attack.mitre.org Open in urlscan Pro
2606:50c0:8002::153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://attack.mitre.org/versions/v8/techniques/T1027/
Submission: On October 26 via api (October 26th 2021, 8:50:51 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 273 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:50c0:8002::153, located in and belongs to FASTLY, US. The main domain is attack.mitre.org.
TLS certificate: Issued by R3 on October 7th 2021. Valid for: 3 months.

This is the only time attack.mitre.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
28	4

26 2606:50c0:8002::153 (None, ) 1 redirects

ASN54113 (FASTLY, US)

attack.mitre.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	mitre.org 1 redirects attack.mitre.org	509 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
28	3

	Domain	Requested by
26	attack.mitre.org	1 redirects attack.mitre.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.googletagmanager.com	attack.mitre.org
28	3

This site contains links to these domains. Also see Links.

Domain
medium.com
github.com
www.volexity.com
www.welivesecurity.com
www.carbonblack.com
www.fireeye.com
researchcenter.paloaltonetworks.com
capec.mitre.org
securelist.com
download.bitdefender.com
www.fortinet.com
blog.malwarebytes.com
www.cybereason.com
web.archive.org
blog.talosintelligence.com
www.accenture.com
www.symantec.com
cdn2.hubspot.net
research.checkpoint.com
blog.trendmicro.com
documents.trendmicro.com
unit42.paloaltonetworks.com
redcanary.com
mackeeper.com
pxnow.prevx.com
cycraft.com
blog.morphisec.com
www.f-secure.com
info.lookout.com
media.defense.gov
www.cylance.com
www.paloaltonetworks.com
www.picussecurity.com
usa.visa.com
www2.fireeye.com
www.finfisher.com
cloudblogs.microsoft.com
www.proofpoint.com
objective-see.com
vms.drweb.com
www.trustwave.com
citizenlab.ca
blogs.cisco.com
threatpost.com
www.fidelissecurity.com
www.intezer.com
www.mcafee.com
www.secureworks.com
blogs.juniper.net
asert.arbornetworks.com
labsblog.f-secure.com
download.microsoft.com
www.operationblockbuster.com
operationblockbuster.com
securingtomorrow.mcafee.com
insights.infoblox.com
threatvector.cylance.com
s3-eu-west-1.amazonaws.com
blog.radware.com
foxitsecurity.files.wordpress.com
www.clearskysec.com
news.sophos.com
pan-unit42.github.io
www.crowdstrike.com
powersploit.readthedocs.io
cdn0.vox-cdn.com
symantec-enterprise-blogs.security.com
www.microsoft.com
www.pwc.co.uk
www.gdatasoftware.com
blog.intel471.com
www.group-ib.com
www.anomali.com
www.sophos.com
cyberforensicator.com
us-cert.cisa.gov
www.flashpoint-intel.com
media.kasperskycontenthub.com
www.bitdefender.com
usa.kaspersky.com
www.deepinstinct.com
www.nccgroup.trust
www.forcepoint.com
www.securityartwork.es
www.us-cert.gov
msrc-blog.microsoft.com
www.bromium.com
assets.sentinelone.com
thedfirreport.com
www.trendmicro.de
cyberwtf.files.wordpress.com
www.mitre.org
twitter.com

Subject Issuer	Validity	Valid
attack.mitre.org R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://attack.mitre.org/versions/v8/techniques/T1027/
Frame ID: 32151ED11E3B8AA366E136D5363B861A
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Obfuscated Files or Information, Technique T1027 - Enterprise | MITRE ATT&CK®

Page URL History Show full URLs

https://attack.mitre.org/versions/v8/techniques/T1027 HTTP 301
https://attack.mitre.org/versions/v8/techniques/T1027/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

564 kB
Transfer

1872 kB
Size

3
Cookies

273 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/mitre-attack/
Title: Blog

Search URL Search Domain Scan URL

URL: https://github.com/mitre/cti/releases/tag/ATT%26CK-v8.2
Title: ATT&CK v8.2

Search URL Search Domain Scan URL

URL: https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/
Title: [1]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/
Title: [2]

Search URL Search Domain Scan URL

URL: https://www.carbonblack.com/2016/09/23/security-advisory-variants-well-known-adware-families-discovered-include-sophisticated-obfuscation-techniques-previously-associated-nation-state-attacks/
Title: [3]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/06/obfuscation-in-the-wild.html
Title: [4]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/revoke-obfuscation-report.pdf
Title: [5]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/03/unit42-pulling-back-the-curtains-on-encodedcommand-powershell-attacks/
Title: [6]

Search URL Search Domain Scan URL

URL: https://capec.mitre.org/data/definitions/267.html
Title: CAPEC-267

Search URL Search Domain Scan URL

URL: https://securelist.com/sofacy-apt-hits-high-profile-targets-with-updated-toolset/72924/
Title: [7]

Search URL Search Domain Scan URL

URL: https://download.bitdefender.com/resources/media/materials/white-papers/en/Bitdefender_In-depth_analysis_of_APT28%E2%80%93The_Political_Cyber-Espionage.pdf
Title: [8]

Search URL Search Domain Scan URL

URL: https://www.fortinet.com/blog/threat-research/analysis-of-new-agent-tesla-spyware-variant.html
Title: [9]

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2020/04/new-agenttesla-variant-steals-wifi-credentials/
Title: [10]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/dropping-anchor-from-a-trickbot-infection-to-the-discovery-of-the-anchor-malware
Title: [11]

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190625182633if_/https://ti.360.net/blog/articles/apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en/
Title: [12]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/
Title: [13]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/06/phished-at-the-request-of-counsel.html
Title: [14]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/02/unit42-sofacy-attacks-multiple-government-entities/
Title: [15]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/06/unit42-sofacy-groups-parallel-attacks/
Title: [16]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html
Title: [17]

Search URL Search Domain Scan URL

URL: https://www.accenture.com/t20181129T203820Z__w__/us-en/_acnmedia/PDF-90/Accenture-snakemackerel-delivers-zekapab-malware.pdf#zoom=50
Title: [18]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/11/not-so-cozy-an-uncomfortable-examination-of-a-suspected-apt29-phishing-campaign.html
Title: [19]

Search URL Search Domain Scan URL

URL: http://www.symantec.com/connect/blogs/buckeye-cyberespionage-group-shifts-gaze-us-hong-kong
Title: [20]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/05/cyber-espionage-apt32.html
Title: [21]

Search URL Search Domain Scan URL

URL: https://github.com/danielbohannon/Invoke-Obfuscation
Title: [22]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2018/03/13/oceanlotus-ships-new-backdoor/
Title: [23]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/operation-cobalt-kitty-apt
Title: [24]

Search URL Search Domain Scan URL

URL: https://cdn2.hubspot.net/hubfs/3354902/Cybereason%20Labs%20Analysis%20Operation%20Cobalt%20Kitty.pdf
Title: [25]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2019/03/20/fake-or-fake-keeping-up-with-oceanlotus-decoys/
Title: [26]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2019/04/09/oceanlotus-macos-malware-update/
Title: [27]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/12/overruled-containing-a-potentially-destructive-adversary.html
Title: [28]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html
Title: [29]

Search URL Search Domain Scan URL

URL: https://securelist.com/scarcruft-continues-to-evolve-introduces-bluetooth-harvester/90729/
Title: [30]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2020/03/apt41-initiates-global-intrusion-campaign-using-multiple-exploits.html
Title: [31]

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2020/naikon-apt-cyber-espionage-reloaded/
Title: [32]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research
Title: [33]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Attor.pdf
Title: [34]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/lazarus-continues-heists-mounts-attacks-on-financial-organizations-in-latin-america/
Title: [35]

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/assets/pdf/Operation-ENDTRADE-TICK-s-Multi-Stage-Backdoors-for-Attacking-Industries-and-Stealing-Classified-Data.pdf
Title: [36]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/updated-backconfig-malware-targeting-government-and-military-organizations/
Title: [37]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/07/unit42-bisonal-malware-used-attacks-russia-south-korea/
Title: [38]

Search URL Search Domain Scan URL

URL: https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/
Title: [39]

Search URL Search Domain Scan URL

URL: https://redcanary.com/blog/blue-mockingbird-cryptominer/
Title: [40]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2019/10/mahalo-fin7-responding-to-new-tools-and-techniques.html
Title: [41]

Search URL Search Domain Scan URL

URL: https://mackeeper.com/blog/post/610-macos-bundlore-adware-analysis/
Title: [42]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/06/behind-the-carbanak-backdoor.html
Title: [43]

Search URL Search Domain Scan URL

URL: http://pxnow.prevx.com/content/blog/carberp-a_modular_information_stealing_trojan.pdf
Title: [44]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2017/03/30/carbon-paper-peering-turlas-second-stage-backdoor/
Title: [45]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/04/unit42-cardinal-rat-active-two-years/
Title: [46]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/the-fractured-statue-campaign-u-s-government-targeted-in-spear-phishing-attacks/
Title: [47]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/unit42-the-fractured-block-campaign-carrotbat-malware-used-to-deliver-malware-targeting-southeast-asia/
Title: [48]

Search URL Search Domain Scan URL

URL: https://cycraft.com/download/%5BTLP-White%5D20200415%20Chimera_V4.1.pdf
Title: [49]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/07/multiple-cobalt-personality-disorder.html
Title: [50]

Search URL Search Domain Scan URL

URL: https://blog.morphisec.com/cobalt-gang-2.0
Title: [51]

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2018/10/mac-cryptocurrency-ticker-app-installs-backdoors/
Title: [52]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/01/unit42-comnie-continues-target-organizations-east-asia/
Title: [53]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf
Title: [54]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/mac-malware-steals-cryptocurrency-exchanges-cookies/
Title: [55]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-apt28.pdf
Title: [56]

Search URL Search Domain Scan URL

URL: https://www.f-secure.com/documents/996508/1030745/CozyDuke
Title: [57]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/new-macos-dacls-rat-backdoor-show-lazarus-multi-platform-attack-capability/
Title: [58]

Search URL Search Domain Scan URL

URL: https://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf
Title: [59]

Search URL Search Domain Scan URL

URL: https://securelist.com/darkhotels-attacks-in-2015/71713/
Title: [60]

Search URL Search Domain Scan URL

URL: http://blog.trendmicro.com/trendlabs-security-intelligence/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography/
Title: [61]

Search URL Search Domain Scan URL

URL: https://securelist.com/use-of-dns-tunneling-for-cc-communications/78203/
Title: [62]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/10/unit42-nokki-almost-ties-the-knot-with-dogcall-reaper-group-uses-new-malware-to-deploy-rat/
Title: [63]

Search URL Search Domain Scan URL

URL: https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF
Title: [64]

Search URL Search Domain Scan URL

URL: https://www.cylance.com/content/dam/cylance/pdfs/reports/Op_Dust_Storm_Report.pdf
Title: [65]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2014/02/21/an-in-depth-analysis-of-linuxebury/
Title: [67]

Search URL Search Domain Scan URL

URL: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-elderwood-project.pdf
Title: [68]

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/resources/research/unit42-operation-lotus-blossom.html
Title: [69]

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2015/12/attack-on-french-diplomat-linked-to-operation-lotus-blossom/
Title: [70]

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2016/02/emissary-trojan-changelog-did-operation-lotus-blossom-cause-it-to-evolve/
Title: [71]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2019/01/return-of-emotet.html
Title: [72]

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/assets/white_papers/ExploringEmotetsActivities_Final.pdf
Title: [73]

Search URL Search Domain Scan URL

URL: https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc.html
Title: [74]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2018/12/28/analysis-latest-emotet-propagation-campaign/
Title: [75]

Search URL Search Domain Scan URL

URL: https://github.com/PowerShellEmpire/Empire
Title: [76]

Search URL Search Domain Scan URL

URL: https://securelist.com/the-epic-turla-operation/65545/
Title: [77]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2018/10/11/new-telebots-backdoor-linking-industroyer-notpetya/
Title: [78]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Operation_Ghost_Dukes.pdf
Title: [79]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/07/microsoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html
Title: [80]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2018/10/ESET_GreyEnergy.pdf
Title: [81]

Search URL Search Domain Scan URL

URL: https://usa.visa.com/dam/VCOM/global/support-legal/documents/fin6-cybercrime-group-expands-threat-To-ecommerce-merchants.pdf
Title: [82]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/08/fin7-pursuing-an-enigmatic-and-evasive-global-criminal-operation.html
Title: [83]

Search URL Search Domain Scan URL

URL: https://www2.fireeye.com/WBNR-Know-Your-Enemy-UNC622-Spear-Phishing.html
Title: [84]

Search URL Search Domain Scan URL

URL: http://www.finfisher.com/FinFisher/index.html
Title: [85]

Search URL Search Domain Scan URL

URL: https://cloudblogs.microsoft.com/microsoftsecure/2018/03/01/finfisher-exposed-a-researchers-tale-of-defeating-traps-tricks-and-complex-virtual-machines/
Title: [86]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/servhelper-and-flawedgrace-new-malware-introduced-ta505
Title: [87]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2019/06/frankenstein-campaign.html
Title: [88]

Search URL Search Domain Scan URL

URL: https://objective-see.com/blog/blog_0x25.html
Title: [89]

Search URL Search Domain Scan URL

URL: https://vms.drweb.com/virus/?i=4276269
Title: [90]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/blogs/threat-intelligence/gallmaker-attack-group
Title: [91]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2020/06/11/gamaredon-group-grows-its-game/
Title: [92]

Search URL Search Domain Scan URL

URL: https://securelist.com/introducing-whitebear/81638/
Title: [93]

Search URL Search Domain Scan URL

URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/goldenspy-chapter-two-the-uninstaller/
Title: [94]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/04/gravityrat-two-year-evolution-of-apt.html
Title: [95]

Search URL Search Domain Scan URL

URL: https://citizenlab.ca/2016/08/group5-syria/
Title: [96]

Search URL Search Domain Scan URL

URL: http://blogs.cisco.com/security/h1n1-technical-analysis-reveals-new-capabilities
Title: [97]

Search URL Search Domain Scan URL

URL: https://threatpost.com/spammers-revive-hancitor-downloader-campaigns/123011/
Title: [98]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2016/09/hancitor_aka_chanit.html
Title: [99]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2019/06/government-in-central-asia-targeted-with-hawkball-backdoor.html
Title: [100]

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2016/05/the-oilrig-campaign-attacks-on-saudi-arabian-organizations-deliver-helminth-backdoor/
Title: [101]

Search URL Search Domain Scan URL

URL: https://www.fidelissecurity.com/sites/default/files/FTA_1020_Fidelis_Inocnation_FINAL_0.pdf
Title: [102]

Search URL Search Domain Scan URL

URL: https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/
Title: [103]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/03/suspected-chinese-espionage-group-targeting-maritime-and-engineering-industries.html
Title: [104]

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-uncovers-operation-honeybee-malicious-document-campaign-targeting-humanitarian-aid-groups/
Title: [105]

Search URL Search Domain Scan URL

URL: https://www.carbonblack.com/2020/04/16/vmware-carbon-black-tau-threat-analysis-the-evolution-of-lazarus/
Title: [106]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/research/threat-group-3390-targets-organizations-for-cyberespionage
Title: [107]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/connect/blogs/trojanhydraq-incident
Title: [108]

Search URL Search Domain Scan URL

URL: https://blogs.juniper.net/en-us/threat-research/covid-19-and-fmla-campaigns-used-to-install-new-icedid-banking-malware
Title: [109]

Search URL Search Domain Scan URL

URL: https://securelist.com/cloud-atlas-redoctober-apt-is-back-in-style/68083/
Title: [110]

Search URL Search Domain Scan URL

URL: https://asert.arbornetworks.com/innaput-actors-utilize-remote-access-trojan-since-2016-presumably-targeting-victim-files/
Title: [111]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2018/06/07/invisimole-equipped-spyware-undercover/
Title: [112]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2020/06/ESET_InvisiMole.pdf
Title: [113]

Search URL Search Domain Scan URL

URL: https://github.com/peewpw/Invoke-PSImage
Title: [114]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/10/unit42-oilrig-group-steps-attacks-new-delivery-documents-new-injector-trojan/
Title: [115]

Search URL Search Domain Scan URL

URL: https://labsblog.f-secure.com/2015/09/08/sofacy-recycles-carberp-and-metasploit-code/
Title: [116]

Search URL Search Domain Scan URL

URL: http://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-part1.pdf
Title: [117]

Search URL Search Domain Scan URL

URL: https://download.microsoft.com/download/2/2/5/225BFE3E-E1DE-4F5B-A77B-71200928D209/Platinum%20feature%20article%20-%20Targeted%20attacks%20in%20South%20and%20Southeast%20Asia%20April%202016.pdf
Title: [118]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/blogs/threat-intelligence/jrat-new-anti-parsing-techniques
Title: [119]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/connect/blogs/cross-platform-frutas-rat-builder-and-back-door
Title: [120]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/05/unit42-kazuar-multiplatform-espionage-backdoor-api-access/
Title: [121]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf
Title: [122]

Search URL Search Domain Scan URL

URL: https://citizenlab.ca/2016/11/parliament-keyboy/
Title: [123]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/security-center/writeup/2016-081923-2700-99
Title: [124]

Search URL Search Domain Scan URL

URL: https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf
Title: [125]

Search URL Search Domain Scan URL

URL: https://operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Loaders-Installers-and-Uninstallers-Report.pdf
Title: [126]

Search URL Search Domain Scan URL

URL: https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-RAT-and-Staging-Report.pdf
Title: [127]

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/lazarus-resurfaces-targets-global-banks-bitcoin-users/
Title: [128]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/blogs/threat-intelligence/leafminer-espionage-middle-east
Title: [129]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets
Title: [130]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2019/05/ESET-LightNeuron.pdf
Title: [131]

Search URL Search Domain Scan URL

URL: https://insights.infoblox.com/threat-intelligence-reports/threat-intelligence--22
Title: [132]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2019/06/20/loudminer-mining-cracked-vst-software/
Title: [133]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2019/08/ESET_Machete.pdf
Title: [134]

Search URL Search Domain Scan URL

URL: https://threatvector.cylance.com/en_us/home/el-machete-malware-attacks-cut-through-latam.html
Title: [135]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/02/unit42-magic-hound-campaign-attacks-saudi-targets/
Title: [136]

Search URL Search Domain Scan URL

URL: https://s3-eu-west-1.amazonaws.com/minervaresearchpublic/CopyKittens/CopyKittens.pdf
Title: [137]

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/
Title: [138]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/research/mcmd-malware-analysis
Title: [139]

Search URL Search Domain Scan URL

URL: https://www.accenture.com/t20180423T055005Z_w_/se-en/_acnmedia/PDF-76/Accenture-Hogfish-Threat-Analysis.pdf
Title: [140]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/09/apt10-targeting-japanese-corporations-using-updated-ttps.html
Title: [141]

Search URL Search Domain Scan URL

URL: https://medium.com/@chenerlich/the-avast-abuser-metamorfo-banking-malware-hides-by-abusing-avast-executable-ac9b8b392767
Title: [142]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2017/06/palestine-delphi.html
Title: [143]

Search URL Search Domain Scan URL

URL: https://blog.radware.com/security/2018/07/micropsia-malware/
Title: [144]

Search URL Search Domain Scan URL

URL: https://foxitsecurity.files.wordpress.com/2016/06/fox-it_mofang_threatreport_tlp-white.pdf
Title: [145]

Search URL Search Domain Scan URL

URL: https://securelist.com/gaza-cybergang-group1-operation-sneakypastes/90068/
Title: [146]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2018/01/ESET_Turla_Mosquito.pdf
Title: [147]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/11/unit42-muddying-the-water-targeted-attacks-in-the-middle-east/
Title: [148]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html
Title: [149]

Search URL Search Domain Scan URL

URL: https://securelist.com/muddywater/88059/
Title: [150]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html
Title: [151]

Search URL Search Domain Scan URL

URL: https://www.clearskysec.com/wp-content/uploads/2019/06/Clearsky-Iranian-APT-group-%E2%80%98MuddyWater%E2%80%99-Adds-Exploits-to-Their-Arsenal.pdf
Title: [152]

Search URL Search Domain Scan URL

URL: https://www.f-secure.com/documents/996508/1030745/nanhaishu_whitepaper.pdf
Title: [153]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2016/02/nanocorerat-behind-an-increase-in-tax-themed-phishing-e-mails/
Title: [154]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/netwalker-fileless-ransomware-injected-via-reflective-loading/
Title: [155]

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2020/05/27/netwalker-ransomware-tools-give-insight-into-threat-actor/
Title: [156]

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/wp-content/uploads/2011/02/McAfee_NightDragon_wp_draft_to_customersv1-1.pdf
Title: [157]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/autoit-compiled-worm-affecting-removable-media-delivers-fileless-version-of-bladabindi-njrat-backdoor/
Title: [158]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/09/unit42-new-konni-malware-attacking-eurasia-southeast-asia/
Title: [159]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
Title: [160]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/07/unit42-oilrig-targets-technology-service-provider-government-agency-quadagent/
Title: [161]

Search URL Search Domain Scan URL

URL: https://pan-unit42.github.io/playbook_viewer/
Title: [162]

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-november-helix-kitten/
Title: [163]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/unit42-analyzing-oilrigs-ops-tempo-testing-weaponization-delivery/
Title: [164]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/02/unit42-oopsie-oilrig-uses-threedollars-deliver-new-trojan/
Title: [165]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/09/unit42-oilrig-targets-middle-eastern-government-adds-evasion-techniques-oopsie/
Title: [166]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/new-macos-backdoor-linked-to-oceanlotus-found/
Title: [167]

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/assets/tech-brief-untangling-the-patchwork-cyberespionage-group.pdf
Title: [168]

Search URL Search Domain Scan URL

URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/pillowmint-fin7s-monkey-thief/
Title: [169]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2020/05/21/no-game-over-winnti-group/
Title: [170]

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/
Title: [171]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html
Title: [172]

Search URL Search Domain Scan URL

URL: https://www.symantec.com/security_response/writeup.jsp?docid=2005-081910-3934-99
Title: [173]

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2015/11/no-money-but-pony-from-a-mail-to-a-trojan-horse/
Title: [174]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/03/dissecting_one_ofap.html
Title: [175]

Search URL Search Domain Scan URL

URL: https://github.com/PowerShellMafia/PowerSploit
Title: [176]

Search URL Search Domain Scan URL

URL: http://powersploit.readthedocs.io/
Title: [177]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/
Title: [178]

Search URL Search Domain Scan URL

URL: https://www.clearskysec.com/wp-content/uploads/2018/11/MuddyWater-Operations-in-Lebanon-and-Oman.pdf
Title: [179]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/muddywater-resurfaces-uses-multi-stage-backdoor-powerstats-v3-and-new-post-exploitation-tools/
Title: [180]

Search URL Search Domain Scan URL

URL: http://www.welivesecurity.com/wp-content/uploads/2016/05/Operation-Groundbait.pdf
Title: [181]

Search URL Search Domain Scan URL

URL: http://blog.morphisec.com/security-alert-fin8-is-back
Title: [182]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html
Title: [183]

Search URL Search Domain Scan URL

URL: http://cdn0.vox-cdn.com/assets/4589853/crowdstrike-intelligence-report-putter-panda.original.pdf
Title: [184]

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-raindrop-malware
Title: [185]

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/
Title: [186]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2020/05/13/ramsay-cyberespionage-toolkit-airgapped-networks/
Title: [187]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/11/unit42-new-malware-with-ties-to-sunorcal-discovered/
Title: [188]

Search URL Search Domain Scan URL

URL: https://www.pwc.co.uk/cyber-security/pdf/cloud-hopper-annex-b-final.pdf
Title: [189]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/08/picking-apart-remcos.html
Title: [190]

Search URL Search Domain Scan URL

URL: https://securelist.com/chafer-used-remexi-malware/89538/
Title: [191]

Search URL Search Domain Scan URL

URL: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Symantec_Remsec_IOCs.pdf
Title: [192]

Search URL Search Domain Scan URL

URL: https://securelist.com/files/2016/07/The-ProjectSauron-APT_Technical_Analysis_KL.pdf
Title: [193]

Search URL Search Domain Scan URL

URL: https://www.gdatasoftware.com/blog/2019/06/31724-strange-bits-sodinokibi-spam-cinarat-and-fake-g-data
Title: [194]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/blog/revil-the-gandcrab-connection
Title: [195]

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-what-the-code-tells-us/
Title: [196]

Search URL Search Domain Scan URL

URL: https://blog.intel471.com/2020/03/31/revil-ransomware-as-a-service-an-analysis-of-a-ransomware-affiliate-operation/
Title: [197]

Search URL Search Domain Scan URL

URL: https://www.group-ib.com/whitepapers/ransomware-uncovered.html
Title: [198]

Search URL Search Domain Scan URL

URL: https://www.picussecurity.com/blog/a-brief-history-and-further-technical-analysis-of-sodinokibi-ransomware
Title: [199]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/research/revil-sodinokibi-ransomware
Title: [200]

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-operation-sharpshooter.pdf
Title: [201]

Search URL Search Domain Scan URL

URL: https://www.anomali.com/blog/rocke-evolves-its-arsenal-with-a-new-malware-family-written-in-golang
Title: [202]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/07/unit42-new-threat-actor-group-darkhydrus-targets-middle-east-government/
Title: [203]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/wp-content/uploads/2017/02/Read-The-Manual.pdf
Title: [204]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/russian-language-malspam-pushing-redaman-banking-malware/
Title: [205]

Search URL Search Domain Scan URL

URL: http://www.secureworks.com/cyber-threat-intelligence/threats/sakula-malware-family/
Title: [206]

Search URL Search Domain Scan URL

URL: https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/SamSam-ransomware-chooses-Its-targets-carefully-wpna.pdf
Title: [207]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/01/samsam-evolution-continues-netting-over.html
Title: [208]

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20160503234007/https://www.isightpartners.com/2014/10/cve-2014-4114/
Title: [209]

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2016/12/13/rise-telebots-analyzing-disruptive-killdisk-attacks/
Title: [210]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/ta505-distributes-new-sdbbot-remote-access-trojan-get2-downloader
Title: [211]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report-appendix.zip
Title: [212]

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2016/11/unit42-shamoon-2-return-disttrack-wiper/
Title: [213]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html
Title: [214]

Search URL Search Domain Scan URL

URL: http://researchcenter.paloaltonetworks.com/2015/07/ups-observations-on-cve-2015-3113-prior-zero-days-and-the-pirpi-payload/
Title: [215]

Search URL Search Domain Scan URL

URL: https://cyberforensicator.com/2019/01/20/silence-dissecting-malicious-chm-files-and-performing-forensic-analysis/
Title: [216]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/skidmap-linux-malware-uses-rootkit-capabilities-to-hide-cryptocurrency-mining-payload/
Title: [217]

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2016/08/smoke-loader-downloader-with-a-smokescreen-still-alive/
Title: [218]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/07/smoking-guns-smoke-loader-learned-new.html#more
Title: [219]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers
Title: [220]

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198a
Title: [221]

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/speakup-a-new-undetected-backdoor-linux-trojan/
Title: [222]

Search URL Search Domain Scan URL

URL: https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/
Title: [223]

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/07180722/Report_Shamoon_StoneDrill_final.pdf
Title: [224]

Search URL Search Domain Scan URL

URL: https://www.cylance.com/shell-crew-variants-continue-to-fly-under-big-avs-radar
Title: [225]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2020/06/promethium-extends-with-strongpity3.html
Title: [226]

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/files/News/CaseStudies/study/353/Bitdefender-Whitepaper-StrongPity-APT.pdf
Title: [227]

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/
Title: [228]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
Title: [229]

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/
Title: [230]

Search URL Search Domain Scan URL

URL: https://securelist.com/synack-targeted-ransomware-uses-the-doppelganging-technique/85431/
Title: [231]

Search URL Search Domain Scan URL

URL: https://usa.kaspersky.com/about/press-releases/2018_synack-doppelganging
Title: [232]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter
Title: [233]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/threat-actor-ta505-targets-financial-enterprises-using-lolbins-and-a-new-backdoor-malware
Title: [234]

Search URL Search Domain Scan URL

URL: https://www.deepinstinct.com/2019/04/02/new-servhelper-variant-employs-excel-4-0-macro-to-drop-signed-payload/
Title: [235]

Search URL Search Domain Scan URL

URL: https://securelist.com/project-tajmahal/90240/
Title: [236]

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2020/sunburst-teardrop-and-the-netsec-new-normal/
Title: [237]

Search URL Search Domain Scan URL

URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/may/emissary-panda-a-potential-new-malicious-tool/
Title: [238]

Search URL Search Domain Scan URL

URL: https://securelist.com/luckymouse-hits-national-data-center/86083/
Title: [239]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/emissary-panda-attacks-middle-east-government-sharepoint-servers/
Title: [240]

Search URL Search Domain Scan URL

URL: https://www.forcepoint.com/sites/default/files/resources/files/forcepoint-security-labs-monsoon-analysis-report.pdf
Title: [241]

Search URL Search Domain Scan URL

URL: https://www.securityartwork.es/wp-content/uploads/2017/07/Trickbot-report-S2-Grupo.pdf
Title: [242]

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/research/updated-karagany-malware-targets-energy-sector
Title: [243]

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/
Title: [244]

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/assets/Tech-Brief-Tropic-Trooper-s-Back-USBferry-Attack-Targets-Air-gapped-Environments.pdf
Title: [245]

Search URL Search Domain Scan URL

URL: https://www.us-cert.gov/ncas/analysis-reports/AR18-165A
Title: [246]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2017/11/unit42-uboatrat-navigates-east-asia/
Title: [247]

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/
Title: [248]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/ursnif-variant-dreambot-adds-tor-functionality
Title: [249]

Search URL Search Domain Scan URL

URL: https://www.bromium.com/how-ursnif-evades-detection/
Title: [250]

Search URL Search Domain Scan URL

URL: http://www.welivesecurity.com/2014/11/11/sednit-espionage-group-attacking-air-gapped-networks/
Title: [251]

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Title: [252]

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/valak-evolution/
Title: [253]

Search URL Search Domain Scan URL

URL: https://assets.sentinelone.com/labs/sentinel-one-valak-i
Title: [254]

Search URL Search Domain Scan URL

URL: https://researchcenter.paloaltonetworks.com/2018/01/unit42-vermin-quasar-rat-custom-malware-used-ukraine/
Title: [255]

Search URL Search Domain Scan URL

URL: https://www.us-cert.gov/sites/default/files/publications/MAR-10135536-D_WHITE_S508C.PDF
Title: [256]

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/whitefly-espionage-singapore
Title: [257]

Search URL Search Domain Scan URL

URL: https://objective-see.com/blog/blog_0x3D.html
Title: [258]

Search URL Search Domain Scan URL

URL: https://medium.com/chronicle-blog/winnti-more-than-just-windows-and-gates-e4f03436031a
Title: [259]

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2019/01/a-nasty-trick-from-credential-theft-malware-to-business-disruption.html
Title: [260]

Search URL Search Domain Scan URL

URL: https://thedfirreport.com/2020/10/08/ryuks-return/
Title: [261]

Search URL Search Domain Scan URL

URL: http://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-part-2.pdf
Title: [262]

Search URL Search Domain Scan URL

URL: https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-operation-tropic-trooper.pdf
Title: [263]

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/APT-targets-russia-belarus-zerot-plugx
Title: [264]

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2017/11/zeus-panda-campaign.html#More
Title: [265]

Search URL Search Domain Scan URL

URL: https://cyberwtf.files.wordpress.com/2017/07/panda-whitepaper.pdf
Title: [266]

Search URL Search Domain Scan URL

URL: https://cloudblogs.microsoft.com/microsoftsecure/2015/06/09/windows-10-to-offer-application-developers-new-malware-defenses/?source=mmpc
Title: [267]

Search URL Search Domain Scan URL

URL: https://github.com/danielbohannon/Revoke-Obfuscation
Title: [268]

Search URL Search Domain Scan URL

URL: https://github.com/itsreallynick/office-crackros
Title: [269]

Search URL Search Domain Scan URL

URL: https://www.mitre.org/

Search URL Search Domain Scan URL

URL: https://twitter.com/MITREattack
Title: @MITREattack

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://attack.mitre.org/versions/v8/techniques/T1027 HTTP 301
https://attack.mitre.org/versions/v8/techniques/T1027/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
attack.mitre.org/versions/v8/techniques/T1027/
Redirect Chain

https://attack.mitre.org/versions/v8/techniques/T1027
https://attack.mitre.org/versions/v8/techniques/T1027/

664 KB
80 KB

101ms
100ms

Document
text/html

2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521916601533e473e36b35b16b1c262097cdce5c494ba369899e3b614d6aeabe

Request headers

:method: GET
:authority: attack.mitre.org
:scheme: https
:path: /versions/v8/techniques/T1027/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 21 Oct 2021 15:52:16 GMT
access-control-allow-origin: *
etag: W/"61718cb0-a6076"
expires: Tue, 26 Oct 2021 21:00:47 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 2704:687A:8BCCA4:900274:61786A27
accept-ranges: bytes
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-fra19176-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1635281447.080850,VS0,VE93
vary: Accept-Encoding
x-fastly-request-id: e9d97a79e62058ac2347fb0c51b5ba8219487a5c
content-length: 82123

Redirect headers

server: GitHub.com
content-type: text/html
x-origin-cache: HIT
location: https://attack.mitre.org/versions/v8/techniques/T1027/
access-control-allow-origin: *
expires: Tue, 26 Oct 2021 21:00:47 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 49AC:0D27:5E8366:614F0B:61786A26
accept-ranges: bytes
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-fra19176-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1635281447.986079,VS0,VE86
vary: Accept-Encoding
x-fastly-request-id: cd7d7f92b1fc01719766aa8b918f60326207c5bc
content-length: 162

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 56ms
33ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62667723-1

Requested by

Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

282ffa7f383baeac3451e647d4284c7baa2300acdd386d61af21dda14c57ae30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35735
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 19:26:22 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Oct 2021 20:50:47 GMT

GET
H2 200 bootstrap.min.css
attack.mitre.org/versions/v8/theme/style/ 152 KB
23 KB 10ms
8ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/style/bootstrap.min.css
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

:path: /versions/v8/theme/style/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 72bc2634843b5d27cdcebfb808f02d75f6a6a1d1
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 23620
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 672C:BD71:89B5A1:8DE8E0:617868A7
x-timer: S1635281447.206780,VS0,VE0
etag: W/"61718cb1-2606e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 bootstrap-glyphicon.min.css
attack.mitre.org/versions/v8/theme/style/ 12 KB
3 KB 13ms
11ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/style/bootstrap-glyphicon.min.css
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 8117b34e40b234c456830e62ca1e0c3758d7a97111678b28c4d55a1ef3d28d48

Request headers

:path: /versions/v8/theme/style/bootstrap-glyphicon.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: db00de259ef98c210f641be8d0ee3cfbf45d7d0a
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 2641
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 7B86:06C6:6CB2B:77707:617868A7
x-timer: S1635281447.206877,VS0,VE0
etag: W/"61718cb1-31d3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 bootstrap-tourist.css
attack.mitre.org/versions/v8/theme/style/ 2 KB
815 B 12ms
11ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/style/bootstrap-tourist.css
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 50d579034cf5e54e53ad48172173f27b9eae3cd1c493c554526510386ac0200c

Request headers

:path: /versions/v8/theme/style/bootstrap-tourist.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: efa3c9c853b9194505d42186a85e74b9fe06289a
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 671
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 4650:11488:90C991:950D79:617868A7
x-timer: S1635281447.206935,VS0,VE0
etag: W/"61718cb1-978"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 style.min.css
attack.mitre.org/versions/v8/theme/ 37 KB
7 KB 12ms
11ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 4986471d48ed22b46abf8ba30908b36d584ad2bd3e674991cf020f973d6c60ce

Request headers

:path: /versions/v8/theme/style.min.css?68c82ef7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 0b9e9935f2fa560bf47b0de4c4f5fdfd1b531863
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 6972
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: F622:6876:25540:485B7:617868A7
x-timer: S1635281447.206952,VS0,VE0
etag: W/"61718cb1-9306"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 mitre_attack_logo.png
attack.mitre.org/versions/v8/theme/images/ 8 KB
8 KB 12ms
11ms Image
image/png 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/versions/v8/theme/images/mitre_attack_logo.png
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3ae6a7bfab7524a73fda8afb924ee4ebcaede820e4aacbbadfa7a958a45bef93

Request headers

:path: /versions/v8/theme/images/mitre_attack_logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 44d35feba7a298d8d727e2b3249b413040e6e851
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 384
x-cache: HIT
content-length: 8461
x-served-by: cache-fra19176-FRA
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: D8BC:1155:8CD35A:90E941:61785D61
x-timer: S1635281447.206992,VS0,VE0
etag: "61718cb1-210d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Tue, 26 Oct 2021 20:06:17 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 external-site.svg
attack.mitre.org/versions/v8/theme/images/ 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/versions/v8/theme/images/external-site.svg
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 92232d88078e2a618a3a4a02443fa1df4649718289bb9cec2a3bbd5910b337a4

Request headers

:path: /versions/v8/theme/images/external-site.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 326c380d3a3312b87e7b68d8aeb5ef42ef4ca43a
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 1022
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: E20E:BD71:89B5A1:8DE8E1:617868A7
x-timer: S1635281447.207114,VS0,VE0
etag: W/"61718cb1-7c6"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 icon-warning-24px.svg
attack.mitre.org/versions/v8/theme/images/ 203 B
380 B 13ms
13ms Image
image/svg+xml 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/versions/v8/theme/images/icon-warning-24px.svg
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 7c4e1b003b2e80e2857ac92233500a5e1e88af3392a03720c8bb544d32bd2b36

Request headers

:path: /versions/v8/theme/images/icon-warning-24px.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: a06f1334c73493b982c03b7f19cba64cb6ba0b66
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 384
x-cache: HIT
content-length: 203
x-served-by: cache-fra19176-FRA
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: C160:A97F:8BBC87:8FE9CD:61785D61
x-timer: S1635281447.207258,VS0,VE0
etag: "61718cb1-cb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
expires: Tue, 26 Oct 2021 20:06:17 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55b6d0fa4ad23fca99b440bc7cf5f3c9c0d0eface004a2dbbacc7a0e95c37f25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54afb34633a8680500183f5f99ee59437dbe274df4c5eec3d9570b8ac44ff4a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Roboto-Light.ttf
attack.mitre.org/versions/v8/theme/fonts/Roboto/ 166 KB
89 KB 9ms
9ms Font
font/ttf 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/fonts/Roboto/Roboto-Light.ttf
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6

Request headers

:path: /versions/v8/theme/fonts/Roboto/Roboto-Light.ttf
pragma: no-cache
origin: https://attack.mitre.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
Origin: https://attack.mitre.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: da7bacf87adb1a2c76fa4918827c77be688b163f
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 90875
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: F59E:0D27:5DFC57:60C408:617868A7
x-timer: S1635281447.235144,VS0,VE0
etag: W/"61718cb1-299b4"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 Roboto-Regular.ttf
attack.mitre.org/versions/v8/theme/fonts/Roboto/ 168 KB
89 KB 17ms
16ms Font
font/ttf 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/fonts/Roboto/Roboto-Regular.ttf
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

:path: /versions/v8/theme/fonts/Roboto/Roboto-Regular.ttf
pragma: no-cache
origin: https://attack.mitre.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
Origin: https://attack.mitre.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 136631bcf0a60b3092888a473cb6b158ac4aa0a6
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 91002
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 530C:8F5D:92E4D1:972A2D:617868A7
x-timer: S1635281447.235230,VS0,VE0
etag: W/"61718cb1-29e9c"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 mitrelogowhiteontrans.gif
attack.mitre.org/versions/v8/theme/images/ 661 B
878 B 16ms
13ms Image
image/gif 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/versions/v8/theme/images/mitrelogowhiteontrans.gif
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503

Request headers

:path: /versions/v8/theme/images/mitrelogowhiteontrans.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 5b347dd3b2a9fb02f84834e1f7fc6a8ea9cc65b9
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 384
x-cache: HIT
content-length: 661
x-served-by: cache-fra19176-FRA
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 2A82:8F5D:8EC7A5:92EF4D:61785D61
x-timer: S1635281447.281112,VS0,VE0
etag: "61718cb1-295"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
expires: Tue, 26 Oct 2021 20:06:17 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 twitter.png
attack.mitre.org/versions/v8/theme/images/ 11 KB
11 KB 15ms
12ms Image
image/png 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/versions/v8/theme/images/twitter.png
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: fa56d1290557a7b0734f0b53ee6b8b31e4e36276cfb622f1a48fed56c3188730

Request headers

:path: /versions/v8/theme/images/twitter.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: dca485b3046c8beb00072c439055a12499484feb
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 384
x-cache: HIT
content-length: 11502
x-served-by: cache-fra19176-FRA
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 3402:3DB0:8D7C5B:91A167:61785D61
x-timer: S1635281447.283793,VS0,VE0
etag: "61718cb1-2cee"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Tue, 26 Oct 2021 20:06:17 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 jquery-3.5.1.min.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 87 KB
31 KB 15ms
13ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/jquery-3.5.1.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path: /versions/v8/theme/scripts/jquery-3.5.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: e70ae20d2d899ed3fc30a3d3713e600f5955d89e
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 31147
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 3F14:11488:90C993:950D7E:617868A7
x-timer: S1635281447.283617,VS0,VE0
etag: W/"61718cb1-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 popper.min.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 20 KB
6 KB 15ms
13ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/popper.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da

Request headers

:path: /versions/v8/theme/scripts/popper.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: a34e88bf36cf546435223b563d3a0f704b884de1
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 6148
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: AF80:4E82:8C2930:9062ED:617868A7
x-timer: S1635281447.283677,VS0,VE0
etag: W/"61718cb1-5050"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 bootstrap.bundle.min.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 79 KB
23 KB 14ms
12ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/bootstrap.bundle.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 124bbd8d249b86351701081fde6f3584811ecaeaa6a179154ea170d6ad48eff8

Request headers

:path: /versions/v8/theme/scripts/bootstrap.bundle.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 1624fff4cfb4819a5632c3fb623516a97fd29a2b
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 22985
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 3DFA:4E81:45079F:4825DD:617868A7
x-timer: S1635281447.283735,VS0,VE0
etag: W/"61718cb1-13b3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 site.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 377 B
370 B 14ms
12ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/site.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 8be6adca335aab3d59129472cdfe4ca728becd178c9c1e1959ecdb591385a9e9

Request headers

:path: /versions/v8/theme/scripts/site.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: db72e443eb3c3ce8503533a4c63cd2c9da8632e6
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 226
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: F90A:3DAF:4283E6:459E81:617868A7
x-timer: S1635281447.283838,VS0,VE0
etag: W/"61718cb1-179"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 flexsearch.es5.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 21 KB
9 KB 13ms
12ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/flexsearch.es5.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 562a2fb1e52e31388138d6579542134c7c0c48766bea631522f53caaca7e861c

Request headers

:path: /versions/v8/theme/scripts/flexsearch.es5.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: d4879dd797c74686346cbe8fa059e9794dc94f3e
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 8890
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: F518:A0DB:8C8829:90B940:617868A7
x-timer: S1635281447.283874,VS0,VE0
etag: W/"61718cb1-55e8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 localforage.min.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 29 KB
9 KB 13ms
11ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/localforage.min.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 04f8f91dbb2f9b86aac0b3b03121e7db2edf42426c1764f5e415aa2be38ae96b

Request headers

:path: /versions/v8/theme/scripts/localforage.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 70fd94d4b06f2a7f7e82c26a8396d552caf6a37b
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 9056
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: E3A0:0D27:5DFC4A:60C3FC:617868A7
x-timer: S1635281447.283935,VS0,VE0
etag: W/"61718cb1-7358"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 settings.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 110 B
321 B 99ms
97ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/settings.js?7764
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: d28bf46a571cf26eb42e120f8c8fc9421b68742d378f900329e4f6889441ef4f

Request headers

:path: /versions/v8/theme/scripts/settings.js?7764
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 41054cd7a4a808f1150c66fc5d480d87df0cd55a
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 110
x-served-by: cache-fra19176-FRA
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 4EC6:11488:9144DE:958CC5:61786A27
x-timer: S1635281447.283990,VS0,VE88
etag: "61718cb1-6e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Tue, 26 Oct 2021 21:00:47 GMT

GET
H2 200 search_babelized.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 20 KB
6 KB 21ms
20ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/search_babelized.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3afe44faab9daaa982e12fb25cf65b15aa30af1ef2f65d9cd8410657e629f191

Request headers

:path: /versions/v8/theme/scripts/search_babelized.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 087415485fa5e1cb6d9a8cc6ffe89313a5c9a563
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 6108
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 6A46:F84F:90F1D1:953540:617868A7
x-timer: S1635281447.284073,VS0,VE0
etag: W/"61718cb1-5159"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 navigation.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 3 KB
1 KB 20ms
19ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/navigation.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 734a6a3d4a437089ce38cb1ede5a893f2760014278bd9fc9f6e447d0505ab801

Request headers

:path: /versions/v8/theme/scripts/navigation.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 25139d36f4f9576216cb3d2dd92284151cf72a7d
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 1055
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: F7D4:6879:43C8F0:46E846:617868A7
x-timer: S1635281447.284084,VS0,VE0
etag: W/"61718cb1-cb2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 bootstrap-tourist.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 80 KB
20 KB 20ms
19ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/bootstrap-tourist.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: dfdca3b05eab23d6bb097f95ac5a75f3094e3e213e8f6c152c31d526201f05f9

Request headers

:path: /versions/v8/theme/scripts/bootstrap-tourist.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 791e9a2922dfaaa4df04edcfc5866b0e16a00e20
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 384
x-cache: HIT
content-length: 19993
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 6F72:11488:8CE713:910DE2:61785D61
x-timer: S1635281447.284126,VS0,VE0
etag: W/"61718cb1-13f1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:06:17 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 settings.js Show response
attack.mitre.org/versions/v8/theme/scripts/ 110 B
384 B 19ms
19ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/settings.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: d28bf46a571cf26eb42e120f8c8fc9421b68742d378f900329e4f6889441ef4f

Request headers

:path: /versions/v8/theme/scripts/settings.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: efe6aeacce4700e71539ef0852a86b67b2d65379
date: Tue, 26 Oct 2021 20:50:47 GMT
via: 1.1 varnish
age: 384
x-cache: HIT
content-length: 110
x-served-by: cache-fra19176-FRA
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 7B72:A97D:125870:14A8D1:61785D61
x-timer: S1635281447.284171,VS0,VE0
etag: "61718cb1-6e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 26 Oct 2021 20:06:17 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 tour-techniques.js Show response
attack.mitre.org/versions/v8/theme/scripts/tour/ 1 KB
854 B 98ms
98ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/scripts/tour/tour-techniques.js
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/techniques/T1027/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 0c52ca44b5dddb13bba573ce44dff22d66d1349bce6b9960b53f1dc965c9b691

Request headers

:path: /versions/v8/theme/scripts/tour/tour-techniques.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/techniques/T1027/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/versions/v8/techniques/T1027/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 6e84696326421dab925e967ee4409714f82599f6
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 685
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 5AC8:3DB0:919D4C:95DFE9:617868A7
x-timer: S1635281447.284248,VS0,VE88
etag: W/"61718cb1-5f7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 Roboto-Thin.ttf
attack.mitre.org/versions/v8/theme/fonts/Roboto/ 168 KB
88 KB 9ms
9ms Font
font/ttf 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attack.mitre.org/versions/v8/theme/fonts/Roboto/Roboto-Thin.ttf
Requested by: Host: attack.mitre.org
URL: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 -, , ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5

Request headers

:path: /versions/v8/theme/fonts/Roboto/Roboto-Thin.ttf
pragma: no-cache
origin: https://attack.mitre.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: attack.mitre.org
referer: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://attack.mitre.org/versions/v8/theme/style.min.css?68c82ef7
Origin: https://attack.mitre.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 61303f741a5a9b3e9e6620df30982d630d79c637
date: Tue, 26 Oct 2021 20:50:47 GMT
content-encoding: gzip
age: 307
x-cache: HIT
content-length: 89365
x-served-by: cache-fra19176-FRA
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:52:17 GMT
server: GitHub.com
x-github-request-id: 834A:06C8:2DB705:2EE11D:617868A7
x-timer: S1635281447.313389,VS0,VE0
etag: W/"61718cb1-29f80"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 varnish
expires: Tue, 26 Oct 2021 20:54:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62667723-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://attack.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 3013
date: Tue, 26 Oct 2021 20:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Tue, 26 Oct 2021 22:00:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1153566175&t=pageview&_s=1&dl=https%3A%2F%2Fattack.mitre.org%2Fversions%2Fv8%2Ftechniques%2FT1027%2F&ul=en-us&de=UTF-8&dt=Obfuscated%20Files%20or%20Information%2C%20Technique%20T1027%20-%20Enterprise%20%7C%20MITRE%20ATT%26CK%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=452829525&gjid=1004386507&cid=1371996119.1635281447&tid=UA-62667723-1&_gid=2062342962.1635281447&_r=1&gtm=2ouak0&z=1553041737

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://attack.mitre.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 20:50:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://attack.mitre.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mitre.org/	1970-01-20 15:45:53	Name: _ga Value: GA1.2.1371996119.1635281447
.mitre.org/	1970-01-19 22:16:07	Name: _gid Value: GA1.2.2062342962.1635281447
.mitre.org/	1970-01-19 22:14:41	Name: _gat_gtag_UA_62667723_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attack.mitre.org
www.google-analytics.com
www.googletagmanager.com
2606:50c0:8002::153
2a00:1450:4001:800::200e
2a00:1450:4001:809::2008
04f8f91dbb2f9b86aac0b3b03121e7db2edf42426c1764f5e415aa2be38ae96b
0c52ca44b5dddb13bba573ce44dff22d66d1349bce6b9960b53f1dc965c9b691
124bbd8d249b86351701081fde6f3584811ecaeaa6a179154ea170d6ad48eff8
282ffa7f383baeac3451e647d4284c7baa2300acdd386d61af21dda14c57ae30
3ae6a7bfab7524a73fda8afb924ee4ebcaede820e4aacbbadfa7a958a45bef93
3afe44faab9daaa982e12fb25cf65b15aa30af1ef2f65d9cd8410657e629f191
3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5
4986471d48ed22b46abf8ba30908b36d584ad2bd3e674991cf020f973d6c60ce
50d579034cf5e54e53ad48172173f27b9eae3cd1c493c554526510386ac0200c
521916601533e473e36b35b16b1c262097cdce5c494ba369899e3b614d6aeabe
54afb34633a8680500183f5f99ee59437dbe274df4c5eec3d9570b8ac44ff4a6
55b6d0fa4ad23fca99b440bc7cf5f3c9c0d0eface004a2dbbacc7a0e95c37f25
55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503
562a2fb1e52e31388138d6579542134c7c0c48766bea631522f53caaca7e861c
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
734a6a3d4a437089ce38cb1ede5a893f2760014278bd9fc9f6e447d0505ab801
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7c4e1b003b2e80e2857ac92233500a5e1e88af3392a03720c8bb544d32bd2b36
8117b34e40b234c456830e62ca1e0c3758d7a97111678b28c4d55a1ef3d28d48
8be6adca335aab3d59129472cdfe4ca728becd178c9c1e1959ecdb591385a9e9
92232d88078e2a618a3a4a02443fa1df4649718289bb9cec2a3bbd5910b337a4
976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6
d28bf46a571cf26eb42e120f8c8fc9421b68742d378f900329e4f6889441ef4f
dfdca3b05eab23d6bb097f95ac5a75f3094e3e213e8f6c152c31d526201f05f9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa56d1290557a7b0734f0b53ee6b8b31e4e36276cfb622f1a48fed56c3188730
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

attack.mitre.org Open in urlscan Pro 2606:50c0:8002::153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

564 kBTransfer

1872 kBSize

3 Cookies

273 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

attack.mitre.org Open in urlscan Pro
2606:50c0:8002::153 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

564 kB
Transfer

1872 kB
Size

3
Cookies

28 HTTP transactions
2 data transactions