Report - attack.mitre.org/groups/G0046/

Report Overview

Submitted URL
attack.mitre.org/groups/G0046/
IP
185.199.108.153
ASN
#54113 FASTLY
Submitted
2024-05-08 18:47:00
Access
public
Website Title
FIN7, GOLD NIAGARA, ITG14, Carbon Spider, ELBRUS, Sangria Tempest, Group G0046 | MITRE ATT&CK®
Final URL
attack.mitre.org/groups/G0046/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
attack.mitre.org	365703	1985-07-10	2017-02-01	2024-05-06	22 kB	4.8 MB	185.199.110.153
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	878 B	167 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	attack.mitre.org/search/software.json	Detects strings found in Runspace Post Exploitation Toolkit
2024-05-08	medium	attack.mitre.org/search/campaigns.json	Detects strings found in Runspace Post Exploitation Toolkit
2024-05-08	medium	attack.mitre.org/search/campaigns.json	Detects a set of reconnaissance commands on Windows systems
2024-05-08	medium	attack.mitre.org/search/groups.json	Detects strings found in Runspace Post Exploitation Toolkit
2024-05-08	medium	attack.mitre.org/search/groups.json	Identifies KPortScan, port scanner.
2024-05-08	medium	attack.mitre.org/search/datasources.json	Detects strings found in Runspace Post Exploitation Toolkit
2024-05-08	medium	attack.mitre.org/search/techniques.json	Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures)
2024-05-08	medium	attack.mitre.org/search/techniques.json	Detects strings found in Runspace Post Exploitation Toolkit
2024-05-08	medium	attack.mitre.org/search/techniques.json	Identifies KPortScan, port scanner.
2024-05-08	medium	attack.mitre.org/search/techniques.json	Identifies RDP Wrapper, sometimes used by attackers to maintain persistence.

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	attack.mitre.org/theme/scripts/settings.js	299 B	2024-05-03	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/settings.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 20:30:26 Last Seen2024-05-19 22:05:45 Times Seen24 Hash 622c29c4711cae46811f7088841cd224 ca664b73d88abf8ed036f6a91cc04a7c7683e544 138b34fac3db1a7adf6ffc2efb81141bf785db22af0b0535e130fb17d34eb10e Loading...

	attack.mitre.org/theme/scripts/search_bundle.js	410 kB	2023-10-31	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/search_bundle.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 19:39:51 Last Seen2024-05-19 22:05:45 Times Seen114 Hash ec8aa8edf0cc379b236bed71b9842ef8 99b3a06647ef450964a209aff90568cea7c68b67 6a19f14ed56f9c80fb48fdb384e11a93aa8776d4392e0aab9a719f90f8263b72 Loading...

	attack.mitre.org/theme/scripts/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/jquery-3.5.1.min.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-19 22:13:18 Times Seen145659 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	attack.mitre.org/theme/scripts/bootstrap.bundle.min.js	81 kB	2023-05-04	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/bootstrap.bundle.min.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 20:33:40 Last Seen2024-05-19 22:05:45 Times Seen376 Hash 964f6fdf7b2080375cdd6c6392aa62ef ef7d2ef43eb11fa0b6ca3f917afa3cfb1e164c85 124bbd8d249b86351701081fde6f3584811ecaeaa6a179154ea170d6ad48eff8 Loading...

	attack.mitre.org/theme/scripts/resizer.js	1.1 kB	2023-10-31	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/resizer.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 19:39:51 Last Seen2024-05-19 22:05:45 Times Seen94 Hash f10494c1b6cf88c889c6184a91797016 3f0377d2a8867b1cf138b68136cd313b04b6d828 a5581c8fd475cbef05bd3ea452986457c4b61de2fd0f6b6d8c3073305b7e4c4e Loading...

	attack.mitre.org/groups/G0046/	201 B	2023-05-04	2024-05-19
Pretty URL attack.mitre.org/groups/G0046/ IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-04 20:33:40 Last Seen2024-05-19 22:05:44 Times Seen183 Hash ddf5bfef3c2065a1ab1cdf2bb0e5da97 717ecd97599d0cd8dc49c8e2fa811e25f859092d d752772743bc13b5a5f09aa2581ffaff4f59b805e8d2405adb6a6713eb46081a Loading...

	www.googletagmanager.com/gtag/js?id=UA-62667723-1	197 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-62667723-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 20:47:05 Last Seen2024-05-08 20:47:06 Times Seen2 Hash 6baed26fbde9da3107fe76e37481d862 c4b200e2789c094cffe951683b7478f0a64153fe 4b2cc2cb6dba24f408a9671f727c358e7d5859974c5450fec8ad3c273e736b54 Loading...

	attack.mitre.org/theme/scripts/sidebar-load-all.js	2.3 kB	2024-01-27	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/sidebar-load-all.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-27 17:07:52 Last Seen2024-05-19 22:05:45 Times Seen28 Hash b570ad692461d0bd17b4f2881710b676 fc6476286b6944d55a6e123e50738216004c06e7 b479d046a4d9a248ba5b7b980b8afb8e2434033c6c00b6726c86abe111781581 Loading...

	attack.mitre.org/theme/scripts/tour/tour-relationships.js	2.1 kB	2023-10-31	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/tour/tour-relationships.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 19:39:51 Last Seen2024-05-19 22:05:45 Times Seen14 Hash 8e5f2778a3c7306a3f6045898a080517 7faafc8d042b1535023b10d703f6cb74e500f848 b17419f20c069b5e99f28dc478f35a0cdce70a4906de43e344d7380250448607 Loading...

	attack.mitre.org/groups/G0046/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL attack.mitre.org/groups/G0046/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 00:16:01 Times Seen350860 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 00:16:01 Times Seen350345 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	3.4 kB	2023-09-06	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 17:58:48 Last Seen2024-05-19 22:05:45 Times Seen180 Hash 80b3941b97e9ad0528fce0606e543864 a740301d14cc0ae1c89c2dcd36bac3404676edf8 9fc29c072e63b7ec02697b5a76e523719b7922b30715415071ea0bfda13377f8 Loading...

	attack.mitre.org/theme/scripts/popper.min.js	21 kB	2023-03-08	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/popper.min.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:34:02 Last Seen2024-05-19 22:05:45 Times Seen482 Hash 33150817803ad0bc16b719be221c8701 fa042c1587180e47a71fd6bd3b819d17b7c1d017 976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da Loading...

	attack.mitre.org/theme/scripts/bootstrap-select.min.js	54 kB	2023-03-07	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/bootstrap-select.min.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:57 Last Seen2024-05-19 22:05:45 Times Seen1121 Hash 3a7fa5da04cf747fa04aa1ec8d2c2794 f6ffcd620919065a9614ab16d7d7d255c508106e aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815 Loading...

	attack.mitre.org/theme/scripts/site.js?2785	970 B	2023-12-22	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/site.js?2785 IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 05:31:32 Last Seen2024-05-19 22:05:45 Times Seen48 Hash 16d9492a7c971bb213abafdc335fb671 e809da48d7fca0d39b6947dc233b84eee5c67826 caab156d665d81279e379525e46e84463f37467dad0b67d416f5136617e9cfbc Loading...

	attack.mitre.org/theme/scripts/bootstrap-tourist.js	82 kB	2023-05-04	2024-05-19
Pretty URL attack.mitre.org/theme/scripts/bootstrap-tourist.js IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 20:33:40 Last Seen2024-05-19 22:05:45 Times Seen340 Hash b00b82f8466c468e666a23269a9d6cc8 037ffb40447c32d2383f7441826a1f633142b9f4 dfdca3b05eab23d6bb097f95ac5a75f3094e3e213e8f6c152c31d526201f05f9 Loading...

	www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c	274 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 20:47:06 Last Seen2024-05-08 20:47:06 Times Seen2 Hash f781310aa95f363101d27a3f3d4a4394 faf774d88149df95fb1702d0fe38e293b6237a26 3ba763d4a024b4dae9aded5a672be82d1b3d928efffa282849b8c78227f63b65 Loading...

	attack.mitre.org/groups/G0046/	716 B	2024-05-08	2024-05-08
Pretty URL attack.mitre.org/groups/G0046/ IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 20:47:06 Last Seen2024-05-08 20:47:06 Times Seen1 Hash 7740e6cdd5df3c6475f9989ad3c50936 6321d7e829ff7c5c1df86592f15cc05b28345fe3 70647fbda23f0c1c297416c14411eee16e514d92b66242d843e34aa96508bc0e Loading...

HTTP Transactions (47)

URL IP Response Size

attack.mitre.org/groups/G0046/

185.199.110.153

200 OK

22 kB

URL User Request GET HTTP/2
attack.mitre.org/groups/G0046/
IP
185.199.110.153:443
ASN
#54113 FASTLY

Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3629)
Size
22 kB (22234 bytes)
Hash
6c15e2bedb6c1118e60bbcfa2749bcd5
a4fcfbb80f9ca89f3d1dea758001350c5db79cc4
caedcce97315e6652c4745c7c1d9e036ad1b581a0c1dc62eb16fd179fc5c85c5

HTTP Headers

GET /groups/G0046/ HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-31023"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DB82:208C77:25E27B:26E632:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193988.379300,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 13239067c98546136c496231b8a6c13f755fe14c
content-length: 22234
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/bootstrap-select.min.css

185.199.110.153

200 OK

2.3 kB

URL GET HTTP/2
attack.mitre.org/theme/style/bootstrap-select.min.css
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text, with very long lines (10943), with CRLF line terminators
Size
2.3 kB (2262 bytes)
Hash
486d7426635cb3698ca5bd4c50e5a7f7
aefc4756004cdae1903f6aaceb5ef20f76b277e4
c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3

HTTP Headers

GET /theme/style/bootstrap-select.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-2bb0"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C128:2CE55:3D85C5:3EFB81:663BC5AD
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.853730,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 67305cd4320c0902684b55a3cc6543200639f090
content-length: 2262
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/fontawesome-6.5.1/css/brands.min.css

185.199.110.153

200 OK

5.0 kB

URL GET HTTP/2
attack.mitre.org/theme/style/fontawesome-6.5.1/css/brands.min.css
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text, with very long lines (19088)
Size
5.0 kB (4959 bytes)
Hash
c34572fbb8256bceaa2d72c6bbf4a54b
61821918deb7a14d789b08b008c6bedce7819cea
321e5ebea077d3b3be03f5b0218ceab2259cf6e93035aa8644e7970a054fd687

HTTP Headers

GET /theme/style/fontawesome-6.5.1/css/brands.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-4b6b"
expires: Wed, 08 May 2024 18:43:21 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: DF54:2ED81F:3AD99B:3C4E4F:663BC5AE
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 130
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193989.855234,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 1e5baf30ce6280b8c2e1f74c72aeba8a70e76424
content-length: 4959
X-Firefox-Spdy: h2

attack.mitre.org/theme/style.min.css?9dc07e69

185.199.110.153

200 OK

10 kB

URL GET HTTP/2
attack.mitre.org/theme/style.min.css?9dc07e69
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text, with very long lines (857)
Size
10 kB (10191 bytes)
Hash
9dc07e69e0bfbc4056573e1345ddd181
89cf78ce0e78480a2d64dc4b7675cd4844a2e14e
f2a9c56628b02e8d18414f6ceeee4253813b64d711e79ed5c96591038d912cc8

HTTP Headers

GET /theme/style.min.css?9dc07e69 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-df18"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 390C:2884D3:3A86AB:3BFD8F:663BC5AC
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.856434,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 03cdcd8350b74c187920c5c722b592f768ff1480
content-length: 10191
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/site.js?2785

185.199.110.153

200 OK

445 B

URL GET HTTP/2
attack.mitre.org/theme/scripts/site.js?2785
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text
Size
445 B (445 bytes)
Hash
16d9492a7c971bb213abafdc335fb671
e809da48d7fca0d39b6947dc233b84eee5c67826
caab156d665d81279e379525e46e84463f37467dad0b67d416f5136617e9cfbc

HTTP Headers

GET /theme/scripts/site.js?2785 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-3ca"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C666:2C3A13:3B5EDE:3CD3C5:663BC5AE
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877542,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: ac149c8624a0c3e1fa31d5f5889f8d24af26be89
content-length: 445
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/resizer.js

185.199.110.153

200 OK

401 B

URL GET HTTP/2
attack.mitre.org/theme/scripts/resizer.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text
Size
401 B (401 bytes)
Hash
f10494c1b6cf88c889c6184a91797016
3f0377d2a8867b1cf138b68136cd313b04b6d828
a5581c8fd475cbef05bd3ea452986457c4b61de2fd0f6b6d8c3073305b7e4c4e

HTTP Headers

GET /theme/scripts/resizer.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-455"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6C1A:208C77:23D919:24CF75:663BC5AD
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 130
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193989.877920,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 7ce9e1ec727e7ef7e1e8b392008bb1c39aa50d82
content-length: 401
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/search_bundle.js

185.199.110.153

200 OK

108 kB

URL GET HTTP/2
attack.mitre.org/theme/scripts/search_bundle.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65502), with no line terminators
Size
108 kB (107850 bytes)
Hash
ec8aa8edf0cc379b236bed71b9842ef8
99b3a06647ef450964a209aff90568cea7c68b67
6a19f14ed56f9c80fb48fdb384e11a93aa8776d4392e0aab9a719f90f8263b72

HTTP Headers

GET /theme/scripts/search_bundle.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-63f9b"
expires: Wed, 08 May 2024 18:43:30 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 6C1C:2D639E:3B0B1E:3C800F:663BC5AD
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877513,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: a21dd07b96724ac75e1a2e2573921b344cc9936b
content-length: 107850
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/bootstrap-tourist.css

185.199.110.153

200 OK

671 B

URL GET HTTP/2
attack.mitre.org/theme/style/bootstrap-tourist.css
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text
Size
671 B (671 bytes)
Hash
6721d13d3961015102896e679284bcac
71eba6f04f5d8b1ccdd34982d65887b9ba1bdcca
50d579034cf5e54e53ad48172173f27b9eae3cd1c493c554526510386ac0200c

HTTP Headers

GET /theme/style/bootstrap-tourist.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-978"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1B24:3C6FA0:3A9AAD:3C1DBE:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.852862,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 815fe74a7fab5f9c6f0c67bc92ad5434c21288b0
content-length: 671
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/fontawesome-6.5.1/css/fontawesome.min.css

185.199.110.153

200 OK

18 kB

URL GET HTTP/2
attack.mitre.org/theme/style/fontawesome-6.5.1/css/fontawesome.min.css
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text, with very long lines (52276)
Size
18 kB (17654 bytes)
Hash
050a20fcaed9e77ff3c43b7aae625283
397e1e16117c1a4166e52f424e2ae4a2b5fcbe09
8eb5b44ce5971a501e5a17954c464b80aba0c4604675b5603a7f456459af88a1

HTTP Headers

GET /theme/style/fontawesome-6.5.1/css/fontawesome.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-13b9b"
expires: Wed, 08 May 2024 18:02:40 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 13F6:329995:366E3F:37B504:663BBBE7
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.854952,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: b199be498019e25a72da5d9a832b1102aef4785f
content-length: 17654
X-Firefox-Spdy: h2

attack.mitre.org/theme/images/external-site.svg

185.199.110.153

200 OK

1.0 kB

URL GET HTTP/2
attack.mitre.org/theme/images/external-site.svg
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1022 bytes)
Hash
ca1d4086ac72385da77bfddef57baca7
1f5893a8aaa43348d9ae0b1699f48f6964568d50
92232d88078e2a618a3a4a02443fa1df4649718289bb9cec2a3bbd5910b337a4

HTTP Headers

GET /theme/images/external-site.svg HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-7c6"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3332:3C6FA0:3A9AAD:3C1DC1:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.860178,VS0,VE120
vary: Accept-Encoding
x-fastly-request-id: 474873d262a6a0459ece26dd04373919e0e3bc17
content-length: 1022
X-Firefox-Spdy: h2

attack.mitre.org/theme/images/external-site-dark.jpeg

185.199.110.153

200 OK

15 kB

URL GET HTTP/2
attack.mitre.org/theme/images/external-site-dark.jpeg
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 90x90, segment length 16, progressive, precision 8, 512x512, components 3
Size
15 kB (14891 bytes)
Hash
4be87aa32da619e2deb03f384dcd0113
463448bc680ec7c41b0dae13b49b06f179fab6bc
42a7279fdff15eebdfcda93b2ceeedb3e4d379c68cbb711b84d41ed9b71252cf

HTTP Headers

GET /theme/images/external-site-dark.jpeg HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: "6633c613-3a2b"
expires: Wed, 08 May 2024 18:55:35 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: E1DE:2D639E:3D1B2F:3E9D87:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.860518,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 87d293463d37bcbe6e00f07d016d23af9cd52038
content-length: 14891
X-Firefox-Spdy: h2

attack.mitre.org/theme/images/mitre_attack_logo.png

185.199.110.153

200 OK

8.5 kB

URL GET HTTP/2
attack.mitre.org/theme/images/mitre_attack_logo.png
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
PNG image data, 1191 x 126, 8-bit colormap, non-interlaced
Size
8.5 kB (8461 bytes)
Hash
c11bfbd5df76c3768bcb8562303647f2
83dedfa61f10b1de0ec98ec1bc1e5cf6f1264d8d
3ae6a7bfab7524a73fda8afb924ee4ebcaede820e4aacbbadfa7a958a45bef93

HTTP Headers

GET /theme/images/mitre_attack_logo.png HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: "6633c613-210d"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: E1CC:38EC8F:3E864B:400A36:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.860089,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 86a42a51b58890b91edaec88c9b39329ff7e8419
content-length: 8461
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/bootstrap.min.css

185.199.110.153

200 OK

24 kB

URL GET HTTP/2
attack.mitre.org/theme/style/bootstrap.min.css
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text, with very long lines (65324)
Size
24 kB (23620 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /theme/style/bootstrap.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-2606e"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6426:28EC01:3CCAF1:3E4EBE:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.850287,VS0,VE145
vary: Accept-Encoding
x-fastly-request-id: be39ccb158e0e72788a29fbbf7b6565a35d0c30a
content-length: 23620
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/bootstrap-select.min.js

185.199.110.153

200 OK

16 kB

URL GET HTTP/2
attack.mitre.org/theme/scripts/bootstrap-select.min.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (53354)
Size
16 kB (16053 bytes)
Hash
3a7fa5da04cf747fa04aa1ec8d2c2794
f6ffcd620919065a9614ab16d7d7d255c508106e
aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815

HTTP Headers

GET /theme/scripts/bootstrap-select.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-d18c"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 79A2:208C77:25E2E3:26E68E:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877604,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: f45d0fdb4d0a411b3cb7378cdeb9a8bf4fcb49d8
content-length: 16053
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/sidebar-load-all.js

185.199.110.153

200 OK

817 B

URL GET HTTP/2
attack.mitre.org/theme/scripts/sidebar-load-all.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text
Size
817 B (817 bytes)
Hash
b570ad692461d0bd17b4f2881710b676
fc6476286b6944d55a6e123e50738216004c06e7
b479d046a4d9a248ba5b7b980b8afb8e2434033c6c00b6726c86abe111781581

HTTP Headers

GET /theme/scripts/sidebar-load-all.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-8f9"
expires: Wed, 08 May 2024 18:54:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 6DDC:32A7D1:3B08BC:3C8BB7:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.878961,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 6d515cbf64fed342a7f335791ba5876fb83c415e
content-length: 817
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/jquery-3.5.1.min.js

185.199.110.153

200 OK

31 kB

URL GET HTTP/2
attack.mitre.org/theme/scripts/jquery-3.5.1.min.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31147 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /theme/scripts/jquery-3.5.1.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-15d84"
expires: Wed, 08 May 2024 18:54:18 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3FCC:2BE5F2:3C0F51:3D9084:663BC802
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877763,VS0,VE128
vary: Accept-Encoding
x-fastly-request-id: e2a77e42fbb07ef760467a9356400b7572ba8383
content-length: 31147
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/fontawesome-6.5.1/css/solid.min.css

185.199.110.153

200 OK

326 B

URL GET HTTP/2
attack.mitre.org/theme/style/fontawesome-6.5.1/css/solid.min.css
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text, with very long lines (353)
Size
326 B (326 bytes)
Hash
4d63c1a82931dd3b2d8ba3135987b9c3
b79ead6a4a6548ec021c030e9b0e95c9ba0648e7
b8afa4243dd1bf735f512708da5335b0ed314d9e58a0a1cf1b781250cf5fb004

HTTP Headers

GET /theme/style/fontawesome-6.5.1/css/solid.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-23c"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 77A0:38EC8F:3E864A:400A35:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.855952,VS0,VE152
vary: Accept-Encoding
x-fastly-request-id: 8ee1355b17b5f2b7255e1fc02a3a10985ef619f7
content-length: 326
X-Firefox-Spdy: h2

attack.mitre.org/theme/images/mitrelogowhiteontrans.gif

185.199.110.153

200 OK

661 B

URL GET HTTP/2
attack.mitre.org/theme/images/mitrelogowhiteontrans.gif
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
GIF image data, version 89a, 189 x 86
Size
661 B (661 bytes)
Hash
d1fafd1b628d38206e63aa5d9ab0efbe
bea2645a2ff9e13c8b2506a51e6d88dead4c771c
55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503

HTTP Headers

GET /theme/images/mitrelogowhiteontrans.gif HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/gif
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: "6633c614-295"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6D98:312E23:3CDBCF:3E5DB4:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877904,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: 12a6e3e61e385a923dd9af0fe8bfbd2a993df57b
content-length: 661
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/bootstrap-tourist.js

185.199.110.153

200 OK

20 kB

URL GET HTTP/2
attack.mitre.org/theme/scripts/bootstrap-tourist.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (946)
Size
20 kB (19993 bytes)
Hash
b00b82f8466c468e666a23269a9d6cc8
037ffb40447c32d2383f7441826a1f633142b9f4
dfdca3b05eab23d6bb097f95ac5a75f3094e3e213e8f6c152c31d526201f05f9

HTTP Headers

GET /theme/scripts/bootstrap-tourist.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-13f1f"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 77A2:3A2145:3CA87C:3E2C09:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.878971,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: 071bd25ac98020ffd714ba75a00b05be4abefded
content-length: 19993
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-62667723-1

142.250.74.168

200 OK

72 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-62667723-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
72 kB (71494 bytes)
Hash
6baed26fbde9da3107fe76e37481d862
c4b200e2789c094cffe951683b7478f0a64153fe
4b2cc2cb6dba24f408a9671f727c358e7d5859974c5450fec8ad3c273e736b54

HTTP Headers

GET /gtag/js?id=UA-62667723-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 18:46:29 GMT
expires: Wed, 08 May 2024 18:46:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/settings.js?3281

185.199.110.153

200 OK

223 B

URL GET HTTP/2
attack.mitre.org/theme/scripts/settings.js?3281
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text
Size
223 B (223 bytes)
Hash
622c29c4711cae46811f7088841cd224
ca664b73d88abf8ed036f6a91cc04a7c7683e544
138b34fac3db1a7adf6ffc2efb81141bf785db22af0b0535e130fb17d34eb10e

HTTP Headers

GET /theme/scripts/settings.js?3281 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-12b"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: D704:3AE3E8:3F0138:408544:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877544,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: e3190110957cd6ec5f93481feb00eb693c691ef2
content-length: 223
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/settings.js

185.199.110.153

200 OK

223 B

URL GET HTTP/2
attack.mitre.org/theme/scripts/settings.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text
Size
223 B (223 bytes)
Hash
622c29c4711cae46811f7088841cd224
ca664b73d88abf8ed036f6a91cc04a7c7683e544
138b34fac3db1a7adf6ffc2efb81141bf785db22af0b0535e130fb17d34eb10e

HTTP Headers

GET /theme/scripts/settings.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-12b"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: D704:3AE3E8:3F0138:408544:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193989.878079,VS0,VE136
vary: Accept-Encoding
x-fastly-request-id: 8f879c82e818c7c530f841ee5c28bdd5f2f11ea8
content-length: 223
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/tour/tour-relationships.js

185.199.110.153

200 OK

775 B

URL GET HTTP/2
attack.mitre.org/theme/scripts/tour/tour-relationships.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text
Size
775 B (775 bytes)
Hash
8e5f2778a3c7306a3f6045898a080517
7faafc8d042b1535023b10d703f6cb74e500f848
b17419f20c069b5e99f28dc478f35a0cdce70a4906de43e344d7380250448607

HTTP Headers

GET /theme/scripts/tour/tour-relationships.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-84a"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 963A:312E23:3CDBCF:3E5DB2:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.882175,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: 8ea6afcb4208425f625cc81894e648d45a1fd3ff
content-length: 775
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/bootstrap.bundle.min.js

185.199.110.153

200 OK

23 kB

URL GET HTTP/2
attack.mitre.org/theme/scripts/bootstrap.bundle.min.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65297)
Size
23 kB (22985 bytes)
Hash
964f6fdf7b2080375cdd6c6392aa62ef
ef7d2ef43eb11fa0b6ca3f917afa3cfb1e164c85
124bbd8d249b86351701081fde6f3584811ecaeaa6a179154ea170d6ad48eff8

HTTP Headers

GET /theme/scripts/bootstrap.bundle.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-13b3c"
expires: Wed, 08 May 2024 18:49:46 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: E294:2D7C88:3C6B59:3DEA33:663BC802
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877571,VS0,VE160
vary: Accept-Encoding
x-fastly-request-id: b56cb3c1a4922278e45739fa51af9b3b083cec2c
content-length: 22985
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/popper.min.js

185.199.110.153

200 OK

6.1 kB

URL GET HTTP/2
attack.mitre.org/theme/scripts/popper.min.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (3324)
Size
6.1 kB (6148 bytes)
Hash
33150817803ad0bc16b719be221c8701
fa042c1587180e47a71fd6bd3b819d17b7c1d017
976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da

HTTP Headers

GET /theme/scripts/popper.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-5050"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DB8C:3AE3E8:3F0138:408545:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877658,VS0,VE162
vary: Accept-Encoding
x-fastly-request-id: df4660dc2e26c7560e003cf6325dadfcd982fee1
content-length: 6148
X-Firefox-Spdy: h2

attack.mitre.org/theme/fonts/Roboto/Roboto-Regular.ttf

185.199.110.153

200 OK

91 kB

URL GET HTTP/2
attack.mitre.org/theme/fonts/Roboto/Roboto-Regular.ttf
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob
Size
91 kB (91002 bytes)
Hash
3e1af3ef546b9e6ecef9f3ba197bf7d2
dd1b1db13ff1f72138c134c62f38fef83749f36a
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

HTTP Headers

GET /theme/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-29e9c"
expires: Wed, 08 May 2024 18:54:19 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F6E6:28EC01:3C6848:3DE9AC:663BC7FF
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.225813,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: efe9b4e1320599f806fb4f814231c350a780c75e
content-length: 91002
X-Firefox-Spdy: h2

attack.mitre.org/theme/fonts/Roboto/Roboto-Light.ttf

185.199.110.153

200 OK

91 kB

URL GET HTTP/2
attack.mitre.org/theme/fonts/Roboto/Roboto-Light.ttf
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh
Size
91 kB (90875 bytes)
Hash
fc84e998bc29b297ea20321e4c90b6ed
73a2bb2d6e591a90ffb4ed118a3989fb17b54c7b
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6

HTTP Headers

GET /theme/fonts/Roboto/Roboto-Light.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-299b4"
expires: Wed, 08 May 2024 18:02:40 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9718:2BE5F2:347A5A:35C267:663BBBE7
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.222755,VS0,VE145
vary: Accept-Encoding
x-fastly-request-id: 6d2453ed26c776f1add0d0f019dfc63fd9d57016
content-length: 90875
X-Firefox-Spdy: h2

attack.mitre.org/theme/fonts/Roboto/Roboto-Thin.ttf

185.199.110.153

200 OK

89 kB

URL GET HTTP/2
attack.mitre.org/theme/fonts/Roboto/Roboto-Thin.ttf
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto ThinRegularVersion 2.137; 2017Roboto-ThinR
Size
89 kB (89365 bytes)
Hash
89e2666c24d37055bcb60e9d2d9f7e35
9514ad7aee341594f43a33893f0b3d8a6d81f32e
3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5

HTTP Headers

GET /theme/fonts/Roboto/Roboto-Thin.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-29f80"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F594:3AE3E8:3CE4BB:3E5B66:663BC5AE
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.480401,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: c544a87df4997e06baca80b8fa89dcedc22dc66f
content-length: 89365
X-Firefox-Spdy: h2

attack.mitre.org/search/mitigations.json

185.199.110.153

200 OK

116 kB

URL GET HTTP/2
attack.mitre.org/search/mitigations.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
116 kB (116406 bytes)
Hash
41a1125dd0259771cd772da15c019058
957a231f74d0c614745910a521714b89c2466092
07483a4e3e8493f4e11717dbf5aac278a2ba3ee85d81a583129c6c60f4606762

HTTP Headers

GET /search/mitigations.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-870c4"
expires: Wed, 08 May 2024 17:48:38 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 7BCA:2ED81F:32AD7D:33E4BB:663BB89D
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.486350,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 46655799191f331e7163724581676a590061ced1
content-length: 116406
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/settings.js

185.199.110.153

200 OK

223 B

URL GET HTTP/2
attack.mitre.org/theme/scripts/settings.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
ASCII text
Size
223 B (223 bytes)
Hash
622c29c4711cae46811f7088841cd224
ca664b73d88abf8ed036f6a91cc04a7c7683e544
138b34fac3db1a7adf6ffc2efb81141bf785db22af0b0535e130fb17d34eb10e

HTTP Headers

GET /theme/scripts/settings.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-12b"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: D704:3AE3E8:3F0138:408544:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 2
x-timer: S1715193990.506050,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: dc2184459871bcf2fc2c9e55f967ee63d0efc00f
content-length: 223
X-Firefox-Spdy: h2

attack.mitre.org/search/assets.json

185.199.110.153

200 OK

8.6 kB

URL GET HTTP/2
attack.mitre.org/search/assets.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
8.6 kB (8600 bytes)
Hash
39e50b29d5573fb530f7b885d0849a8d
06943a6af0d17e1d04acbc4d0ec3eea090819824
04e546610a69fa9a6527170cc80c37114b4fd6097266e1c453242f14acd1c0e6

HTTP Headers

GET /search/assets.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-b546"
expires: Wed, 08 May 2024 18:54:19 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C0D4:28365F:3C7CE7:3DFC41:663BC7FF
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.482500,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 779702dd30763b12813a7a0a206582f46ff6658f
content-length: 8600
X-Firefox-Spdy: h2

attack.mitre.org/search/matrices.json

185.199.110.153

200 OK

19 kB

URL GET HTTP/2
attack.mitre.org/search/matrices.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
19 kB (18841 bytes)
Hash
b500e8cc2e34ec859aa16d17c9a45cd0
e89a7a3733f3e80d6e8301a4815c2dab2ff4fc4e
5893348effd6b31a237b6f8aa55ec755a5921f8f1a79089e17dac60d489e92d2

HTTP Headers

GET /search/matrices.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-2c532"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6DAA:2ED81F:3CE295:3E64B0:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.484808,VS0,VE136
vary: Accept-Encoding
x-fastly-request-id: 5719d874b48d7cb3a328f089ce4023c6cac95ff8
content-length: 18841
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
95 kB (94638 bytes)
Hash
f781310aa95f363101d27a3f3d4a4394
faf774d88149df95fb1702d0fe38e293b6237a26
3ba763d4a024b4dae9aded5a672be82d1b3d928efffa282849b8c78227f63b65

HTTP Headers

GET /gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 18:46:29 GMT
expires: Wed, 08 May 2024 18:46:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

attack.mitre.org/search/tactics.json

185.199.110.153

200 OK

136 kB

URL GET HTTP/2
attack.mitre.org/search/tactics.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
136 kB (136388 bytes)
Hash
9f63d517e6908eaf3f132bccba2bfe64
4b9ab981ed8be4c46984cc52f810a4942be18823
a041cca02c44fec0655fc89cb4ac588ceec0c69ee8202318f94016b61e59be9e

HTTP Headers

GET /search/tactics.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-799d1"
expires: Wed, 08 May 2024 18:54:19 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F064:28365F:3C7CE7:3DFC42:663BC803
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193990.506164,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 9415f321202ac40173215827b09ee96e7d81680b
content-length: 136388
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-brands-400.woff2

185.199.110.153

200 OK

117 kB

URL GET HTTP/2
attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-brands-400.woff2
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 117372, version 773.768
Size
117 kB (117372 bytes)
Hash
b6356c957274676e6571c1ff5e11c9a8
4022f95e001d734ca8f082b8e7627abd205609ec
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

HTTP Headers

GET /theme/style/fontawesome-6.5.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style/fontawesome-6.5.1/css/brands.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: "6633c611-1ca7c"
expires: Wed, 08 May 2024 18:55:59 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 4AF0:3AE3E8:3F01AE:4085BE:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.480973,VS0,VE153
vary: Accept-Encoding
x-fastly-request-id: 226df7e76d57431b1969f55df1b18da602b85f77
content-length: 117372
X-Firefox-Spdy: h2

attack.mitre.org/search/software.json

185.199.110.153

200 OK

662 kB

URL GET HTTP/2
attack.mitre.org/search/software.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
662 kB (662360 bytes)
Hash
2e148a05087dc779e73f9723803bd1d4
d74bcb083431ca6360a9e48b5c73a735d14aea36
252a6cc3a90ee42f3141f06212e53752569bd3784ca8844e83b5bb574af621b5

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects strings found in Runspace Post Exploitation Toolkit

HTTP Headers

GET /search/software.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-253e0d"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3332:3C6FA0:3A9B0F:3C1E1B:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.487066,VS0,VE171
vary: Accept-Encoding
x-fastly-request-id: f278690f5ac25609b704a1e556c10afad4159b76
content-length: 662360
X-Firefox-Spdy: h2

attack.mitre.org/groups/sidebar-groups

185.199.110.153

301 Moved Permanently

162 B

URL GET HTTP/2
attack.mitre.org/groups/sidebar-groups
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /groups/sidebar-groups HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: GitHub.com
content-type: text/html
location: https://attack.mitre.org/groups/sidebar-groups/
access-control-allow-origin: *
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: DB96:6DC18:3B497A:3CCCCA:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193990.506098,VS0,VE165
vary: Accept-Encoding
x-fastly-request-id: af2eececcd8cbdb0dae059f33a9a0368adb2fc33
content-length: 162
X-Firefox-Spdy: h2

attack.mitre.org/search/campaigns.json

185.199.110.153

200 OK

52 kB

URL GET HTTP/2
attack.mitre.org/search/campaigns.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
52 kB (51954 bytes)
Hash
392f13c88538ea239615262f0c3d6b3b
b4dcf02752909fd5083f32fa9b65237b42c9bf7d
78588fdff2aaefb7ee473e77b71f1b13c8c033693e2d41305db55b9d73531c5b

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects strings found in Runspace Post Exploitation Toolkit
Public Nextron YARA rules	malware	Detects a set of reconnaissance commands on Windows systems

HTTP Headers

GET /search/campaigns.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-2ffef"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 36BE:2CE55:3F8AF4:410E15:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.481719,VS0,VE190
vary: Accept-Encoding
x-fastly-request-id: 328614dfcc28a86c561cbde6061bda31f327ebff
content-length: 51954
X-Firefox-Spdy: h2

attack.mitre.org/search/misc.json

185.199.110.153

200 OK

168 kB

URL GET HTTP/2
attack.mitre.org/search/misc.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
168 kB (167911 bytes)
Hash
d55fcaaaa0924aedff69b1bb2abdb71a
12ca58200b6969cafd9f227f0be4da89d66f7e3a
89a0bc360501cda96cf49e4754cf1c6ee06546e9665691f1b98e731236f7d23d

HTTP Headers

GET /search/misc.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-9ade9"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DF46:208C77:25E346:26E6F1:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.485518,VS0,VE202
vary: Accept-Encoding
x-fastly-request-id: be8222efdffc6eab8944aeb1dcaca4cc115f0feb
content-length: 167911
X-Firefox-Spdy: h2

attack.mitre.org/search/groups.json

185.199.110.153

200 OK

325 kB

URL GET HTTP/2
attack.mitre.org/search/groups.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
325 kB (325133 bytes)
Hash
52e43e0418ca5221bc7b7761a5acc194
304452467c1ace7bf2dc2f51e9500b6a6e788efc
896f1b5e4122fa6f561deb847d649258ab776f99e843f21b6f84549eb16d04ce

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects strings found in Runspace Post Exploitation Toolkit
Public InfoSec YARA rules	malware	Identifies KPortScan, port scanner.

HTTP Headers

GET /search/groups.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-163017"
expires: Wed, 08 May 2024 18:55:07 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 1B58:2C3A13:3D6B08:3EED51:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.484095,VS0,VE181
vary: Accept-Encoding
x-fastly-request-id: 3a8f2274bf4b7b392292d12ff849853d39aebf20
content-length: 325133
X-Firefox-Spdy: h2

attack.mitre.org/search/datasources.json

185.199.110.153

200 OK

202 kB

URL GET HTTP/2
attack.mitre.org/search/datasources.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
202 kB (201808 bytes)
Hash
f0da9d2f8da91d9627877a0f774268bb
365b803ebc9e91dc544ead9cef1919130eef2a0e
7f3307d03c25bb78843015f86b9a4d6ff9540f3cfe420466979db7bde343ef6e

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects strings found in Runspace Post Exploitation Toolkit

HTTP Headers

GET /search/datasources.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-e2e6a"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3340:2884D3:3C8F72:3E13AA:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.483404,VS0,VE259
vary: Accept-Encoding
x-fastly-request-id: 53b03031bec72864dc7d4fd26a5a22e13f492e52
content-length: 201808
X-Firefox-Spdy: h2

attack.mitre.org/groups/sidebar-groups/

185.199.110.153

200 OK

2.9 kB

URL GET HTTP/2
attack.mitre.org/groups/sidebar-groups/
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
HTML document, ASCII text
Size
2.9 kB (2899 bytes)
Hash
55b2e776fe88d6f13dfe7890d0e19a75
5888569f693b63ec93b33940305c5b5ea480ac6a
78c902ee1475562f27973b42854ec6d77019e78e6a14020ef9796587cdfcf971

HTTP Headers

GET /groups/sidebar-groups/ HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Referer: https://attack.mitre.org/groups/G0046/
DNT: 1
Connection: keep-alive
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:54 GMT
access-control-allow-origin: *
etag: W/"6633c612-6207"
expires: Wed, 08 May 2024 18:56:30 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B13A:2CE55:3F8B97:410EBE:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:30 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193991.609627,VS0,VE152
vary: Accept-Encoding
x-fastly-request-id: 7421244a4d96f96fd82f4381c00dd5a714e24fb5
content-length: 2899
X-Firefox-Spdy: h2

attack.mitre.org/search/techniques.json

185.199.110.153

200 OK

2.1 MB

URL GET HTTP/2
attack.mitre.org/search/techniques.json
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JSON text data
Size
2.1 MB (2142479 bytes)
Hash
ec9a221563e589967136fb9c3e1b1f5a
9deed659b3986d2b7ee297833f3fbf4b727a7d04
a15000208e9ce320ec2d37a845d1d67c9cfba5b557b742005fd7cf15fb021ce6

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures)
Public Nextron YARA rules	malware	Detects strings found in Runspace Post Exploitation Toolkit
Public InfoSec YARA rules	malware	Identifies KPortScan, port scanner.
Public InfoSec YARA rules	malware	Identifies RDP Wrapper, sometimes used by attackers to maintain persistence.

HTTP Headers

GET /search/techniques.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-6ce047"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 776E:30D9D9:3E23B2:3FA7C5:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193990.506162,VS0,VE303
vary: Accept-Encoding
x-fastly-request-id: e9aa3c1492f39f0349fc58f061a2192d324273b4
content-length: 2142479
X-Firefox-Spdy: h2

attack.mitre.org/theme/scripts/navigation.js

185.199.110.153

200 OK

1.1 kB

URL GET HTTP/2
attack.mitre.org/theme/scripts/navigation.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
JavaScript source, ASCII text
Size
1.1 kB (1118 bytes)
Hash
80b3941b97e9ad0528fce0606e543864
a740301d14cc0ae1c89c2dcd36bac3404676edf8
9fc29c072e63b7ec02697b5a76e523719b7922b30715415071ea0bfda13377f8

HTTP Headers

GET /theme/scripts/navigation.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-d58"
expires: Wed, 08 May 2024 18:53:34 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 3FBC:3C6FA0:3A3A78:3BBB24:663BC803
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:31 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193991.206686,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: f130b1a63097a13807edfdfbf4f0a9b78b3413e6
content-length: 1118
X-Firefox-Spdy: h2

attack.mitre.org/theme/favicon.ico

185.199.110.153

200 OK

1.1 kB

URL GET HTTP/2
attack.mitre.org/theme/favicon.ico
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
1.1 kB (1070 bytes)
Hash
0f5637e9265409a2ec33297c558ad2df
8ffd0e662863a047a76e23d4d67b21aecde69bff
954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23

HTTP Headers

GET /theme/favicon.ico HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/vnd.microsoft.icon
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-1976"
expires: Wed, 08 May 2024 17:26:08 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: CF30:32A7D1:2E0028:2F1F57:663BB358
accept-ranges: bytes
age: 133
date: Wed, 08 May 2024 18:46:32 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193993.661028,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: bf9f668e695f556df90b788b013b1ca8cad20d2f
content-length: 1070
X-Firefox-Spdy: h2

attack.mitre.org/theme/fonts/Roboto/Roboto-Bold.ttf

185.199.110.153

200 OK

92 kB

URL GET HTTP/2
attack.mitre.org/theme/fonts/Roboto/Roboto-Bold.ttf
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

Hash
ee7b96fa85d8fdb8c126409326ac2d2b
0ce37ced9c5fcac9bdc452a432c1258870ba4677
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

HTTP Headers

GET /theme/fonts/Roboto/Roboto-Bold.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-29b08"
expires: Wed, 08 May 2024 18:44:24 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C66E:3C6FA0:38B13D:3A26EF:663BC5B0
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:32 GMT
via: 1.1 varnish
age: 133
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193993.825778,VS0,VE3
vary: Accept-Encoding
x-fastly-request-id: 222d42fb0034b721c4a0b70914021b73d49d6dc1
content-length: 91581
X-Firefox-Spdy: h2

attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-solid-900.woff2

185.199.110.153

200 OK

156 kB

URL GET HTTP/2
attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-solid-900.woff2
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://attack.mitre.org/groups/G0046/
Certificate
IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 156496, version 773.768
Size
156 kB (156496 bytes)
Hash
6c4eee562650e53cee32496bdfbe534b
1aae708e3b94ee981b452a918d28ed037fbb5e18
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

HTTP Headers

GET /theme/style/fontawesome-6.5.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style/fontawesome-6.5.1/css/solid.min.css
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: "6633c613-26350"
expires: Wed, 08 May 2024 18:56:00 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 3340:2884D3:3C9201:3E164B:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:32 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193993.828928,VS0,VE151
vary: Accept-Encoding
x-fastly-request-id: 4d1966be33fab892799f5e911bf4a149fbe366fd
content-length: 156496
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML