This document discusses techniques for fingerprinting threat actors using their web assets. It describes how programmers often reuse code across sites for convenience. Web assets like JavaScript files, CSS files, and images can provide fingerprints to link related malicious infrastructure. The document gives an example of finding related domains tied to a threat actor by searching for a unique CSS filename on Google. It suggests this approach could be extended to more sophisticated techniques like file-level hashing and coding style analysis to profile web threats similar to how malware is analyzed.