ioc[.]one - OSINT Cyber Threat Intelligence Database

Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning

Tags

attack-pattern:

Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Javascript - T1059.007 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	b149cbe7-e56d-48b4-bf1c-4d375c259faf
Fingerprint	e673df83a1229b41
Analysis status	DONE
Considered CTI value	0
Text language
Published	May 29, 2019, midnight
Added to db	Feb. 17, 2023, 11:19 p.m.
Last updated	Nov. 19, 2024, 8:06 a.m.
Headline	duszynski.eu
Title	Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning
Detected Hints/Tags/Attributes	21/1/9

Source URLs

	Redirection	Url
Details	Source	https://blog.duszynski.eu/tor-ip-disclosure-through-http-301-cache-poisoning/

URL Provider

Details	Provider	Source level domain
Details	duszynski.eu	blog.duszynski.eu

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		tor.modlishka.io
Details	Domain	709		google.com
Details	Domain	1		blog.duszynski.eu
Details	Domain	179		www.torproject.org
Details	IPv4	1		5.60.164.177
Details	IPv4	1		51.38.150.126
Details	Url	1		http://user-identifier.evil.tld
Details	Url	1		https://blog.duszynski.eu/domain-hijack-through-http-301-cache-poisoning
Details	Url	24		https://www.torproject.org/download