attack.mitre.org/groups/G0046/
185.199.110.153200 OK 22 kB URL User Request GET HTTP/2 attack.mitre.org/groups/G0046/
IP 185.199.110.153:443
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (3629)
Hash 6c15e2bedb6c1118e60bbcfa2749bcd5
a4fcfbb80f9ca89f3d1dea758001350c5db79cc4
caedcce97315e6652c4745c7c1d9e036ad1b581a0c1dc62eb16fd179fc5c85c5
GET /groups/G0046/ HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-31023"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DB82:208C77:25E27B:26E632:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193988.379300,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 13239067c98546136c496231b8a6c13f755fe14c
content-length: 22234
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/bootstrap-select.min.css
185.199.110.153200 OK 2.3 kB URL GET HTTP/2 attack.mitre.org/theme/style/bootstrap-select.min.css
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type ASCII text, with very long lines (10943), with CRLF line terminators
Hash 486d7426635cb3698ca5bd4c50e5a7f7
aefc4756004cdae1903f6aaceb5ef20f76b277e4
c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3
GET /theme/style/bootstrap-select.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-2bb0"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C128:2CE55:3D85C5:3EFB81:663BC5AD
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.853730,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 67305cd4320c0902684b55a3cc6543200639f090
content-length: 2262
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/fontawesome-6.5.1/css/brands.min.css
185.199.110.153200 OK 5.0 kB URL GET HTTP/2 attack.mitre.org/theme/style/fontawesome-6.5.1/css/brands.min.css
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type ASCII text, with very long lines (19088)
Hash c34572fbb8256bceaa2d72c6bbf4a54b
61821918deb7a14d789b08b008c6bedce7819cea
321e5ebea077d3b3be03f5b0218ceab2259cf6e93035aa8644e7970a054fd687
GET /theme/style/fontawesome-6.5.1/css/brands.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-4b6b"
expires: Wed, 08 May 2024 18:43:21 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: DF54:2ED81F:3AD99B:3C4E4F:663BC5AE
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 130
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193989.855234,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 1e5baf30ce6280b8c2e1f74c72aeba8a70e76424
content-length: 4959
X-Firefox-Spdy: h2
attack.mitre.org/theme/style.min.css?9dc07e69
185.199.110.153200 OK 10 kB URL GET HTTP/2 attack.mitre.org/theme/style.min.css?9dc07e69
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type ASCII text, with very long lines (857)
Hash 9dc07e69e0bfbc4056573e1345ddd181
89cf78ce0e78480a2d64dc4b7675cd4844a2e14e
f2a9c56628b02e8d18414f6ceeee4253813b64d711e79ed5c96591038d912cc8
GET /theme/style.min.css?9dc07e69 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-df18"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 390C:2884D3:3A86AB:3BFD8F:663BC5AC
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.856434,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 03cdcd8350b74c187920c5c722b592f768ff1480
content-length: 10191
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/site.js?2785
185.199.110.153200 OK 445 B URL GET HTTP/2 attack.mitre.org/theme/scripts/site.js?2785
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text
Hash 16d9492a7c971bb213abafdc335fb671
e809da48d7fca0d39b6947dc233b84eee5c67826
caab156d665d81279e379525e46e84463f37467dad0b67d416f5136617e9cfbc
GET /theme/scripts/site.js?2785 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-3ca"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C666:2C3A13:3B5EDE:3CD3C5:663BC5AE
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877542,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: ac149c8624a0c3e1fa31d5f5889f8d24af26be89
content-length: 445
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/resizer.js
185.199.110.153200 OK 401 B URL GET HTTP/2 attack.mitre.org/theme/scripts/resizer.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash f10494c1b6cf88c889c6184a91797016
3f0377d2a8867b1cf138b68136cd313b04b6d828
a5581c8fd475cbef05bd3ea452986457c4b61de2fd0f6b6d8c3073305b7e4c4e
GET /theme/scripts/resizer.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-455"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6C1A:208C77:23D919:24CF75:663BC5AD
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 130
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193989.877920,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 7ce9e1ec727e7ef7e1e8b392008bb1c39aa50d82
content-length: 401
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/search_bundle.js
185.199.110.153200 OK 108 kB URL GET HTTP/2 attack.mitre.org/theme/scripts/search_bundle.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65502), with no line terminators
Size 108 kB (107850 bytes)
Hash ec8aa8edf0cc379b236bed71b9842ef8
99b3a06647ef450964a209aff90568cea7c68b67
6a19f14ed56f9c80fb48fdb384e11a93aa8776d4392e0aab9a719f90f8263b72
GET /theme/scripts/search_bundle.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-63f9b"
expires: Wed, 08 May 2024 18:43:30 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 6C1C:2D639E:3B0B1E:3C800F:663BC5AD
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877513,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: a21dd07b96724ac75e1a2e2573921b344cc9936b
content-length: 107850
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/bootstrap-tourist.css
185.199.110.153200 OK 671 B URL GET HTTP/2 attack.mitre.org/theme/style/bootstrap-tourist.css
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash 6721d13d3961015102896e679284bcac
71eba6f04f5d8b1ccdd34982d65887b9ba1bdcca
50d579034cf5e54e53ad48172173f27b9eae3cd1c493c554526510386ac0200c
GET /theme/style/bootstrap-tourist.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-978"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1B24:3C6FA0:3A9AAD:3C1DBE:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.852862,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 815fe74a7fab5f9c6f0c67bc92ad5434c21288b0
content-length: 671
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/fontawesome-6.5.1/css/fontawesome.min.css
185.199.110.153200 OK 18 kB URL GET HTTP/2 attack.mitre.org/theme/style/fontawesome-6.5.1/css/fontawesome.min.css
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type ASCII text, with very long lines (52276)
Hash 050a20fcaed9e77ff3c43b7aae625283
397e1e16117c1a4166e52f424e2ae4a2b5fcbe09
8eb5b44ce5971a501e5a17954c464b80aba0c4604675b5603a7f456459af88a1
GET /theme/style/fontawesome-6.5.1/css/fontawesome.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-13b9b"
expires: Wed, 08 May 2024 18:02:40 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 13F6:329995:366E3F:37B504:663BBBE7
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.854952,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: b199be498019e25a72da5d9a832b1102aef4785f
content-length: 17654
X-Firefox-Spdy: h2
attack.mitre.org/theme/images/external-site.svg
185.199.110.153200 OK 1.0 kB URL GET HTTP/2 attack.mitre.org/theme/images/external-site.svg
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type SVG Scalable Vector Graphics image
Hash ca1d4086ac72385da77bfddef57baca7
1f5893a8aaa43348d9ae0b1699f48f6964568d50
92232d88078e2a618a3a4a02443fa1df4649718289bb9cec2a3bbd5910b337a4
GET /theme/images/external-site.svg HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-7c6"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3332:3C6FA0:3A9AAD:3C1DC1:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.860178,VS0,VE120
vary: Accept-Encoding
x-fastly-request-id: 474873d262a6a0459ece26dd04373919e0e3bc17
content-length: 1022
X-Firefox-Spdy: h2
attack.mitre.org/theme/images/external-site-dark.jpeg
185.199.110.153200 OK 15 kB URL GET HTTP/2 attack.mitre.org/theme/images/external-site-dark.jpeg
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 90x90, segment length 16, progressive, precision 8, 512x512, components 3
Hash 4be87aa32da619e2deb03f384dcd0113
463448bc680ec7c41b0dae13b49b06f179fab6bc
42a7279fdff15eebdfcda93b2ceeedb3e4d379c68cbb711b84d41ed9b71252cf
GET /theme/images/external-site-dark.jpeg HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: "6633c613-3a2b"
expires: Wed, 08 May 2024 18:55:35 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: E1DE:2D639E:3D1B2F:3E9D87:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.860518,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 87d293463d37bcbe6e00f07d016d23af9cd52038
content-length: 14891
X-Firefox-Spdy: h2
attack.mitre.org/theme/images/mitre_attack_logo.png
185.199.110.153200 OK 8.5 kB URL GET HTTP/2 attack.mitre.org/theme/images/mitre_attack_logo.png
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type PNG image data, 1191 x 126, 8-bit colormap, non-interlaced
Hash c11bfbd5df76c3768bcb8562303647f2
83dedfa61f10b1de0ec98ec1bc1e5cf6f1264d8d
3ae6a7bfab7524a73fda8afb924ee4ebcaede820e4aacbbadfa7a958a45bef93
GET /theme/images/mitre_attack_logo.png HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: "6633c613-210d"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: E1CC:38EC8F:3E864B:400A36:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.860089,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 86a42a51b58890b91edaec88c9b39329ff7e8419
content-length: 8461
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/bootstrap.min.css
185.199.110.153200 OK 24 kB URL GET HTTP/2 attack.mitre.org/theme/style/bootstrap.min.css
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type ASCII text, with very long lines (65324)
Hash a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
GET /theme/style/bootstrap.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-2606e"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6426:28EC01:3CCAF1:3E4EBE:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.850287,VS0,VE145
vary: Accept-Encoding
x-fastly-request-id: be39ccb158e0e72788a29fbbf7b6565a35d0c30a
content-length: 23620
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/bootstrap-select.min.js
185.199.110.153200 OK 16 kB URL GET HTTP/2 attack.mitre.org/theme/scripts/bootstrap-select.min.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text, with very long lines (53354)
Hash 3a7fa5da04cf747fa04aa1ec8d2c2794
f6ffcd620919065a9614ab16d7d7d255c508106e
aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815
GET /theme/scripts/bootstrap-select.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-d18c"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 79A2:208C77:25E2E3:26E68E:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877604,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: f45d0fdb4d0a411b3cb7378cdeb9a8bf4fcb49d8
content-length: 16053
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/sidebar-load-all.js
185.199.110.153200 OK 817 B URL GET HTTP/2 attack.mitre.org/theme/scripts/sidebar-load-all.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text
Hash b570ad692461d0bd17b4f2881710b676
fc6476286b6944d55a6e123e50738216004c06e7
b479d046a4d9a248ba5b7b980b8afb8e2434033c6c00b6726c86abe111781581
GET /theme/scripts/sidebar-load-all.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-8f9"
expires: Wed, 08 May 2024 18:54:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 6DDC:32A7D1:3B08BC:3C8BB7:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.878961,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 6d515cbf64fed342a7f335791ba5876fb83c415e
content-length: 817
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/jquery-3.5.1.min.js
185.199.110.153200 OK 31 kB URL GET HTTP/2 attack.mitre.org/theme/scripts/jquery-3.5.1.min.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /theme/scripts/jquery-3.5.1.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-15d84"
expires: Wed, 08 May 2024 18:54:18 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3FCC:2BE5F2:3C0F51:3D9084:663BC802
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877763,VS0,VE128
vary: Accept-Encoding
x-fastly-request-id: e2a77e42fbb07ef760467a9356400b7572ba8383
content-length: 31147
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/fontawesome-6.5.1/css/solid.min.css
185.199.110.153200 OK 326 B URL GET HTTP/2 attack.mitre.org/theme/style/fontawesome-6.5.1/css/solid.min.css
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type ASCII text, with very long lines (353)
Hash 4d63c1a82931dd3b2d8ba3135987b9c3
b79ead6a4a6548ec021c030e9b0e95c9ba0648e7
b8afa4243dd1bf735f512708da5335b0ed314d9e58a0a1cf1b781250cf5fb004
GET /theme/style/fontawesome-6.5.1/css/solid.min.css HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-23c"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 77A0:38EC8F:3E864A:400A35:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.855952,VS0,VE152
vary: Accept-Encoding
x-fastly-request-id: 8ee1355b17b5f2b7255e1fc02a3a10985ef619f7
content-length: 326
X-Firefox-Spdy: h2
attack.mitre.org/theme/images/mitrelogowhiteontrans.gif
185.199.110.153200 OK 661 B URL GET HTTP/2 attack.mitre.org/theme/images/mitrelogowhiteontrans.gif
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type GIF image data, version 89a, 189 x 86
Hash d1fafd1b628d38206e63aa5d9ab0efbe
bea2645a2ff9e13c8b2506a51e6d88dead4c771c
55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503
GET /theme/images/mitrelogowhiteontrans.gif HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/gif
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: "6633c614-295"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6D98:312E23:3CDBCF:3E5DB4:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877904,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: 12a6e3e61e385a923dd9af0fe8bfbd2a993df57b
content-length: 661
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/bootstrap-tourist.js
185.199.110.153200 OK 20 kB URL GET HTTP/2 attack.mitre.org/theme/scripts/bootstrap-tourist.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text, with very long lines (946)
Hash b00b82f8466c468e666a23269a9d6cc8
037ffb40447c32d2383f7441826a1f633142b9f4
dfdca3b05eab23d6bb097f95ac5a75f3094e3e213e8f6c152c31d526201f05f9
GET /theme/scripts/bootstrap-tourist.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-13f1f"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 77A2:3A2145:3CA87C:3E2C09:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.878971,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: 071bd25ac98020ffd714ba75a00b05be4abefded
content-length: 19993
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-62667723-1
142.250.74.168200 OK 72 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-62667723-1
IP 142.250.74.168:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (1822)
Hash 6baed26fbde9da3107fe76e37481d862
c4b200e2789c094cffe951683b7478f0a64153fe
4b2cc2cb6dba24f408a9671f727c358e7d5859974c5450fec8ad3c273e736b54
GET /gtag/js?id=UA-62667723-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 18:46:29 GMT
expires: Wed, 08 May 2024 18:46:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/settings.js?3281
185.199.110.153200 OK 223 B URL GET HTTP/2 attack.mitre.org/theme/scripts/settings.js?3281
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash 622c29c4711cae46811f7088841cd224
ca664b73d88abf8ed036f6a91cc04a7c7683e544
138b34fac3db1a7adf6ffc2efb81141bf785db22af0b0535e130fb17d34eb10e
GET /theme/scripts/settings.js?3281 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-12b"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: D704:3AE3E8:3F0138:408544:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877544,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: e3190110957cd6ec5f93481feb00eb693c691ef2
content-length: 223
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/settings.js
185.199.110.153200 OK 223 B URL GET HTTP/2 attack.mitre.org/theme/scripts/settings.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash 622c29c4711cae46811f7088841cd224
ca664b73d88abf8ed036f6a91cc04a7c7683e544
138b34fac3db1a7adf6ffc2efb81141bf785db22af0b0535e130fb17d34eb10e
GET /theme/scripts/settings.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-12b"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: D704:3AE3E8:3F0138:408544:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193989.878079,VS0,VE136
vary: Accept-Encoding
x-fastly-request-id: 8f879c82e818c7c530f841ee5c28bdd5f2f11ea8
content-length: 223
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/tour/tour-relationships.js
185.199.110.153200 OK 775 B URL GET HTTP/2 attack.mitre.org/theme/scripts/tour/tour-relationships.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash 8e5f2778a3c7306a3f6045898a080517
7faafc8d042b1535023b10d703f6cb74e500f848
b17419f20c069b5e99f28dc478f35a0cdce70a4906de43e344d7380250448607
GET /theme/scripts/tour/tour-relationships.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-84a"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 963A:312E23:3CDBCF:3E5DB2:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.882175,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: 8ea6afcb4208425f625cc81894e648d45a1fd3ff
content-length: 775
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/bootstrap.bundle.min.js
185.199.110.153200 OK 23 kB URL GET HTTP/2 attack.mitre.org/theme/scripts/bootstrap.bundle.min.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text, with very long lines (65297)
Hash 964f6fdf7b2080375cdd6c6392aa62ef
ef7d2ef43eb11fa0b6ca3f917afa3cfb1e164c85
124bbd8d249b86351701081fde6f3584811ecaeaa6a179154ea170d6ad48eff8
GET /theme/scripts/bootstrap.bundle.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-13b3c"
expires: Wed, 08 May 2024 18:49:46 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: E294:2D7C88:3C6B59:3DEA33:663BC802
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.877571,VS0,VE160
vary: Accept-Encoding
x-fastly-request-id: b56cb3c1a4922278e45739fa51af9b3b083cec2c
content-length: 22985
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/popper.min.js
185.199.110.153200 OK 6.1 kB URL GET HTTP/2 attack.mitre.org/theme/scripts/popper.min.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text, with very long lines (3324)
Hash 33150817803ad0bc16b719be221c8701
fa042c1587180e47a71fd6bd3b819d17b7c1d017
976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da
GET /theme/scripts/popper.min.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-5050"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DB8C:3AE3E8:3F0138:408545:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.877658,VS0,VE162
vary: Accept-Encoding
x-fastly-request-id: df4660dc2e26c7560e003cf6325dadfcd982fee1
content-length: 6148
X-Firefox-Spdy: h2
attack.mitre.org/theme/fonts/Roboto/Roboto-Regular.ttf
185.199.110.153200 OK 91 kB URL GET HTTP/2 attack.mitre.org/theme/fonts/Roboto/Roboto-Regular.ttf
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob
Hash 3e1af3ef546b9e6ecef9f3ba197bf7d2
dd1b1db13ff1f72138c134c62f38fef83749f36a
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
GET /theme/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-29e9c"
expires: Wed, 08 May 2024 18:54:19 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F6E6:28EC01:3C6848:3DE9AC:663BC7FF
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.225813,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: efe9b4e1320599f806fb4f814231c350a780c75e
content-length: 91002
X-Firefox-Spdy: h2
attack.mitre.org/theme/fonts/Roboto/Roboto-Light.ttf
185.199.110.153200 OK 91 kB URL GET HTTP/2 attack.mitre.org/theme/fonts/Roboto/Roboto-Light.ttf
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh
Hash fc84e998bc29b297ea20321e4c90b6ed
73a2bb2d6e591a90ffb4ed118a3989fb17b54c7b
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6
GET /theme/fonts/Roboto/Roboto-Light.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-299b4"
expires: Wed, 08 May 2024 18:02:40 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9718:2BE5F2:347A5A:35C267:663BBBE7
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.222755,VS0,VE145
vary: Accept-Encoding
x-fastly-request-id: 6d2453ed26c776f1add0d0f019dfc63fd9d57016
content-length: 90875
X-Firefox-Spdy: h2
attack.mitre.org/theme/fonts/Roboto/Roboto-Thin.ttf
185.199.110.153200 OK 89 kB URL GET HTTP/2 attack.mitre.org/theme/fonts/Roboto/Roboto-Thin.ttf
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto ThinRegularVersion 2.137; 2017Roboto-ThinR
Hash 89e2666c24d37055bcb60e9d2d9f7e35
9514ad7aee341594f43a33893f0b3d8a6d81f32e
3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5
GET /theme/fonts/Roboto/Roboto-Thin.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-29f80"
expires: Wed, 08 May 2024 18:44:22 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F594:3AE3E8:3CE4BB:3E5B66:663BC5AE
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.480401,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: c544a87df4997e06baca80b8fa89dcedc22dc66f
content-length: 89365
X-Firefox-Spdy: h2
attack.mitre.org/search/mitigations.json
185.199.110.153200 OK 116 kB URL GET HTTP/2 attack.mitre.org/search/mitigations.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Size 116 kB (116406 bytes)
Hash 41a1125dd0259771cd772da15c019058
957a231f74d0c614745910a521714b89c2466092
07483a4e3e8493f4e11717dbf5aac278a2ba3ee85d81a583129c6c60f4606762
GET /search/mitigations.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-870c4"
expires: Wed, 08 May 2024 17:48:38 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 7BCA:2ED81F:32AD7D:33E4BB:663BB89D
accept-ranges: bytes
age: 130
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.486350,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 46655799191f331e7163724581676a590061ced1
content-length: 116406
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/settings.js
185.199.110.153200 OK 223 B URL GET HTTP/2 attack.mitre.org/theme/scripts/settings.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash 622c29c4711cae46811f7088841cd224
ca664b73d88abf8ed036f6a91cc04a7c7683e544
138b34fac3db1a7adf6ffc2efb81141bf785db22af0b0535e130fb17d34eb10e
GET /theme/scripts/settings.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-12b"
expires: Wed, 08 May 2024 18:56:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: D704:3AE3E8:3F0138:408544:663BC884
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 2
x-timer: S1715193990.506050,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: dc2184459871bcf2fc2c9e55f967ee63d0efc00f
content-length: 223
X-Firefox-Spdy: h2
attack.mitre.org/search/assets.json
185.199.110.153200 OK 8.6 kB URL GET HTTP/2 attack.mitre.org/search/assets.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash 39e50b29d5573fb530f7b885d0849a8d
06943a6af0d17e1d04acbc4d0ec3eea090819824
04e546610a69fa9a6527170cc80c37114b4fd6097266e1c453242f14acd1c0e6
GET /search/assets.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-b546"
expires: Wed, 08 May 2024 18:54:19 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C0D4:28365F:3C7CE7:3DFC41:663BC7FF
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193989.482500,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 779702dd30763b12813a7a0a206582f46ff6658f
content-length: 8600
X-Firefox-Spdy: h2
attack.mitre.org/search/matrices.json
185.199.110.153200 OK 19 kB URL GET HTTP/2 attack.mitre.org/search/matrices.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash b500e8cc2e34ec859aa16d17c9a45cd0
e89a7a3733f3e80d6e8301a4815c2dab2ff4fc4e
5893348effd6b31a237b6f8aa55ec755a5921f8f1a79089e17dac60d489e92d2
GET /search/matrices.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-2c532"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6DAA:2ED81F:3CE295:3E64B0:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.484808,VS0,VE136
vary: Accept-Encoding
x-fastly-request-id: 5719d874b48d7cb3a328f089ce4023c6cac95ff8
content-length: 18841
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c
142.250.74.168200 OK 95 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (3034)
Hash f781310aa95f363101d27a3f3d4a4394
faf774d88149df95fb1702d0fe38e293b6237a26
3ba763d4a024b4dae9aded5a672be82d1b3d928efffa282849b8c78227f63b65
GET /gtag/js?id=G-C8EHW4DS2X&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 18:46:29 GMT
expires: Wed, 08 May 2024 18:46:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attack.mitre.org/search/tactics.json
185.199.110.153200 OK 136 kB URL GET HTTP/2 attack.mitre.org/search/tactics.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Size 136 kB (136388 bytes)
Hash 9f63d517e6908eaf3f132bccba2bfe64
4b9ab981ed8be4c46984cc52f810a4942be18823
a041cca02c44fec0655fc89cb4ac588ceec0c69ee8202318f94016b61e59be9e
GET /search/tactics.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-799d1"
expires: Wed, 08 May 2024 18:54:19 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F064:28365F:3C7CE7:3DFC42:663BC803
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193990.506164,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 9415f321202ac40173215827b09ee96e7d81680b
content-length: 136388
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-brands-400.woff2
185.199.110.153200 OK 117 kB URL GET HTTP/2 attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-brands-400.woff2
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type Web Open Font Format (Version 2), TrueType, length 117372, version 773.768
Size 117 kB (117372 bytes)
Hash b6356c957274676e6571c1ff5e11c9a8
4022f95e001d734ca8f082b8e7627abd205609ec
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
GET /theme/style/fontawesome-6.5.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style/fontawesome-6.5.1/css/brands.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: "6633c611-1ca7c"
expires: Wed, 08 May 2024 18:55:59 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 4AF0:3AE3E8:3F01AE:4085BE:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.480973,VS0,VE153
vary: Accept-Encoding
x-fastly-request-id: 226df7e76d57431b1969f55df1b18da602b85f77
content-length: 117372
X-Firefox-Spdy: h2
attack.mitre.org/search/software.json
185.199.110.153200 OK 662 kB URL GET HTTP/2 attack.mitre.org/search/software.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Size 662 kB (662360 bytes)
Hash 2e148a05087dc779e73f9723803bd1d4
d74bcb083431ca6360a9e48b5c73a735d14aea36
252a6cc3a90ee42f3141f06212e53752569bd3784ca8844e83b5bb574af621b5
Analyzer Verdict Alert Public Nextron YARA rules malware Detects strings found in Runspace Post Exploitation Toolkit
GET /search/software.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-253e0d"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3332:3C6FA0:3A9B0F:3C1E1B:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.487066,VS0,VE171
vary: Accept-Encoding
x-fastly-request-id: f278690f5ac25609b704a1e556c10afad4159b76
content-length: 662360
X-Firefox-Spdy: h2
attack.mitre.org/groups/sidebar-groups
185.199.110.153301 Moved Permanently 162 B URL GET HTTP/2 attack.mitre.org/groups/sidebar-groups
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /groups/sidebar-groups HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: GitHub.com
content-type: text/html
location: https://attack.mitre.org/groups/sidebar-groups/
access-control-allow-origin: *
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: DB96:6DC18:3B497A:3CCCCA:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193990.506098,VS0,VE165
vary: Accept-Encoding
x-fastly-request-id: af2eececcd8cbdb0dae059f33a9a0368adb2fc33
content-length: 162
X-Firefox-Spdy: h2
attack.mitre.org/search/campaigns.json
185.199.110.153200 OK 52 kB URL GET HTTP/2 attack.mitre.org/search/campaigns.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Hash 392f13c88538ea239615262f0c3d6b3b
b4dcf02752909fd5083f32fa9b65237b42c9bf7d
78588fdff2aaefb7ee473e77b71f1b13c8c033693e2d41305db55b9d73531c5b
Analyzer Verdict Alert Public Nextron YARA rules malware Detects strings found in Runspace Post Exploitation Toolkit
Public Nextron YARA rules malware Detects a set of reconnaissance commands on Windows systems
GET /search/campaigns.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-2ffef"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 36BE:2CE55:3F8AF4:410E15:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.481719,VS0,VE190
vary: Accept-Encoding
x-fastly-request-id: 328614dfcc28a86c561cbde6061bda31f327ebff
content-length: 51954
X-Firefox-Spdy: h2
attack.mitre.org/search/misc.json
185.199.110.153200 OK 168 kB URL GET HTTP/2 attack.mitre.org/search/misc.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Size 168 kB (167911 bytes)
Hash d55fcaaaa0924aedff69b1bb2abdb71a
12ca58200b6969cafd9f227f0be4da89d66f7e3a
89a0bc360501cda96cf49e4754cf1c6ee06546e9665691f1b98e731236f7d23d
GET /search/misc.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-9ade9"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DF46:208C77:25E346:26E6F1:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.485518,VS0,VE202
vary: Accept-Encoding
x-fastly-request-id: be8222efdffc6eab8944aeb1dcaca4cc115f0feb
content-length: 167911
X-Firefox-Spdy: h2
attack.mitre.org/search/groups.json
185.199.110.153200 OK 325 kB URL GET HTTP/2 attack.mitre.org/search/groups.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Size 325 kB (325133 bytes)
Hash 52e43e0418ca5221bc7b7761a5acc194
304452467c1ace7bf2dc2f51e9500b6a6e788efc
896f1b5e4122fa6f561deb847d649258ab776f99e843f21b6f84549eb16d04ce
Analyzer Verdict Alert Public Nextron YARA rules malware Detects strings found in Runspace Post Exploitation Toolkit
Public InfoSec YARA rules malware Identifies KPortScan, port scanner.
GET /search/groups.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-163017"
expires: Wed, 08 May 2024 18:55:07 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 1B58:2C3A13:3D6B08:3EED51:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.484095,VS0,VE181
vary: Accept-Encoding
x-fastly-request-id: 3a8f2274bf4b7b392292d12ff849853d39aebf20
content-length: 325133
X-Firefox-Spdy: h2
attack.mitre.org/search/datasources.json
185.199.110.153200 OK 202 kB URL GET HTTP/2 attack.mitre.org/search/datasources.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Size 202 kB (201808 bytes)
Hash f0da9d2f8da91d9627877a0f774268bb
365b803ebc9e91dc544ead9cef1919130eef2a0e
7f3307d03c25bb78843015f86b9a4d6ff9540f3cfe420466979db7bde343ef6e
Analyzer Verdict Alert Public Nextron YARA rules malware Detects strings found in Runspace Post Exploitation Toolkit
GET /search/datasources.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: W/"6633c613-e2e6a"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3340:2884D3:3C8F72:3E13AA:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193989.483404,VS0,VE259
vary: Accept-Encoding
x-fastly-request-id: 53b03031bec72864dc7d4fd26a5a22e13f492e52
content-length: 201808
X-Firefox-Spdy: h2
attack.mitre.org/groups/sidebar-groups/
185.199.110.153200 OK 2.9 kB URL GET HTTP/2 attack.mitre.org/groups/sidebar-groups/
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type HTML document, ASCII text
Hash 55b2e776fe88d6f13dfe7890d0e19a75
5888569f693b63ec93b33940305c5b5ea480ac6a
78c902ee1475562f27973b42854ec6d77019e78e6a14020ef9796587cdfcf971
GET /groups/sidebar-groups/ HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Referer: https://attack.mitre.org/groups/G0046/
DNT: 1
Connection: keep-alive
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Thu, 02 May 2024 16:57:54 GMT
access-control-allow-origin: *
etag: W/"6633c612-6207"
expires: Wed, 08 May 2024 18:56:30 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B13A:2CE55:3F8B97:410EBE:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:30 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193991.609627,VS0,VE152
vary: Accept-Encoding
x-fastly-request-id: 7421244a4d96f96fd82f4381c00dd5a714e24fb5
content-length: 2899
X-Firefox-Spdy: h2
attack.mitre.org/search/techniques.json
185.199.110.153200 OK 2.1 MB URL GET HTTP/2 attack.mitre.org/search/techniques.json
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
Size 2.1 MB (2142479 bytes)
Hash ec9a221563e589967136fb9c3e1b1f5a
9deed659b3986d2b7ee297833f3fbf4b727a7d04
a15000208e9ce320ec2d37a845d1d67c9cfba5b557b742005fd7cf15fb021ce6
Analyzer Verdict Alert Public Nextron YARA rules malware Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures)
Public Nextron YARA rules malware Detects strings found in Runspace Post Exploitation Toolkit
Public InfoSec YARA rules malware Identifies KPortScan, port scanner.
Public InfoSec YARA rules malware Identifies RDP Wrapper, sometimes used by attackers to maintain persistence.
GET /search/techniques.json HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-6ce047"
expires: Wed, 08 May 2024 18:56:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 776E:30D9D9:3E23B2:3FA7C5:663BC884
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193990.506162,VS0,VE303
vary: Accept-Encoding
x-fastly-request-id: e9aa3c1492f39f0349fc58f061a2192d324273b4
content-length: 2142479
X-Firefox-Spdy: h2
attack.mitre.org/theme/scripts/navigation.js
185.199.110.153200 OK 1.1 kB URL GET HTTP/2 attack.mitre.org/theme/scripts/navigation.js
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type JavaScript source, ASCII text
Hash 80b3941b97e9ad0528fce0606e543864
a740301d14cc0ae1c89c2dcd36bac3404676edf8
9fc29c072e63b7ec02697b5a76e523719b7922b30715415071ea0bfda13377f8
GET /theme/scripts/navigation.js HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-d58"
expires: Wed, 08 May 2024 18:53:34 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 3FBC:3C6FA0:3A3A78:3BBB24:663BC803
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:31 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193991.206686,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: f130b1a63097a13807edfdfbf4f0a9b78b3413e6
content-length: 1118
X-Firefox-Spdy: h2
attack.mitre.org/theme/favicon.ico
185.199.110.153200 OK 1.1 kB URL GET HTTP/2 attack.mitre.org/theme/favicon.ico
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 0f5637e9265409a2ec33297c558ad2df
8ffd0e662863a047a76e23d4d67b21aecde69bff
954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23
GET /theme/favicon.ico HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/groups/G0046/
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/vnd.microsoft.icon
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:53 GMT
access-control-allow-origin: *
etag: W/"6633c611-1976"
expires: Wed, 08 May 2024 17:26:08 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: CF30:32A7D1:2E0028:2F1F57:663BB358
accept-ranges: bytes
age: 133
date: Wed, 08 May 2024 18:46:32 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715193993.661028,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: bf9f668e695f556df90b788b013b1ca8cad20d2f
content-length: 1070
X-Firefox-Spdy: h2
attack.mitre.org/theme/fonts/Roboto/Roboto-Bold.ttf
185.199.110.153200 OK 92 kB URL GET HTTP/2 attack.mitre.org/theme/fonts/Roboto/Roboto-Bold.ttf
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo
Hash ee7b96fa85d8fdb8c126409326ac2d2b
0ce37ced9c5fcac9bdc452a432c1258870ba4677
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
GET /theme/fonts/Roboto/Roboto-Bold.ttf HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style.min.css?9dc07e69
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/ttf
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:56 GMT
access-control-allow-origin: *
etag: W/"6633c614-29b08"
expires: Wed, 08 May 2024 18:44:24 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C66E:3C6FA0:38B13D:3A26EF:663BC5B0
accept-ranges: bytes
date: Wed, 08 May 2024 18:46:32 GMT
via: 1.1 varnish
age: 133
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715193993.825778,VS0,VE3
vary: Accept-Encoding
x-fastly-request-id: 222d42fb0034b721c4a0b70914021b73d49d6dc1
content-length: 91581
X-Firefox-Spdy: h2
attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-solid-900.woff2
185.199.110.153200 OK 156 kB URL GET HTTP/2 attack.mitre.org/theme/style/fontawesome-6.5.1/webfonts/fa-solid-900.woff2
IP 185.199.110.153:443
Requested by https://attack.mitre.org/groups/G0046/
Certificate IssuerLet's Encrypt
Subjectattack.mitre.org
Fingerprint40:17:24:6D:94:BB:91:26:B3:EA:99:C5:7E:C0:2B:A1:9D:E2:4B:79
ValidityWed, 08 May 2024 09:23:26 GMT - Tue, 06 Aug 2024 09:23:25 GMT
File type Web Open Font Format (Version 2), TrueType, length 156496, version 773.768
Size 156 kB (156496 bytes)
Hash 6c4eee562650e53cee32496bdfbe534b
1aae708e3b94ee981b452a918d28ed037fbb5e18
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
GET /theme/style/fontawesome-6.5.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: attack.mitre.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://attack.mitre.org/theme/style/fontawesome-6.5.1/css/solid.min.css
Cookie: _ga_C8EHW4DS2X=GS1.1.1715193989.1.0.1715193989.0.0.0; _ga=GA1.1.1978626864.1715193990
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
x-origin-cache: HIT
last-modified: Thu, 02 May 2024 16:57:55 GMT
access-control-allow-origin: *
etag: "6633c613-26350"
expires: Wed, 08 May 2024 18:56:00 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 3340:2884D3:3C9201:3E164B:663BC885
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 18:46:32 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715193993.828928,VS0,VE151
vary: Accept-Encoding
x-fastly-request-id: 4d1966be33fab892799f5e911bf4a149fbe366fd
content-length: 156496
X-Firefox-Spdy: h2