offsec.red
Open in
urlscan Pro
167.99.162.66
Public Scan
Effective URL: https://offsec.red/mimikatz-cheat-sheet/
Submission: On August 04 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 24th 2020. Valid for: 3 months.
This is the only time offsec.red was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 167.99.162.66 167.99.162.66 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
4 | 2606:4700::68... 2606:4700::6810:85e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
offsec.red
1 redirects
offsec.red |
399 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com |
9 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
6 | offsec.red |
1 redirects
offsec.red
|
4 | cdnjs.cloudflare.com |
offsec.red
|
9 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
github.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
offsec.red Let's Encrypt Authority X3 |
2020-04-24 - 2020-07-23 |
3 months | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://offsec.red/mimikatz-cheat-sheet/
Frame ID: D9DCFFE628A71BC65CD0444C0BE0263E
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://offsec.red/mimikatz-cheat-sheet/
HTTP 301
https://offsec.red/mimikatz-cheat-sheet/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: https://github.com/gentilkiwi/mimikatz
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://offsec.red/mimikatz-cheat-sheet/
HTTP 301
https://offsec.red/mimikatz-cheat-sheet/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
offsec.red/mimikatz-cheat-sheet/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
offsec.red/assets/css/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screen.css
offsec.red/assets/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prism-okaidia.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.16.0/themes/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cooltext342258963474130.png
offsec.red/content/images/2019/11/ |
143 KB 143 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prism.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.15.0/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prism-powershell.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.15.0/components/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prism-bash.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.15.0/components/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kali-linux.png
offsec.red/assets/ |
245 KB 245 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _self object| Prism0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
offsec.red
167.99.162.66
2606:4700::6810:85e5
4239f1eef23a7fb35f6a8c80017dc6ac82e6b449f6ece70e0b2202a7fdd2fcc8
4d3c13e4b43cf5d4937a27a28a2acfe0eef1950238f2f7aad757e129e30dd837
5f760ceadaae4736b33fba2c19400ff9ff3d2001a5fcd3d8cc8c849099f9a835
624cf49cd58aef0e1058951847b3ab68de3bef768c07fd7568cb759d9cab86e4
8dceb2d6cfd8f85fbbf048024ff948da5c94ef2b3e3c562b45227aabcfd1f3ea
928231e847f0dc35f141d2f0b674ec95dfe5e9d44a6ad281fd9212f8721e033f
a674e5875baa1e5e816246f1151dd96cb24cbde094e0f3dbd5921e0d445a13c2
ba826cabcd50cc586d0d42a6c6f67b7f8095518fa087e028fad2a13d7816bc45
bf341359fe5e4c839020ab8ae5b6a7f73a8c2b0eac6d4de4e6e0a21af86aa79b