AnsweredAssumed Answered

Specifcs of trigger for "http request path host header mismatch"

Question asked by Renee Russell on Feb 15, 2019
Latest reply on Feb 15, 2019 by William Motley



I wanted to get clarification on what criteria analysis.service gets populated with "http request path host header mismatch"

Specifically does is it: domain mismatch , tld mismatch or entirely different domains altogether.


I see this  from Hunting Guide:



http request path host header mismatch

The request path specified a host other than the value of the HOST:header

Indicative of domain fronting, though may be legitimate when used by CDNs.