
3 104.18.10.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 104.17.24.14 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 104.26.12.205 13335 (CLOUDFLAR...)
1 2606:4700:20:... ()
1 145.226.46.148 ()
46 9
Apex Domain
Subdomains
Transfer
19 itglobalnews.info
itglobalnews.info
1 MB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
120 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1267
60 KB
1 creditmutuel.fr
www.creditmutuel.fr
1 KB
1 ipapi.co
ipapi.co
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2557
162 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
255 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
102 KB
46 8
Domain Requested by
19 itglobalnews.info itglobalnews.info
4 cdnjs.cloudflare.com itglobalnews.info
3 maxcdn.bootstrapcdn.com itglobalnews.info
1 www.creditmutuel.fr itglobalnews.info
1 ipapi.co cdnjs.cloudflare.com
1 api.ipify.org itglobalnews.info
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com itglobalnews.info
46 8

This site contains no links.

Subject Issuer Validity Valid
www.itglobalnews.info
Sectigo RSA Domain Validation Secure Server CA
2023-10-04 -
2024-10-03
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-05-25 -
2024-08-23
3 months crt.sh
*.google-analytics.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
ipify.org
GTS CA 1P5
2024-05-19 -
2024-08-17
3 months crt.sh
ipapi.co
E1
2024-05-07 -
2024-08-05
3 months crt.sh
www.creditmutuel.fr
GlobalSign Extended Validation CA - SHA256 - G3
2023-08-04 -
2024-09-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Frame ID: E0962FE54DCA38E114F23AD89F97A080
Requests: 46 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp Page URL
  2. https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

67 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

1704 kB
Transfer

2712 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp Page URL
  2. https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sntlo-takingonturla980download.jsp
itglobalnews.info/reports/
2 KB
3 KB
Document
General
Full URL
https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
76d3e22ca7bc6529e0c686872a3b079f80e6fdfcf9df7727b4184dca67998d93

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Length
2276
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Jun 2024 06:21:51 GMT
Keep-Alive
timeout=5, max=100
Server
Apache-Coyote/1.1
bootstrap.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
143 KB
26 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7901977
cdn-cachedat
05/01/2023 17:35:27
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"2a31dca112f26923b51676cb764c58d5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
30d77b317230259b84442af6f8c7fa17
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
892ffb9d5a782c35-FRA
cdn-requestpullsuccess
True
ABIresearch83045.css
itglobalnews.info/reports/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://itglobalnews.info/reports/css/ABIresearch83045.css
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
2ca73b1c5104090e1ae2e5e62f0cf50a1adf038e288b192fa73e51e8e1ceb578

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:51 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:28 GMT
Server
Apache-Coyote/1.1
ETag
W/"1382-1687396468000"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1382
js
www.googletagmanager.com/gtag/
305 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S5K4E1M5HK
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e9d60129bb6579fe2ff098f37a94d8090333105c49fb8fa2c8db591ca432871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103648
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 06:21:51 GMT
SentinelOne-Logo68.png
itglobalnews.info/reports/img/
34 KB
34 KB
Image
General
Full URL
https://itglobalnews.info/reports/img/SentinelOne-Logo68.png
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
64991a268b1f46805c13eeead68165e07750a0009cc5268dfc74df94d6ecbda5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:51 GMT
Last-Modified
Mon, 19 Feb 2024 07:04:15 GMT
Server
Apache-Coyote/1.1
ETag
W/"34690-1708326255258"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
34690
sntlo-takingonturla667.PNG
itglobalnews.info/reports/img/
489 KB
489 KB
Image
General
Full URL
https://itglobalnews.info/reports/img/sntlo-takingonturla667.PNG
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
826a24e709900e5a13fb3803a5eece4dd2394a7d2804fddbf06297683fd4a07f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:51 GMT
Last-Modified
Tue, 16 Apr 2024 18:37:03 GMT
Server
Apache-Coyote/1.1
ETag
W/"500546-1713292623131"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
500546
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/
262 KB
65 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
135377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66006
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-41707"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=af7mvjfbN6JMQCPjQI2CNZ87RWvH0Kv%2BlyPyNlRjYRvEYnA6FUz3xsF38p3qjAZdKS1a6154IJkP1GfRc%2FNDdBDOofvpyjsyEZYq75IUxgOw0KBUX2JMwdPL0M1jeUR1XKLjlb6C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
892ffb9e880a1903-FRA
expires
Tue, 03 Jun 2025 06:21:51 GMT
collect
region1.google-analytics.com/g/
0
255 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S5K4E1M5HK&gtm=45je46c0v9176942353za200&_p=1718259711749&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=847531320.1718259712&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718259711&sct=1&seg=0&dl=https%3A%2F%2Fitglobalnews.info%2Freports%2Fsntlo-takingonturla980download.jsp&dt=Taking%20on%20Turla%20-%202023%20MITRE%20Engenuity%20ATT%26CK%C3%82%C2%AE%20Evaluations&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=939
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5K4E1M5HK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 06:21:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itglobalnews.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MB-LogoF.png
itglobalnews.info/reports/img/
119 KB
120 KB
Other
General
Full URL
https://itglobalnews.info/reports/img/MB-LogoF.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
3f1686f548cd98c267b5ed3ab9ec5a4c850b6e427fe5cc828f7c255168802d70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:53 GMT
Last-Modified
Tue, 23 Jan 2024 06:50:21 GMT
Server
Apache-Coyote/1.1
ETag
W/"122111-1705992621987"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
122111
Primary Request viewer.jsp
itglobalnews.info/reports/web/
39 KB
39 KB
Document
General
Full URL
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
3d040e8994e7541f572bec578c93ef2df6c2e0f63bbaac8a3e4e0b651ec289bb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://itglobalnews.info/reports/sntlo-takingonturla980download.jsp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Jun 2024 06:21:54 GMT
Keep-Alive
timeout=5, max=98
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
collect
region1.google-analytics.com/g/
0
0

collect
region1.google-analytics.com/g/
0
0

jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/
262 KB
0
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
135377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66006
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-41707"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=af7mvjfbN6JMQCPjQI2CNZ87RWvH0Kv%2BlyPyNlRjYRvEYnA6FUz3xsF38p3qjAZdKS1a6154IJkP1GfRc%2FNDdBDOofvpyjsyEZYq75IUxgOw0KBUX2JMwdPL0M1jeUR1XKLjlb6C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
892ffb9e880a1903-FRA
expires
Tue, 03 Jun 2025 06:21:51 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
723631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27277
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67aJe1pIxqp3TCfrn9fGNr59FFYPY%2FKHenrIrOLxu2n0ArzlI69FvgNlORNlSn5CcmoZA6bB%2F9PrzDHIbSe7GWl0y2Xe3Mb%2BRl4Y2EATY0KO1YOJighVwjb4HLWINo%2FfELDjDzs0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
892ffbb2df161903-FRA
expires
Tue, 03 Jun 2025 06:21:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/
86 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1678180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf4sI93fsUwt%2BDzPel8eNIOFh9My4ij5fhmqNFx0NldUzaftIn6V9v118nvoej45kTYbYkljq1m4xJ90RQelVt4DD%2FobXt9iq7WFiUIwbp1OyLf3vaMGrdO7eYc495DaVU4ifgSx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
892ffbb2df1f1903-FRA
expires
Tue, 03 Jun 2025 06:21:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
22 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1077
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
317551
cdn-cachedat
03/18/2024 12:13:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6deaaff9b1ec12880bed24edb13ba95a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
892ffbb2dd8c2c35-FRA
cdn-requestpullsuccess
True
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1047
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2268730
cdn-cachedat
03/18/2024 12:13:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3e4803ebcd67682eccd326d11a83c865
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
892ffbb2dd8d2c35-FRA
cdn-requestpullsuccess
True
bowser.js
itglobalnews.info/reports/web/
17 KB
18 KB
Script
General
Full URL
https://itglobalnews.info/reports/web/bowser.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
d9dff8c0ade388f07b9871274c7b0e45c6373960ae43b09980153e25a4abbc40

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:54 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"17702-1687396470000"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
17702
client.min.js
itglobalnews.info/reports/web/
46 KB
46 KB
Script
General
Full URL
https://itglobalnews.info/reports/web/client.min.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
caca6e51a43ebc380d144a8de943f6b02ccf6b1924c06f89de61f3cb1f4b0819

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:54 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:28 GMT
Server
Apache-Coyote/1.1
ETag
W/"46944-1687396468000"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
46944
viewer.css
itglobalnews.info/reports/web/
49 KB
50 KB
Stylesheet
General
Full URL
https://itglobalnews.info/reports/web/viewer.css
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
6c98ccf79286a2504ec0f61b704f110d9850e848b548d06e590ebf81c0f4a7f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:54 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"50530-1687396470000"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
50530
compatibility.js
itglobalnews.info/reports/web/
19 KB
19 KB
Script
General
Full URL
https://itglobalnews.info/reports/web/compatibility.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
a2518d1184971d090783973f7a2a7249bf03632ef5c0f4ebe79cb8531e7147d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:54 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:28 GMT
Server
Apache-Coyote/1.1
ETag
W/"19370-1687396468000"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
19370
l10n.js
itglobalnews.info/reports/web/
29 KB
29 KB
Script
General
Full URL
https://itglobalnews.info/reports/web/l10n.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
f9efa2ec298513564252406bb3406391aabefbd65b2221fc2e41b9ede9243e83

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:54 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:28 GMT
Server
Apache-Coyote/1.1
ETag
W/"29293-1687396468000"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
29293
pdf.js
itglobalnews.info/reports/build/
302 KB
302 KB
Script
General
Full URL
https://itglobalnews.info/reports/build/pdf.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
e6f1d2cb2a6b70d5efa1a59c2ec5b815b49b6e1a53c4e072c8126cf4b1fa483e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:54 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"309157-1687396470000"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
309157
viewer.js
itglobalnews.info/reports/web/
265 KB
265 KB
Script
General
Full URL
https://itglobalnews.info/reports/web/viewer.js
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
7590bc3b8f11d85893d4c0c9e262e027c11e671bc8cc4dc3e35cb87838bcd688

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:54 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"270919-1687396470000"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
270919
/
api.ipify.org/
27 B
162 B
Script
General
Full URL
https://api.ipify.org/?format=jsonp&callback=getIP
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d249b09c3a7f646e48913077b01f4ee6ec15f4d4157223f58872af6140e2e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
892ffbb3ff5430c9-FRA
content-length
27
vary
Origin
content-type
application/javascript
json
ipapi.co/81.95.5.44/
737 B
0
XHR
General
Full URL
https://ipapi.co/81.95.5.44/json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:82c -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Host, origin
allow
GET, OPTIONS, OPTIONS, POST, HEAD
content-type
application/json
access-control-allow-origin
https://itglobalnews.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNGIUtqsCL2dME2S5I2a0doAP%2BCLuTr9LFPfBdPGOwFyQliuuh%2BEJPSQ1HIimxa4PXvt5VaM2ltWP5JWrX2T00B4ej5wHTFL8o3Kzf%2F8OPmrdR%2B9fuaQxwSStiyKjbIohxNRSOdA"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
cf-ray
892ffbbba92f03ac-FRA
texture.png
itglobalnews.info/reports/web/images/
2 KB
3 KB
Image
General
Full URL
https://itglobalnews.info/reports/web/images/texture.png
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
161fb247ede7ecb867d864863b8e3de3a93daae6286fce1ab7c3700f55112c9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:56 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"2417-1687396470000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2417
loading.gif
www.creditmutuel.fr/cmne/fr/banques/webservices/nswr/images/
975 B
1 KB
Image
General
Full URL
https://www.creditmutuel.fr/cmne/fr/banques/webservices/nswr/images/loading.gif
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.jsp?file=Taking%20on%20Turla%202023%20MITRE%20Engenuity%20ATT%20CKEvaluations%20667.pdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.46.148 -, , ASN (),
Reverse DNS
Software
eiws /
Resource Hash
0536e5f47952044e113d7fe8af6b1223df693abb2cbf8a917c5b9b0d22efa817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:56 GMT
Strict-Transport-Security
max-age=31536000
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Feb 2024 16:11:19 GMT
Server
eiws
ETag
"3cf-610f52da3b7c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
public, max-age=31536000, immutable
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=50
Content-Length
975
X-XSS-Protection
1; mode=block
toolbarButton-viewThumbnail.png
itglobalnews.info/reports/web/images/
185 B
466 B
Image
General
Full URL
https://itglobalnews.info/reports/web/images/toolbarButton-viewThumbnail.png
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
32170f852e6761cbbcfbb87175bfd6d84ed73823def767b1a7bdd058c6a3030a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:56 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:28 GMT
Server
Apache-Coyote/1.1
ETag
W/"185-1687396468000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
185
toolbarButton-viewOutline.png
itglobalnews.info/reports/web/images/
178 B
459 B
Image
General
Full URL
https://itglobalnews.info/reports/web/images/toolbarButton-viewOutline.png
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
f4bf8e4b3ddd92edaa4f3d39da434aa55ca52f487964cfe139242a29cfb596bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:56 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:28 GMT
Server
Apache-Coyote/1.1
ETag
W/"178-1687396468000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
178
toolbarButton-viewAttachments.png
itglobalnews.info/reports/web/images/
384 B
665 B
Image
General
Full URL
https://itglobalnews.info/reports/web/images/toolbarButton-viewAttachments.png
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
0bce5882a5b8caabd453fcc98c3d017f5663c845f50a00dcc78df854248b7d20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:56 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"384-1687396470000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
384
toolbarButton-sidebarToggle.png
itglobalnews.info/reports/web/images/
225 B
507 B
Image
General
Full URL
https://itglobalnews.info/reports/web/images/toolbarButton-sidebarToggle.png
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
b97006dda25f0b3908ce7604108261ff8ab1e1984118f3dac296428bcf34b1a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:56 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"225-1687396470000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
225
toolbarButton-search.png
itglobalnews.info/reports/web/images/
309 B
591 B
Image
General
Full URL
https://itglobalnews.info/reports/web/images/toolbarButton-search.png
Requested by
Host: itglobalnews.info
URL: https://itglobalnews.info/reports/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.itglobalnews.info
Software
Apache-Coyote/1.1 /
Resource Hash
0a0c8700265901b93feb0814d2db720d0e4f0b66ebfa98f717d1dc4e28e36646

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://itglobalnews.info/reports/web/viewer.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 06:21:56 GMT
Last-Modified
Thu, 22 Jun 2023 01:14:30 GMT
Server
Apache-Coyote/1.1
ETag
W/"309-1687396470000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
309
toolbarButton-pageUp.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-pageDown.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-presentationMode.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-openFile.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-print.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-download.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-bookmark.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-secondaryToolbarToggle.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-zoomOut.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-zoomIn.png
itglobalnews.info/reports/web/images/
0
0

toolbarButton-menuArrows.png
itglobalnews.info/reports/web/images/
0
0

locale.properties
itglobalnews.info/reports/web/locale/
0
0

pdf.worker.js
itglobalnews.info/reports/build/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S5K4E1M5HK&gtm=45je46c0v9176942353za200&_p=1718259711749&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=847531320.1718259712&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718259711&sct=1&seg=0&dl=https%3A%2F%2Fitglobalnews.info%2Freports%2Fsntlo-takingonturla980download.jsp&dt=Taking%20on%20Turla%20-%202023%20MITRE%20Engenuity%20ATT%26CK%C3%82%C2%AE%20Evaluations&en=scroll&epn.percent_scrolled=90&_et=3&tfd=4054
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S5K4E1M5HK&gtm=45je46c0v9176942353za200&_p=1718259711749&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=847531320.1718259712&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1718259711&sct=1&seg=0&dl=https%3A%2F%2Fitglobalnews.info%2Freports%2Fsntlo-takingonturla980download.jsp&dt=Taking%20on%20Turla%20-%202023%20MITRE%20Engenuity%20ATT%26CK%C3%82%C2%AE%20Evaluations&en=user_engagement&_et=3106&tfd=4054
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-pageUp.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-pageDown.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-presentationMode.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-openFile.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-print.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-download.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-bookmark.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-secondaryToolbarToggle.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-zoomOut.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-zoomIn.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/images/toolbarButton-menuArrows.png
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/web/locale/locale.properties
Domain
itglobalnews.info
URL
https://itglobalnews.info/reports/build/pdf.worker.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| pagearray object| startTime object| bowser

3 Cookies

Domain/Path Name / Value
itglobalnews.info/reports Name: JSESSIONID
Value: 635E0D376B27DAABD8B76BD8868D28C3
.itglobalnews.info/ Name: _ga
Value: GA1.1.847531320.1718259712
.itglobalnews.info/ Name: _ga_S5K4E1M5HK
Value: GS1.1.1718259711.1.0.1718259714.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdnjs.cloudflare.com
ipapi.co
itglobalnews.info
maxcdn.bootstrapcdn.com
region1.google-analytics.com
www.creditmutuel.fr
www.googletagmanager.com
itglobalnews.info
region1.google-analytics.com
104.17.24.14
104.18.10.207
104.26.12.205
145.226.46.148
162.240.109.111
2001:4860:4802:34::36
2606:4700:20::681a:82c
2a00:1450:4001:830::2008
0536e5f47952044e113d7fe8af6b1223df693abb2cbf8a917c5b9b0d22efa817
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a0c8700265901b93feb0814d2db720d0e4f0b66ebfa98f717d1dc4e28e36646
0bce5882a5b8caabd453fcc98c3d017f5663c845f50a00dcc78df854248b7d20
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
161fb247ede7ecb867d864863b8e3de3a93daae6286fce1ab7c3700f55112c9e
1e9d60129bb6579fe2ff098f37a94d8090333105c49fb8fa2c8db591ca432871
2ca73b1c5104090e1ae2e5e62f0cf50a1adf038e288b192fa73e51e8e1ceb578
32170f852e6761cbbcfbb87175bfd6d84ed73823def767b1a7bdd058c6a3030a
39d249b09c3a7f646e48913077b01f4ee6ec15f4d4157223f58872af6140e2e4
3d040e8994e7541f572bec578c93ef2df6c2e0f63bbaac8a3e4e0b651ec289bb
3f1686f548cd98c267b5ed3ab9ec5a4c850b6e427fe5cc828f7c255168802d70
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
64991a268b1f46805c13eeead68165e07750a0009cc5268dfc74df94d6ecbda5
6c98ccf79286a2504ec0f61b704f110d9850e848b548d06e590ebf81c0f4a7f7
7590bc3b8f11d85893d4c0c9e262e027c11e671bc8cc4dc3e35cb87838bcd688
76d3e22ca7bc6529e0c686872a3b079f80e6fdfcf9df7727b4184dca67998d93
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
826a24e709900e5a13fb3803a5eece4dd2394a7d2804fddbf06297683fd4a07f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a2518d1184971d090783973f7a2a7249bf03632ef5c0f4ebe79cb8531e7147d9
b97006dda25f0b3908ce7604108261ff8ab1e1984118f3dac296428bcf34b1a3
caca6e51a43ebc380d144a8de943f6b02ccf6b1924c06f89de61f3cb1f4b0819
d9dff8c0ade388f07b9871274c7b0e45c6373960ae43b09980153e25a4abbc40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1d2cb2a6b70d5efa1a59c2ec5b815b49b6e1a53c4e072c8126cf4b1fa483e
f4bf8e4b3ddd92edaa4f3d39da434aa55ca52f487964cfe139242a29cfb596bf
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9efa2ec298513564252406bb3406391aabefbd65b2221fc2e41b9ede9243e83