hxxps://cve[.]mitre[.]org/cgi-bin/cvename[.]cgi?name=CVE-2023-46805

Analysis

max time kernel
146s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
22/01/2024, 19:54 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3732	msedge.exe
3732	msedge.exe
4976	msedge.exe
4976	msedge.exe
4504	identity_helper.exe
4504	identity_helper.exe
2624	msedge.exe
2624	msedge.exe
2624	msedge.exe
2624	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe
4976	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4976 wrote to memory of 2428	4976	msedge.exe	17
PID 4976 wrote to memory of 2428	4976	msedge.exe	17
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 5064	4976	msedge.exe	86
PID 4976 wrote to memory of 3732	4976	msedge.exe	85
PID 4976 wrote to memory of 3732	4976	msedge.exe	85
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87
PID 4976 wrote to memory of 3856	4976	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8cca046f8,0x7ff8cca04708,0x7ff8cca04718
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2256 /prefetch:2
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2924 /prefetch:8
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2248,3079097061417545476,2448947029899923640,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5744 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2624

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5108

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2396

Network

DNS

cve.mitre.org

msedge.exe

Remote address:

8.8.8.8:53

Request

cve.mitre.org

IN A

Response

cve.mitre.org

IN A

198.49.146.205

cve.mitre.org

IN A

192.52.194.205
GET

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /cgi-bin/cvename.cgi?name=CVE-2023-46805 HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:56 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
Transfer-Encoding: chunked
GET

https://cve.mitre.org/css/main.css

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /css/main.css HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:56 GMT
Last-Modified: Mon, 27 Nov 2023 18:55:06 GMT
Accept-Ranges: bytes
Content-Length: 16101
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
GET

https://cve.mitre.org/includes/jquery-migrate-3.0.0.min.js

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /includes/jquery-migrate-3.0.0.min.js HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:56 GMT
Last-Modified: Thu, 10 Aug 2017 15:48:44 GMT
Accept-Ranges: bytes
Content-Length: 7083
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/javascript
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
GET

https://cve.mitre.org/images/twitter.jpg

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /images/twitter.jpg HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:57 GMT
Last-Modified: Thu, 10 Aug 2017 15:48:44 GMT
Accept-Ranges: bytes
Content-Length: 1726
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
GET

https://cve.mitre.org/images/youtube.png

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /images/youtube.png HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:57 GMT
Last-Modified: Mon, 30 Mar 2020 17:27:19 GMT
Accept-Ranges: bytes
Content-Length: 7778
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
GET

https://cve.mitre.org/includes/jquery-3.2.1.min.js

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /includes/jquery-3.2.1.min.js HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:56 GMT
Last-Modified: Thu, 08 Feb 2018 21:30:08 GMT
Accept-Ranges: bytes
Content-Length: 86659
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/javascript
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
GET

https://cve.mitre.org/images/nvd-logo.png

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /images/nvd-logo.png HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:56 GMT
Last-Modified: Tue, 19 Dec 2017 05:15:35 GMT
Accept-Ranges: bytes
Content-Length: 11812
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
GET

https://cve.mitre.org/images/GitHub_round_sm

msedge.exe

Remote address:

198.49.146.205:443

Request

GET /images/GitHub_round_sm HTTP/1.1
Host: cve.mitre.org
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888

Response

HTTP/1.1 200 OK

Date: Mon, 22 Jan 2024 19:54:57 GMT
Content-Location: GitHub_round_sm.png
Vary: negotiate
TCN: choice
Last-Modified: Fri, 06 Apr 2018 17:07:38 GMT
Accept-Ranges: bytes
Content-Length: 3128
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TS01f47f66=012ca1a6c4a9f2e281796ad40852e5d511336a73cf52e017bd3d0ac1e00355fd4b7f55293bded431a394b5ceb20685f07bae8dc888; Path=/; Domain=.cve.mitre.org
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

181.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.178.17.96.in-addr.arpa

IN PTR

Response

181.178.17.96.in-addr.arpa

IN PTR

a96-17-178-181deploystaticakamaitechnologiescom
DNS

17.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

17.160.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

cmp.osano.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cmp.osano.com

IN A

Response

cmp.osano.com

IN CNAME

d2gt2ux04o03l1.cloudfront.net

d2gt2ux04o03l1.cloudfront.net

IN A

65.9.95.26

d2gt2ux04o03l1.cloudfront.net

IN A

65.9.95.124

d2gt2ux04o03l1.cloudfront.net

IN A

65.9.95.95

d2gt2ux04o03l1.cloudfront.net

IN A

65.9.95.74
GET

https://cmp.osano.com/AzyhULTdPkqmy4aDN/fab1add1-e069-4b98-8ba9-cbdc6401a635/osano.js

msedge.exe

Remote address:

65.9.95.26:443

Request

GET /AzyhULTdPkqmy4aDN/fab1add1-e069-4b98-8ba9-cbdc6401a635/osano.js HTTP/2.0
host: cmp.osano.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://cve.mitre.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 86463
server: CloudFront
etag: "e6da34702916c984a6ed6c243d75ae9c"
last-modified: Wed, 03 Jan 2024 17:51:52 GMT
content-encoding: br
date: Mon, 22 Jan 2024 07:38:35 GMT
x-cache: Hit from cloudfront
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8qiqdGYazjqCsblT5eK6VI5rabiR8ebYBr0I3WIVtcOQxfY4UKD5kA==
age: 44181
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
vary: Origin
DNS

205.146.49.198.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.146.49.198.in-addr.arpa

IN PTR

Response
DNS

40.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

40.200.250.142.in-addr.arpa

IN PTR

Response

40.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f81e100net
DNS

26.95.9.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.95.9.65.in-addr.arpa

IN PTR

Response

26.95.9.65.in-addr.arpa

IN PTR

server-65-9-95-26prg50r cloudfrontnet
DNS

91.95.9.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.95.9.65.in-addr.arpa

IN PTR

Response

91.95.9.65.in-addr.arpa

IN PTR

server-65-9-95-91prg50r cloudfrontnet
DNS

78.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.204.58.216.in-addr.arpa

IN PTR

Response

78.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f141e100net

78.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f78�H

78.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f14�H
DNS

228.249.119.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.249.119.40.in-addr.arpa

IN PTR

Response
DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
DNS

97.17.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.17.167.52.in-addr.arpa

IN PTR

Response
DNS

81.171.91.138.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.171.91.138.in-addr.arpa

IN PTR

Response
DNS

16.234.44.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

16.234.44.23.in-addr.arpa

IN PTR

Response

16.234.44.23.in-addr.arpa

IN PTR

a23-44-234-16deploystaticakamaitechnologiescom
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

140.71.91.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

140.71.91.104.in-addr.arpa

IN PTR

Response

140.71.91.104.in-addr.arpa

IN PTR

a104-91-71-140deploystaticakamaitechnologiescom
DNS

176.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.178.17.96.in-addr.arpa

IN PTR

Response

176.178.17.96.in-addr.arpa

IN PTR

a96-17-178-176deploystaticakamaitechnologiescom
DNS

175.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.178.17.96.in-addr.arpa

IN PTR

Response

175.178.17.96.in-addr.arpa

IN PTR

a96-17-178-175deploystaticakamaitechnologiescom
DNS

154.141.79.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.141.79.40.in-addr.arpa

IN PTR

Response

198.49.146.205:443

https://cve.mitre.org/images/youtube.png

tls, http

msedge.exe

6.2kB
74.9kB
41
70

HTTP Request

GET https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805

HTTP Response

200

HTTP Request

GET https://cve.mitre.org/css/main.css

HTTP Response

200

HTTP Request

GET https://cve.mitre.org/includes/jquery-migrate-3.0.0.min.js

HTTP Response

200

HTTP Request

GET https://cve.mitre.org/images/twitter.jpg

HTTP Response

200

HTTP Request

GET https://cve.mitre.org/images/youtube.png

HTTP Response

200
198.49.146.205:443

https://cve.mitre.org/images/GitHub_round_sm

tls, http

msedge.exe

5.5kB
117.4kB
56
98

HTTP Request

GET https://cve.mitre.org/includes/jquery-3.2.1.min.js

HTTP Response

200

HTTP Request

GET https://cve.mitre.org/images/nvd-logo.png

HTTP Response

200

HTTP Request

GET https://cve.mitre.org/images/GitHub_round_sm

HTTP Response

200
198.49.146.205:443

cve.mitre.org

tls

msedge.exe

3.8kB
26.0kB
20
30
198.49.146.205:443

cve.mitre.org

tls

msedge.exe

5.4kB
32.8kB
25
39
65.9.95.26:443

https://cmp.osano.com/AzyhULTdPkqmy4aDN/fab1add1-e069-4b98-8ba9-cbdc6401a635/osano.js

tls, http2

msedge.exe

3.4kB
96.7kB
51
78

HTTP Request

GET https://cmp.osano.com/AzyhULTdPkqmy4aDN/fab1add1-e069-4b98-8ba9-cbdc6401a635/osano.js

HTTP Response

200
198.49.146.205:443

cve.mitre.org

tls

msedge.exe

884 B
479 B
7
8
198.49.146.205:443

cve.mitre.org

tls

msedge.exe

884 B
479 B
7
8

8.8.8.8:53

cve.mitre.org

dns

msedge.exe

59 B
91 B
1
1

DNS Request

cve.mitre.org

DNS Response

198.49.146.205

192.52.194.205
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

181.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

181.178.17.96.in-addr.arpa
8.8.8.8:53

17.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

17.160.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

cmp.osano.com

dns

msedge.exe

59 B
166 B
1
1

DNS Request

cmp.osano.com

DNS Response

65.9.95.26

65.9.95.124

65.9.95.95

65.9.95.74
8.8.8.8:53

205.146.49.198.in-addr.arpa

dns

73 B
145 B
1
1

DNS Request

205.146.49.198.in-addr.arpa
8.8.8.8:53

40.200.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

40.200.250.142.in-addr.arpa
8.8.8.8:53

26.95.9.65.in-addr.arpa

dns

69 B
123 B
1
1

DNS Request

26.95.9.65.in-addr.arpa
8.8.8.8:53

91.95.9.65.in-addr.arpa

dns

69 B
123 B
1
1

DNS Request

91.95.9.65.in-addr.arpa
8.8.8.8:53

78.204.58.216.in-addr.arpa

dns

72 B
171 B
1
1

DNS Request

78.204.58.216.in-addr.arpa
8.8.8.8:53

228.249.119.40.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

228.249.119.40.in-addr.arpa
224.0.0.251:5353

578 B
9
8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

97.17.167.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

97.17.167.52.in-addr.arpa
8.8.8.8:53

81.171.91.138.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

81.171.91.138.in-addr.arpa
8.8.8.8:53

16.234.44.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

16.234.44.23.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

140.71.91.104.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

140.71.91.104.in-addr.arpa
8.8.8.8:53

176.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

176.178.17.96.in-addr.arpa
8.8.8.8:53

175.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

175.178.17.96.in-addr.arpa
8.8.8.8:53

154.141.79.40.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

154.141.79.40.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7a5862a0ca86c0a4e8e0b30261858e1f

SHA1
ee490d28e155806d255e0f17be72509be750bf97

SHA256
92b4c004a9ec97ccf7a19955926982bac099f3b438cd46063bb9bf5ac7814a4b

SHA512
0089df12ed908b4925ba838e07128987afe1c9235097b62855122a03ca6d34d7c75fe4c30e68581c946b77252e7edf1dd66481e20c0a9cccd37e0a4fe4f0a6fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
97861c2c61e1b6b41cbfb85ca537deb8

SHA1
767a60c8f805c5bbc5c812911d4fb4246054ac18

SHA256
c0f6b74030efc78049de199668fbced98e58f0d4b537aa6eb4e431886533eefe

SHA512
fd302d268554363c4e0b5b8494dda0fcd19a09b5608e8c2fa44eeffc336b057062e8cacd4ecc349ee743db837c285de2abc71b2e2e608eb6850bd628c9e8357b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
677B

MD5
43675479cb0467a2712e8c25f0114059

SHA1
db15d79a0feff6f6f7554156a02ffbe3e4983e67

SHA256
f8919f41f707802a08c505037f1ff82b71a139a0f696d5f34ef45ddf38d153b9

SHA512
6652cdbf543f502034b6ea7788b8f5c71327d7122bf720db669134b7bd962795e4798da2e40dfb45848b8cb80316f0606b1a09b6bcbbaa2e8736b93980ce5b15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
051427e36672f1d904249702c903eb5a

SHA1
487d7b64ba91b25ce70ee4260dae1e14c335a95b

SHA256
76027049140a3bce165263456c450bf89d978259b2880478343003aebaac50f6

SHA512
1c3965fca9e0233acb6e019f4f81cafefaabc2d47944785b5c8672c30ef705d8072596059e2776b5523e9a89dc924f8af9bd75aef3505dbad036a62118571dfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e5c35950a1990071191e271cf548a181

SHA1
c78a43cf72a4ccf484bdf3d776a9d74faa77a234

SHA256
743a88f24fb55d9833199ae6b940c2c0e736ef6e053716551e5fa7bb08da006e

SHA512
cdd670aadb13c31c6ca1fbc95b8008d01687e47de886a346a72defbc4c21c4acefc58cb1494916eee3293a811c4a6f4e727f1e2c3b80ce575cad4b2da94c0fa4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
70f93ec0260f5207e54800627117cf93

SHA1
356f9f8eb758fff11b24f34f8720d79f4b140709

SHA256
afbd95fbd697c31b5d2190b1d1164e4e2213005660d2b751ca8f46f30738183a

SHA512
0acca8cb4c800307b61e8357894c4441a2f64ac5060dc32effe5952022734c8995d04418b8dc331da5295143c6cb5b3e9701400dfaec9403cd2421270abcbcb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
52826cef6409f67b78148b75e442b5ea

SHA1
a675db110aae767f5910511751cc3992cddcc393

SHA256
98fc43994599573e7181c849e5865f23b4f05f85c1115dff53c58764d80373fb

SHA512
f18df18cab6b5ecd71b79c81a2a1fdac42cc9960f62f06ac25f4d6487792705f2766ee3a10239eaac940d090186e6bc820e4eb7a5ee138f6e5c1c64f951b960c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
90f17141406617517ffa02f49cecc055

SHA1
a5d53fb7068ab01f2b5e48effb1dd12d22858100

SHA256
79b913a3b4ba4cbc3f8dc44d05c6249cdb54b958abbf1c223b8d8f5f4ac653e2

SHA512
6ae3348010f3d23e187f0e61bd28c2437d89bb431b5c81fddafe439d1d4c93bbda1e73fe601b3894fd7dd4122be31628c0c3257d7a8310cbea8438091aaa9a5b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.