urlscan.io logo urlscan.io
SecurityTrails logo

portal.in.xdr.trendmicro.com Open in urlscan Pro
3.6.27.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://portal.in.xdr.trendmicro.com/info.html#/download?url=https%3A%2F%2Fupload.in.xdr.trendmicro.com%2Fass%2F72118877-8f49-499a-a3...
Effective URL: https://portal.in.xdr.trendmicro.com/info.html
Submission: On May 16 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 9 HTTP transactions. The main IP is 3.6.27.102, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is portal.in.xdr.trendmicro.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 19th 2024. Valid for: a year.
This is the only time portal.in.xdr.trendmicro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Attack Overview_20240516080000.zip 3 KB application/zip
MIME: Zip archive data, at least v1.0 to extract
Size: 3 KB (3518 bytes, 100% done)
Downloaded from: https://upload.in.xdr.trendmicro.com/ass/72118877-8f49-499a-a372-41a5b440e371/25c6197f-948e-4ccc-bacf-fbd2092ead23?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXQVNLDPDV2DWNFSM%2F20240516%2Fap-south-1%2Fs3%2Faws4_request&X-Amz-Date=20240516T080018Z&X-Amz-Expires=604800&X-Amz-Signature=c919ca9a0492cc123e7087274d6e63631a2840e06c09ce782af9b55f5d2d8c9e&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22Attack%2520Overview_20240516080000.zip%22

Domain & IP information

IP Address AS Autonomous System
7 3.6.27.102 16509 (AMAZON-02)
2 13.225.78.11 16509 (AMAZON-02)
9 3
Domain Requested by
7 portal.in.xdr.trendmicro.com portal.in.xdr.trendmicro.com
2 upload.in.xdr.trendmicro.com portal.in.xdr.trendmicro.com
9 2

This site contains links to these domains. Also see Links.

Domain
upload.in.xdr.trendmicro.com
www.trendmicro.com
us.trendmicro.com
success.trendmicro.com
Subject Issuer Validity Valid
portal.in.xdr.trendmicro.com
Entrust Certification Authority - L1K		 2024-02-19 -
2025-03-18		 a year crt.sh

This page contains 1 frames:

Frame: https://upload.in.xdr.trendmicro.com/ass/72118877-8f49-499a-a372-41a5b440e371/25c6197f-948e-4ccc-bacf-fbd2092ead23?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXQVNLDPDV2DWNFSM%2F20240516%2Fap-south-1%2Fs3%2Faws4_request&X-Amz-Date=20240516T080018Z&X-Amz-Expires=604800&X-Amz-Signature=c919ca9a0492cc123e7087274d6e63631a2840e06c09ce782af9b55f5d2d8c9e&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22Attack%2520Overview_20240516080000.zip%22
Frame ID: 5E964BC4D57744448A7604997D7B05E3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trend Vision Oneā„¢

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

2
Countries

556 kB
Transfer

1785 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request info.html
portal.in.xdr.trendmicro.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.in.xdr.trendmicro.com/info.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.27.102 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-27-102.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3087037d212179a0c97926ac8878e576166584a3f10c9b59e52602be333fe4d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
content-type
text/html
date
Thu, 16 May 2024 08:21:08 GMT
etag
W/"663ca7a0-742"
expires
Thu, 16 May 2024 08:21:07 GMT
last-modified
Thu, 09 May 2024 10:38:24 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1
info.a9db1fa3.js
portal.in.xdr.trendmicro.com/js/ 		39 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.in.xdr.trendmicro.com/js/info.a9db1fa3.js
Requested by
Host: portal.in.xdr.trendmicro.com
URL: https://portal.in.xdr.trendmicro.com/info.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.27.102 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-27-102.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
567306a42958398b51040b7e428f583fad7c69bc2cdc915b665041b61196a33b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.in.xdr.trendmicro.com/info.html
Origin
https://portal.in.xdr.trendmicro.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 08:21:08 GMT
content-security-policy
default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 09 May 2024 10:38:24 GMT
server
nginx
content-encoding
gzip
etag
W/"663ca7a0-9af6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800, no-store, no-cache, must-revalidate
x-xss-protection
1
expires
Thu, 16 May 2024 08:51:08 GMT
vendors.697a2c22.js
portal.in.xdr.trendmicro.com/js/ 		837 KB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.in.xdr.trendmicro.com/js/vendors.697a2c22.js
Requested by
Host: portal.in.xdr.trendmicro.com
URL: https://portal.in.xdr.trendmicro.com/info.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.27.102 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-27-102.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
783cbb6eef95ec2ca758e6b8d7398663541ca6a69ed5174a537a6cf809d87b17
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.in.xdr.trendmicro.com/info.html
Origin
https://portal.in.xdr.trendmicro.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 08:21:08 GMT
content-security-policy
default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 09 May 2024 10:38:24 GMT
server
nginx
content-encoding
gzip
etag
W/"663ca7a0-d14c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800, no-store, no-cache, must-revalidate
x-xss-protection
1
expires
Thu, 16 May 2024 08:51:08 GMT
icon.dc0f2053.js
portal.in.xdr.trendmicro.com/js/ 		248 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.in.xdr.trendmicro.com/js/icon.dc0f2053.js
Requested by
Host: portal.in.xdr.trendmicro.com
URL: https://portal.in.xdr.trendmicro.com/info.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.27.102 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-27-102.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7c6962c9203f1b270a3a9698e378292bcdbb5b051b18b575c06055249c8e55ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.in.xdr.trendmicro.com/info.html
Origin
https://portal.in.xdr.trendmicro.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 08:21:08 GMT
content-security-policy
default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 09 May 2024 10:38:24 GMT
server
nginx
content-encoding
gzip
etag
W/"663ca7a0-3e01c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800, no-store, no-cache, must-revalidate
x-xss-protection
1
expires
Thu, 16 May 2024 08:51:08 GMT
style.4ce7efb4.css
portal.in.xdr.trendmicro.com/css/ 		645 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.in.xdr.trendmicro.com/css/style.4ce7efb4.css
Requested by
Host: portal.in.xdr.trendmicro.com
URL: https://portal.in.xdr.trendmicro.com/info.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.27.102 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-27-102.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4ce7efb40c4d63987080b0f0f2644ef14bfd4cdc72d346adf24366a08d94e2d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.in.xdr.trendmicro.com/info.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 08:21:08 GMT
content-security-policy
default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 09 May 2024 10:38:24 GMT
server
nginx
content-encoding
gzip
etag
W/"663ca7a0-a1336"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800, no-store, no-cache, must-revalidate
x-xss-protection
1
expires
Thu, 16 May 2024 08:51:08 GMT
25c6197f-948e-4ccc-bacf-fbd2092ead23
upload.in.xdr.trendmicro.com/ass/72118877-8f49-499a-a372-41a5b440e371/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://upload.in.xdr.trendmicro.com/ass/72118877-8f49-499a-a372-41a5b440e371/25c6197f-948e-4ccc-bacf-fbd2092ead23?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXQVNLDPDV2DWNFSM%2F20240516%2Fap-south-1%2Fs3%2Faws4_request&X-Amz-Date=20240516T080018Z&X-Amz-Expires=604800&X-Amz-Signature=c919ca9a0492cc123e7087274d6e63631a2840e06c09ce782af9b55f5d2d8c9e&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22Attack%2520Overview_20240516080000.zip%22
Requested by
Host: portal.in.xdr.trendmicro.com
URL: https://portal.in.xdr.trendmicro.com/js/vendors.697a2c22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-11.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b340f2a8298bf14950eeb52f8441f9c7ceab2f0b615d9ba9b558e717a6af5cc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://portal.in.xdr.trendmicro.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 08:21:11 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-disposition
attachment; filename="Attack%20Overview_20240516080000.zip"
content-length
3518
last-modified
Thu, 16 May 2024 08:00:19 GMT
server
AmazonS3
etag
"55e5afa59550bbf76b36a440fa1f0708"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
PUT, POST, DELETE, HEAD, GET
content-type
application/x-www-form-urlencoded
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
73UsK5H5S9tvRM6Qr74qUHYdkEhvwOnE7fRRxPKXjZIRjgLDf6j0BA==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa6e983dfdc1d5c1262f55f7f51042deb9980551ec0265f481435ca42e00f825

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
tball.b24f15bd.svg
portal.in.xdr.trendmicro.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.in.xdr.trendmicro.com/images/tball.b24f15bd.svg
Requested by
Host: portal.in.xdr.trendmicro.com
URL: https://portal.in.xdr.trendmicro.com/css/style.4ce7efb4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.27.102 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-27-102.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b24f15bdbd67495bdfa7d824ac467d9a3062b09b787ba53f88c554aa64e1cf1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.in.xdr.trendmicro.com/css/style.4ce7efb4.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 08:21:09 GMT
content-security-policy
default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 09 May 2024 10:38:24 GMT
server
nginx
etag
"663ca7a0-cfb"
content-type
image/svg+xml
cache-control
max-age=1800, no-store, no-cache, must-revalidate
accept-ranges
bytes
content-length
3323
x-xss-protection
1
expires
Thu, 16 May 2024 08:51:09 GMT
logo.png
portal.in.xdr.trendmicro.com/images/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.in.xdr.trendmicro.com/images/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.27.102 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-27-102.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39e8aee62b2045144ecb70ec8c66558b4bf5d7167e7b3982bccb77a9df91a672
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal.in.xdr.trendmicro.com/info.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 08:21:10 GMT
content-security-policy
default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 09 May 2024 10:38:22 GMT
server
nginx
etag
"663ca79e-f1b"
content-type
image/png
cache-control
max-age=86400, no-store, no-cache, must-revalidate
accept-ranges
bytes
content-length
3867
x-xss-protection
1
expires
Fri, 17 May 2024 08:21:10 GMT
25c6197f-948e-4ccc-bacf-fbd2092ead23
upload.in.xdr.trendmicro.com/ass/72118877-8f49-499a-a372-41a5b440e371/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://upload.in.xdr.trendmicro.com/ass/72118877-8f49-499a-a372-41a5b440e371/25c6197f-948e-4ccc-bacf-fbd2092ead23?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXQVNLDPDV2DWNFSM%2F20240516%2Fap-south-1%2Fs3%2Faws4_request&X-Amz-Date=20240516T080018Z&X-Amz-Expires=604800&X-Amz-Signature=c919ca9a0492cc123e7087274d6e63631a2840e06c09ce782af9b55f5d2d8c9e&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22Attack%2520Overview_20240516080000.zip%22
Requested by
Host: portal.in.xdr.trendmicro.com
URL: https://portal.in.xdr.trendmicro.com/js/info.a9db1fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-11.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portal.in.xdr.trendmicro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-methods
PUT, POST, DELETE, HEAD, GET
access-control-allow-origin
*
content-disposition
attachment; filename="Attack%20Overview_20240516080000.zip"
content-length
3518
content-type
application/x-www-form-urlencoded
date
Thu, 16 May 2024 08:21:12 GMT
etag
"55e5afa59550bbf76b36a440fa1f0708"
last-modified
Thu, 16 May 2024 08:00:19 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-id
gDSuloeWWSPs_DcPBqMtHrlju1bsh2PGbXBCAFTGG2PwCX2N98TykA==
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d19c9b946052f7875d298fa1997b8950a8ac16fa75b3b5758316ea487b7a19c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIE object| __VUE_INSTANCE_SETTERS__ object| regeneratorRuntime boolean| __INTLIFY__ boolean| _VISION_PORTAL string| _VERSION string| _CURRENT_REGION boolean| _TRACKABLE string| _CURRENT_ENV boolean| __VUE__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: https://* blob: mailto:; script-src 'self' 'nonce-Q0rtEp536WS9' 'unsafe-hashes' 'sha256-IDYp8NCLsTl3kylUC6WxDdBzsDyH4/bLeShztbISnmE=' 'sha256-9YPr1taDf2ngIQZqbDJzPbKQvAWJgDWPFOJLUYw3zSI=' 'sha256-Qvjcti0SeGELFY0/+RA1H76s/IpPldsD+7ndp10ZWDY=' 'sha256-eIA/V33EnqGt2y9PbuqnVqJtCE9H5TbB7y0VXNyvhyU=' 'unsafe-eval' https://*.trendmicro.com https://www.youtube.com https://*.tinymce.com https://*.tiny.cloud https://*.pendo.io https://*.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google.com.hk https://www.google.com https://powerbox-na-file.trend.org; img-src 'self' data: https://*; style-src 'self' 'unsafe-inline' https://*.trendmicro.com https://ei-us1.mgcp.a1q7.net https://*.pendo.io https://*.tinymce.com https://*.tiny.cloud https://*.googleapis.com; connect-src 'self' https://* wss://*; frame-ancestors 'self' https://*.trendmicro.com https://*.pendo.io; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1