urlscan.io logo urlscan.io
SecurityTrails logo

atomicredteam.io Open in urlscan Pro
185.199.111.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiuRHy-Au6LiIbIV_g=
Effective URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC...
Submission: On September 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 185.199.111.153, located in United States and belongs to FASTLY, US. The main domain is atomicredteam.io.
TLS certificate: Issued by R3 on August 27th 2022. Valid for: 3 months.
This is the only time atomicredteam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.70.206 13335 (CLOUDFLAR...)
9 185.199.111.153 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
19 6
1    104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)
i.redcanary.com
9    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
atomicredteam.io
4    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 atomicredteam.io
atomicredteam.io
1 MB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
180 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2989
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
116 KB
1 redcanary.com
i.redcanary.com
1 KB
19 5
Domain Requested by
9 atomicredteam.io i.redcanary.com
atomicredteam.io
4 cdn.jsdelivr.net atomicredteam.io
cdn.jsdelivr.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com atomicredteam.io
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 i.redcanary.com
19 6

This site contains links to these domains. Also see Links.

Domain
slack.atomicredteam.io
attack.mitre.org
github.com
twitter.com
redcanary.com
Subject Issuer Validity Valid
i.redcanary.com
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
atomicredteam.io
R3		 2022-08-27 -
2022-11-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Frame ID: 0872353A74295B5712EA265A896D2B50
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Explore Atomic Red Team

Page URL History Show full URLs

  1. https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiu... Page URL
  2. https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1637 kB
Transfer

3439 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiuRHy-Au6LiIbIV_g= Page URL
  2. https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiuRHy-Au6LiIbIV_g=
i.redcanary.com/ 		513 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiuRHy-Au6LiIbIV_g=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-JiYdTfLCIz4p+5YdkrGzLZxQWv75udALQ6VTeS5ZpJ4=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
74b154199b659060-FRA
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-JiYdTfLCIz4p+5YdkrGzLZxQWv75udALQ6VTeS5ZpJ4=';object-src 'none';form-action:'none';frame-src:'none'
content-type
text/html;charset=UTF-8
date
Thu, 15 Sep 2022 12:22:33 GMT
referrer-policy
strict-origin
server
cloudflare
x-frame-options
SAMEORIGIN
x-request-id
9a3ed1105358e798
Primary Request /
atomicredteam.io/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Requested by
Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiuRHy-Au6LiIbIV_g=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
d56c917e733df89c028a1a3db4ba244126082da06ce653f3e8af2fcb863c128f

Request headers

Referer
https://i.redcanary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
349
cache-control
max-age=600
content-encoding
gzip
content-length
3306
content-type
text/html; charset=utf-8
date
Thu, 15 Sep 2022 12:22:34 GMT
etag
W/"63229473-282e"
expires
Thu, 15 Sep 2022 06:16:00 GMT
last-modified
Thu, 15 Sep 2022 02:56:51 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
8b921060ae3dd8189b42d3a3707dbf51d53bc76e
x-github-request-id
D0E6:F4BF:1BE60A:1D848B:6322C0C8
x-proxy-cache
MISS
x-served-by
cache-hhn4064-HHN
x-timer
S1663244554.026453,VS0,VE1
main.css
atomicredteam.io/assets/css/ 		65 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atomicredteam.io/assets/css/main.css
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
6d004b92e8f22f21b947678a46e5ba13e6e514c8a69bfdb901c7ee7a4340fd1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
d26233316ffe81d16206029ea0f5bcf1a176e180
date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
gzip
age
444
x-cache
HIT
content-length
13051
x-served-by
cache-hhn4064-HHN
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 02:56:51 GMT
server
GitHub.com
x-github-request-id
CDBE:C542:1C48B5:1DDF83:6322C0C8
x-timer
S1663244554.057337,VS0,VE4
etag
W/"63229473-102e4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Thu, 15 Sep 2022 06:16:00 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22176
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pqn%2FIISezcRRlul9friwBLJWqbfhyEDYMN4yNljYUNxQMLzubKDUcdrSPT4rTgOJE0PCt2hFFhWw%2FYEh22OcUeZt37f%2Bw0LMum9RIAGSkRXREBQ3x7wXVObUBgc13vJpb7cD896t47J1grwHnOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74b1541f2f6e01f0-ZRH
logo.png
atomicredteam.io/static/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atomicredteam.io/static/logo.png
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
4de99acb9ce7fcb4127d2ee3eedb1b1925bb37d0ce66cb817a15e4448a34365f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
61d7367e843ecf06c30f2f3ab54f7a9e2c982dc2
date
Thu, 15 Sep 2022 12:22:34 GMT
via
1.1 varnish
age
0
x-cache
HIT
x-cache-hits
1
content-length
300698
x-served-by
cache-hhn4064-HHN
last-modified
Thu, 15 Sep 2022 02:56:32 GMT
server
GitHub.com
x-github-request-id
6A22:C4B8:2C213B:2D6F41:6323174D
x-timer
S1663244554.085487,VS0,VE93
etag
"63229460-4969a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 15 Sep 2022 12:25:09 GMT
main.min.js
atomicredteam.io/assets/js/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atomicredteam.io/assets/js/main.min.js
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
d7d188f6c8f8c4df10ebfb10a1921ccb1d384817a0178373ce2ae9abd7e7bd66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
4ce695dee0e42a9f73d9206e513d9336cbee2d26
date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
gzip
age
445
x-cache
HIT
content-length
42331
x-served-by
cache-hhn4064-HHN
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 02:56:32 GMT
server
GitHub.com
x-github-request-id
7FB8:B41B:173CC8:18A0E8:6322B034
x-timer
S1663244554.081967,VS0,VE1
etag
W/"63229460-1de10"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 15 Sep 2022 05:05:16 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
lunr.min.js
atomicredteam.io/assets/js/lunr/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atomicredteam.io/assets/js/lunr/lunr.min.js
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
0c50d9002b85780a842afffb567bb54ede402dae7c6dc5997a018614d8044fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
b09f90425872f7e36e94a66721aad7c4a1dbd4c0
date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
gzip
age
445
x-cache
HIT
content-length
8471
x-served-by
cache-hhn4064-HHN
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 02:56:32 GMT
server
GitHub.com
x-github-request-id
AA10:6E46:1AC7B1:1C5EF1:6322C0C8
x-timer
S1663244554.085184,VS0,VE2
etag
W/"63229460-7346"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 15 Sep 2022 06:16:00 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
1
lunr-store.js
atomicredteam.io/assets/js/lunr/ 		2 MB
370 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atomicredteam.io/assets/js/lunr/lunr-store.js
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
831671afadcc41dc42f1d194442d0ff13b0e6678058e8c440acd3f597a2c43c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
ed962220bb8a8465f9fdc49d22ad2c5406ada403
date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
gzip
age
0
x-cache
HIT
content-length
378051
x-served-by
cache-hhn4064-HHN
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 02:56:51 GMT
server
GitHub.com
x-github-request-id
305C:C4B8:2C213B:2D6F40:6323174D
x-timer
S1663244554.085546,VS0,VE98
etag
W/"63229473-191c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 15 Sep 2022 12:25:09 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
lunr-en.js
atomicredteam.io/assets/js/lunr/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atomicredteam.io/assets/js/lunr/lunr-en.js
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
455dd8504356827ccf085274d4fd54ae29b0d906e993b3ecd28a8a9b290cd7f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
3749e63ff6e57f68151a42349204655068f2b495
date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
gzip
age
445
x-cache
HIT
content-length
818
x-served-by
cache-hhn4064-HHN
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 02:56:51 GMT
server
GitHub.com
x-github-request-id
23C0:9F7A:1BEEBD:1D840B:6322C0C8
x-timer
S1663244554.085531,VS0,VE1
etag
W/"63229473-9bd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 15 Sep 2022 06:16:00 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52702906-5
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2bbbcc66ba50b2919518d08c74b024f84e14e6cbc3cd6437d091fa9490f2ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43424
x-xss-protection
0
expires
Thu, 15 Sep 2022 12:22:34 GMT
art_banner.png
atomicredteam.io/static/ 		484 KB
484 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atomicredteam.io/static/art_banner.png
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
fc181dae1f147b3902a9f19e1b0b55b14dea3209880e3fedc6b7426a122180e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/?mkt_tok=MDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
2b806b055876c1dec65aec76c0ad612b10c44b6c
date
Thu, 15 Sep 2022 12:22:34 GMT
via
1.1 varnish
age
348
x-cache
HIT
x-cache-hits
1
content-length
495174
x-served-by
cache-hhn4064-HHN
last-modified
Thu, 15 Sep 2022 02:56:32 GMT
server
GitHub.com
x-github-request-id
408C:33C1:3ECCC4:41614A:63231272
x-timer
S1663244554.086657,VS0,VE2
etag
"63229460-78e46"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 15 Sep 2022 12:04:26 GMT
SourceSansPro-Light.ttf
atomicredteam.io/static/fonts/Source_Sans_Pro/ 		241 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://atomicredteam.io/static/fonts/Source_Sans_Pro/SourceSansPro-Light.ttf
Requested by
Host: atomicredteam.io
URL: https://atomicredteam.io/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
f635d858de4dd28c53fe231563cd4e7919837fd82c6a1af0d2e8f1df451eedd7

Request headers

Referer
https://atomicredteam.io/assets/css/main.css
Origin
https://atomicredteam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
dce594d21fdbd1432c4edf749e3bd8bdf7db0184
date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
gzip
age
444
x-cache
HIT
content-length
107663
x-served-by
cache-hhn4064-HHN
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 02:56:32 GMT
server
GitHub.com
x-github-request-id
45E6:B3D4:1BD6A4:1D6A0D:6322C0C8
x-timer
S1663244554.087852,VS0,VE1
etag
W/"63229460-3c4d4"
vary
Accept-Encoding
content-type
font/ttf
via
1.1 varnish
expires
Thu, 15 Sep 2022 06:16:00 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-solid-900.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://atomicredteam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:22:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19200
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
x-served-by
cache-fra19124-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"131bc-DMssgUp+TKEsR3iCFjOAnLA2Hqo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9nhCmMW1CZOwmcaatqoQaUljlB3iFPsF3YgAqeMQGxY5TzNpzedVM1rSKTUrpONDUb3tACVWZd2uIsDSKHFq2eOjycNN13nXU1NCVALwaKmgCs7AvxlWIRs%2Bp%2BcGF8Y2LGxjzKuS6Euqs20UoU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
cf-ray
74b1541fae1901fc-ZRH
fa-brands-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-brands-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://atomicredteam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:22:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31832
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
x-served-by
cache-fra19156-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"12bc0-BhPH67pV7kfvMCwPd2YyRpL4mac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENZ7ro8UIvMwfMOLz%2BWGUmB38myP9ycEBPxZRl%2BsZD4TknpPiV%2Br%2Fj4j0kFuam8wGVSGUGg1gLW%2Bjs%2Bx7UcD3sTG6s3iM6toRlWD5ruqS7Kr2W0je48pIyqP6j5KbhY9oXWPYQri%2BNui%2FKhvYTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
cf-ray
74b1541fae1601fc-ZRH
fa-regular-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-regular-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://atomicredteam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:22:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12812
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13224
x-served-by
cache-fra19156-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"33a8-E1F1Ka/6OeJYXFkayubcM2tqqRc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCN2B1WYnIoMg2hk8usyyGnE0qrvDEsLCqpO2PfSuRRfHqCKXWja7dRrrJ4PKBluNBDR3%2BVOD99X9U2PzLvE8eYdKrnZqzcMoFjtcA30Puw1xtSxi57VyJ5BbFMLxbxFnh5YkynzKLGF%2FfDXE%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
cf-ray
74b1541fae1b01fc-ZRH
js
www.googletagmanager.com/gtag/ 		207 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MEZPM10CW8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52702906-5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c12eac83a394a49d65991bb5ed2d703b9e1bd214943de4f05390cab889149f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:22:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74603
x-xss-protection
0
expires
Thu, 15 Sep 2022 12:22:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52702906-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4834
date
Thu, 15 Sep 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 15 Sep 2022 13:02:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=342733419&t=pageview&_s=1&dl=https%3A%2F%2Fatomicredteam.io%2F%3Fmkt_tok%3DMDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ&dr=https%3A%2F%2Fi.redcanary.com%2F&ul=en-us&de=UTF-8&dt=Explore%20Atomic%20Red%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1103268237&gjid=1720856422&cid=1056620668.1663244555&tid=UA-52702906-5&_gid=522864770.1663244555&_r=1&gtm=2ou9e0&z=1375997954
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://atomicredteam.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 12:22:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://atomicredteam.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MEZPM10CW8&gtm=2oe9e0&_p=342733419&cid=1056620668.1663244555&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663244555&sct=1&seg=0&dl=https%3A%2F%2Fatomicredteam.io%2F%3Fmkt_tok%3DMDAzLVlSVS0zMTQAAAGG3FicJoSKjuNRRditwLv299WXuFmPCdK_uYsNv-SAHR1T3e1eZGtwSKBfA1sHKx6PHlC9_J0ZvEGwEvwAd1euEHmyazX8xh4EaTPG8hxgMQ&dr=https%3A%2F%2Fi.redcanary.com%2F&dt=Explore%20Atomic%20Red%20Team&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEZPM10CW8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://atomicredteam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 12:22:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://atomicredteam.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| SmoothScroll function| Gumshoe function| lunr object| store object| idx function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

5 Cookies

Domain/Path Name / Value
.i.redcanary.com/ Name: __cf_bm
Value: dKgzq4770z7W80L9sLLPkrVOQaLgbyIHjfnxvKLSIk0-1663244553-0-AXfMocHjAQQZaMsoTahA30DiP4CJaZAzqpNwa1QOHYJrAeqJW4eKbqCpa6A0wCNbI8CAUpziBeRraHeMA5LBSsk=
.atomicredteam.io/ Name: _gid
Value: GA1.2.522864770.1663244555
.atomicredteam.io/ Name: _gat_gtag_UA_52702906_5
Value: 1
.atomicredteam.io/ Name: _ga_MEZPM10CW8
Value: GS1.1.1663244555.1.0.1663244555.0.0.0
.atomicredteam.io/ Name: _ga
Value: GA1.1.1056620668.1663244555

2 Console Messages

Source Level URL
Text
security error URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiuRHy-Au6LiIbIV_g=
Message:
The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGG3FicJjv5vDSNWdlWz2Kq9snCPJQYC_bGya5yZ9t1mXoAY8OcgOwsYLiuRHy-Au6LiIbIV_g=
Message:
The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-JiYdTfLCIz4p+5YdkrGzLZxQWv75udALQ6VTeS5ZpJ4=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atomicredteam.io
cdn.jsdelivr.net
i.redcanary.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
104.17.70.206
185.199.111.153
2001:4860:4802:34::36
2606:4700::6810:5514
2a00:1450:4001:80f::2008
2a00:1450:4001:813::200e
0c50d9002b85780a842afffb567bb54ede402dae7c6dc5997a018614d8044fc8
455dd8504356827ccf085274d4fd54ae29b0d906e993b3ecd28a8a9b290cd7f5
4de99acb9ce7fcb4127d2ee3eedb1b1925bb37d0ce66cb817a15e4448a34365f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d004b92e8f22f21b947678a46e5ba13e6e514c8a69bfdb901c7ee7a4340fd1e
831671afadcc41dc42f1d194442d0ff13b0e6678058e8c440acd3f597a2c43c8
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
c12eac83a394a49d65991bb5ed2d703b9e1bd214943de4f05390cab889149f72
d56c917e733df89c028a1a3db4ba244126082da06ce653f3e8af2fcb863c128f
d7d188f6c8f8c4df10ebfb10a1921ccb1d384817a0178373ce2ae9abd7e7bd66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
f2bbbcc66ba50b2919518d08c74b024f84e14e6cbc3cd6437d091fa9490f2ec3
f635d858de4dd28c53fe231563cd4e7919837fd82c6a1af0d2e8f1df451eedd7
fc181dae1f147b3902a9f19e1b0b55b14dea3209880e3fedc6b7426a122180e2