Submitted URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Effective URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Submission: On April 24 via api from BE — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 130 HTTP transactions. The main IP is 52.5.181.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 5th 2022. Valid for: a year.
This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 52.5.181.79 14618 (AMAZON-AES)
1 108 2606:4700:7::... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.6 16509 (AMAZON-02)
1 2600:9000:236... 16509 (AMAZON-02)
4 2600:9000:20e... 16509 (AMAZON-02)
130 6
Apex Domain
Subdomains
Transfer
108 medium.com
medium.com — Cisco Umbrella Rank: 8708
glyph.medium.com — Cisco Umbrella Rank: 18608
miro.medium.com — Cisco Umbrella Rank: 11771
cdn-client.medium.com — Cisco Umbrella Rank: 19709
1 MB
15 specterops.io
posts.specterops.io
47 KB
5 branch.io
cdn.branch.io — Cisco Umbrella Rank: 966
api2.branch.io — Cisco Umbrella Rank: 598
26 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 app.link
app.link — Cisco Umbrella Rank: 1626
566 B
130 5
Domain Requested by
50 cdn-client.medium.com posts.specterops.io
cdn-client.medium.com
48 miro.medium.com posts.specterops.io
15 posts.specterops.io 1 redirects cdn-client.medium.com
9 glyph.medium.com posts.specterops.io
glyph.medium.com
4 api2.branch.io cdn-client.medium.com
3 www.google-analytics.com posts.specterops.io
cdn-client.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io posts.specterops.io
1 medium.com 1 redirects
130 9
Subject Issuer Validity Valid
posts.specterops.io
Sectigo RSA Domain Validation Secure Server CA
2022-01-05 -
2023-01-05
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2022-02-26 -
2022-05-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
appipv4.link
Amazon
2021-06-24 -
2022-07-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Frame ID: 1FD967C688713C9691E6AD127A71FB85
Requests: 130 HTTP requests in this frame

Screenshot

Page Title

Revisiting Remote Desktop Lateral Movement | by Steven F | Posts By SpecterOps Team Members

Page URL History Show full URLs

  1. https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Frevisiting... HTTP 302
    https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

130
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

9
Subdomains

6
IPs

2
Countries

1407 kB
Transfer

3688 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Frevisiting-remote-desktop-lateral-movement-8fb905cb46c3 HTTP 302
    https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

130 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request revisiting-remote-desktop-lateral-movement-8fb905cb46c3
posts.specterops.io/
Redirect Chain
  • https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
  • https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Frevisiting-remote-desktop-lateral-movement-8fb905cb46c3
  • https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
182 KB
41 KB
Document
General
Full URL
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
83944c8fb47ac644883671e91b2cada01319f83fe563043fe25f20e0fba5c779
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://medium.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://medium.com
content-type
text/html; charset=utf-8
date
Sun, 24 Apr 2022 16:44:10 GMT
etag
W/"2d862-Yb2U+mE2P0D2cNcBv5EEbU5HoLo"
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, lite/main-20220422-205901-123e6f15e2, rito/main-20220420-162416-61c3e089e7, tutu/main-20220422-175648-d1cf9a3057
medium-missing-time
257
sepia-upstream
medium
server
nginx
vary
Accept-Encoding
x-envoy-upstream-service-time
698
x-request-received-at
1650818649773

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70104d4f3c8d5b98-FRA
content-length
0
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type
text/plain;charset=UTF-8
date
Sun, 24 Apr 2022 16:44:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 09 Sep 1999 09:09:09 GMT
link
<https://medium.com/humans.txt>; rel="humans"
location
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
medium-fulfilled-by
edgy/8.3.0, valencia/main-20220422-165907-7310052fbd
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
2
x-content-type-options
nosniff
x-envoy-upstream-service-time
50
x-frame-options
sameorigin
x-obvious-info
20220422-1758-root,d1cf9a30
x-obvious-tid
1650818649591:4592a40571b2
x-opentracing
{"ot-tracer-spanid":"261199c7396cf517","ot-tracer-traceid":"622deaf453ea55ba","ot-tracer-sampled":"true"}
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block
unbound.css
glyph.medium.com/css/
12 KB
1 KB
Stylesheet
General
Full URL
https://glyph.medium.com/css/unbound.css
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1321
x-envoy-upstream-service-time
27
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200
access-control-allow-credentials
true
cf-ray
70104d55ef4c5b98-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Sun, 24 Apr 2022 18:44:10 GMT
1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/64/64/
2 KB
3 KB
Image
General
Full URL
https://miro.medium.com/fit/c/64/64/1*D-FDlfkqivRBQZoESrwtqw.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbe6871b13980a0c8d28ad8267ab8827abb9a9eb1f80691d0e91ffb57a8a51b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
473494
x-envoy-upstream-service-time
37
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2399
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220303-000533-8c0cdff0ab
accept-ranges
bytes
cf-ray
70104d564fff5b98-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*o11ibKUgsfShMjYZ
miro.medium.com/fit/c/96/96/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/fit/c/96/96/0*o11ibKUgsfShMjYZ
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
314bffb6775b5ff58f70ef245efa91a21bb64fd25521c30f796fdf3c7b72b98d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-envoy-upstream-service-time
38
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4009
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5648025b98-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*k2C00xhHdxKGGv3n
miro.medium.com/max/1400/
87 KB
88 KB
Image
General
Full URL
https://miro.medium.com/max/1400/0*k2C00xhHdxKGGv3n
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba84748a9b5757f54b19992eb51d80e89836489a7957a504d280ff19de446d98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-envoy-upstream-service-time
85
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
89370
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d564ff95b98-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*SuttuI_3vMjYEgXq
miro.medium.com/max/1400/
126 KB
127 KB
Image
General
Full URL
https://miro.medium.com/max/1400/0*SuttuI_3vMjYEgXq
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ef80b61e1a966ee6dd55d6245a58a609b78eff54c48b2cec57d364dd2dfacb6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
129357
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d564ffd5b98-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/40/40/
570 B
677 B
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*dmbNkD5D-u45r44go_cf0g.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fce0922ef388ad6f81ae62add760596c852b7c66503f3183cce6943ec5d4f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
161432
x-envoy-upstream-service-time
29
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
570
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
70104d564ffb5b98-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*funYCBH8ZLu6MSOA.png
miro.medium.com/focal/112/112/50/50/
19 KB
19 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/0*funYCBH8ZLu6MSOA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9aa297f08feb693c61ad78a788ac152996238fc29d638650aa8b2bda70c064f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
38
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18964
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d564ffa5b98-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*OhkxLCD1h_TSBTPOP75Rrg.png
miro.medium.com/fit/c/40/40/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*OhkxLCD1h_TSBTPOP75Rrg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9690d5bc2630c21a2b59021a1495c72a0393f450de96fa9c495ab7daac68cab3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79702
x-envoy-upstream-service-time
45
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1492
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b495c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*2eLT5gtF_KWAOWDJ.jpg
miro.medium.com/focal/112/112/50/50/
5 KB
5 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/0*2eLT5gtF_KWAOWDJ.jpg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0392b6fc378f712b2d248eaf3d65fd8ec64194ce2c1690b32cf6017d36a0f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
44
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4967
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b475c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*Uw3fhYnqOQUckfNr
miro.medium.com/fit/c/40/40/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/0*Uw3fhYnqOQUckfNr
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014d4c7f34c92a0c51c0fe4c395257e0e4e5d7a1cae86ffae95366e5d74c9902
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
20891
x-envoy-upstream-service-time
35
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1687
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b455c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*qRuNqaPIwhZX8VwV
miro.medium.com/focal/112/112/50/50/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/0*qRuNqaPIwhZX8VwV
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af895ac2e2cc3be64838f39999031dd5c24e71cb21b347f895c3b9a408b2b77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
83
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1892
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b435c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*Ud-Mz31o0jymGcyxb-h9fg.png
miro.medium.com/fit/c/40/40/
2 KB
3 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*Ud-Mz31o0jymGcyxb-h9fg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a59140956a8d1c73faa373177081d22efab75978a99cfe5f25a9dea1645faf8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
23504
x-envoy-upstream-service-time
173
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2390
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b2c5c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*uBtxrj-S5TSb9QlA9GC9Hg.png
miro.medium.com/focal/112/112/50/50/
6 KB
7 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/1*uBtxrj-S5TSb9QlA9GC9Hg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b321bda8dc4e5245a74c21f8c2525cc85494b09844372f5805eaa46b4bb4590b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6916
x-envoy-upstream-service-time
39
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6529
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b2d5c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*3v0ktJZ-a-uV7KOqs9vF6Q.png
miro.medium.com/fit/c/40/40/
613 B
1020 B
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*3v0ktJZ-a-uV7KOqs9vF6Q.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14b232f43866f3a15ba2335e04b1e0964d3b42edaffd115f1e7a1deec1ad122
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
490162
x-envoy-upstream-service-time
39
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
613
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
70104d568b305c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*FvKkCmvRbz2I_-A63PkVAA.jpeg
miro.medium.com/focal/112/112/50/50/
4 KB
5 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/1*FvKkCmvRbz2I_-A63PkVAA.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c85a3a7964a438b73eb389d4db0b3d0c3f8fe14cf55aed11eaed21334b5469a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
48
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4516
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b335c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*HLYpVTCwkw28aG-J.
miro.medium.com/fit/c/40/40/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/0*HLYpVTCwkw28aG-J.
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242e60243ac7ce532b33b89902c33af723f7ecc954cd2cbac13a68434a599be1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
542365
x-envoy-upstream-service-time
45
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1434
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b375c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*6zHm9Xvv2-Mk16aw
miro.medium.com/focal/112/112/50/50/
4 KB
5 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/0*6zHm9Xvv2-Mk16aw
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9e0b7530752bf0fc36ca6edcf577a733e66607ce130a1e3ef785dc69ed1657
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
76
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4288
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b395c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*jfE28M-bdq3M0NssXEFf5A.jpeg
miro.medium.com/fit/c/40/40/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*jfE28M-bdq3M0NssXEFf5A.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b373f50586a2241385ba8478d1b664bd8b30399d80cde74ecff4a94363117268
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
40856
x-envoy-upstream-service-time
83
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1661
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b4a5c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*g4HX3lGJhhvXcethuYQ3fQ.gif
miro.medium.com/freeze/focal/112/112/50/50/
789 B
1 KB
Image
General
Full URL
https://miro.medium.com/freeze/focal/112/112/50/50/1*g4HX3lGJhhvXcethuYQ3fQ.gif
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579b32b4ab57ca2037c4c1ce0f8d9e1e9f24ade9aa267e78fe00afb519b8f0ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
46
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
789
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b4b5c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*o11ibKUgsfShMjYZ
miro.medium.com/fit/c/176/176/
8 KB
8 KB
Image
General
Full URL
https://miro.medium.com/fit/c/176/176/0*o11ibKUgsfShMjYZ
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c32aff93dddd5b714ce4192a5180455b682961a306d2a880a4a420826157794a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
48
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8212
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b4e5c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*lgzd8uaVC9kPSPblONEoiQ.jpeg
miro.medium.com/fit/c/40/40/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*lgzd8uaVC9kPSPblONEoiQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9073d7523e1218c2c456095f0a899badeca563641e7bccf93ff3df0f7dd1afd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
47
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1434
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b4f5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*Ep5kKJag6JEyemtyYFGO9A.png
miro.medium.com/focal/112/112/50/50/
22 KB
22 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/1*Ep5kKJag6JEyemtyYFGO9A.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b724e8c08586b36b649517fae8132a8e374ef49fe6ad018e0ed807db9235dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
45
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22635
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b505c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
2*RaresSjZlyaur6QF_UWGew.jpeg
miro.medium.com/fit/c/40/40/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/2*RaresSjZlyaur6QF_UWGew.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089bc26b6ce2d59656666b9437968dca5c763cddc695cfe1850ab4c609511dbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5592
x-envoy-upstream-service-time
25
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1457
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b535c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
0*JBqZtxUM88_58wK_.jpg
miro.medium.com/focal/112/112/50/50/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/0*JBqZtxUM88_58wK_.jpg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f734153204010c6d8653cd9c96f140536bcf9f6661f107832a9f6ba464c95deb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5592
x-envoy-upstream-service-time
70
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3640
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b3b5c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*9vbms7n4gmYFKurrWMOukQ.jpeg
miro.medium.com/fit/c/40/40/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*9vbms7n4gmYFKurrWMOukQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3fcacafda6fff63c09dc96bb91351afb4cf867bc44e2aa58bc179552a1acb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
188354
x-envoy-upstream-service-time
48
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1430
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b3f5c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*C5lb7jEZgGmlx9qP_heTFw.jpeg
miro.medium.com/focal/112/112/50/50/
5 KB
5 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/1*C5lb7jEZgGmlx9qP_heTFw.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4dc6dd36a4ae092e32a5c609246219937a469b9f7f5ecb52ce77ba22996045
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
91709
x-envoy-upstream-service-time
37
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4942
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d568b425c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
1*ecP1reCgkzkxz77n2nlnmQ.jpeg
miro.medium.com/fit/c/40/40/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*ecP1reCgkzkxz77n2nlnmQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270b707f109100191ee4b6052c79a1c66ce66fb0f8a83a92e72177ed544fb108
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
113
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1356
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d568b565c62-FRA
expires
Tue, 24 May 2022 16:44:10 GMT
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6420297
x-envoy-upstream-service-time
32
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5658c09a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:10 GMT
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
18 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4776007
x-envoy-upstream-service-time
31
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5658c29a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:10 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5068651
x-envoy-upstream-service-time
16
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5658c49a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:10 GMT
charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
15 KB
16 KB
Font
General
Full URL
https://glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5068651
x-envoy-upstream-service-time
20
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5658c59a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:10 GMT
charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
15 KB
16 KB
Font
General
Full URL
https://glyph.medium.com/font/f50d520/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ce1a0eb9bac0aa8342c79eb85406443b8eb32db4c4532ec5cfc107f5226b3c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5105717
x-envoy-upstream-service-time
31
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5658c69a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:10 GMT
charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
16 KB
17 KB
Font
General
Full URL
https://glyph.medium.com/font/81d2bf1/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7121b47a89c0f8c46fc497009d41ebd3f25601b5485753d11bc366050a8e0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7812763
x-envoy-upstream-service-time
39
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5658c79a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:10 GMT
charter-700-italic.woff
glyph.medium.com/font/77a0c0c/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
16 KB
17 KB
Font
General
Full URL
https://glyph.medium.com/font/77a0c0c/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe9ef0ee727afa5d449bcd76ebe42bdcb04b448a1c6d2d7dccfb6c08efbfb61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5105636
x-envoy-upstream-service-time
28
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5658c99a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:10 GMT
manifest.b06b69eb.js
cdn-client.medium.com/lite/static/js/
10 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f6641604da96a97d08c137adde1e15d355fc90c7b18ccc7893ac260dbb20337
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
156403
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QB3SNY55F0GJP9KC
x-amz-id-2
9/PBkEq+TkwtoEra4H0eT3FkYzgaeUwXHGEmfaFj89vhjokTHUg6XP49o3g4MlkGtzRbq/Pj+Ho=
last-modified
Fri, 22 Apr 2022 17:29:09 GMT
server
cloudflare
etag
W/"6dc88618bfc712b8ef612b90f0e37666"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
EDGHrTd32iE6ilhcwdA2DPXBLcJ.q1pE
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d56f91e5b98-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
2432.d8441b61.js
cdn-client.medium.com/lite/static/js/
693 KB
214 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a132b202e134fc5a2a9179cf72ece97a614f94ba00bce8af1778633d2337557b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
539669
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH8BMWK1N5ERYNB
x-amz-id-2
jAy3kdCgwBfIv7KBM+U07XOSCfobzL3CnmV/bwHExnUTLRSF3QxV5TpAtpSfQIF9+XWEOrbc7Xc=
last-modified
Thu, 14 Apr 2022 09:35:47 GMT
server
cloudflare
etag
W/"4ea04e083777417655bdfab94e3b1988"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
d4yOD0d3viUzyB5H2ftJictqMsEU7ccN
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d56f9255b98-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
main.2a0353f2.js
cdn-client.medium.com/lite/static/js/
721 KB
175 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/main.2a0353f2.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b5c086363264e36c43d428b736ef267fb310f119a626ff2a87ed226dd09fdf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
328813
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XZXEQM315GJYGX94
x-amz-id-2
VWiWT5z9v0zSUo+6ZYAgHfSw7Xj8/ltqSzVQZBevQK+fuAEXCmjBUUBPS42cA6ZAtbJuUCaP5NI=
last-modified
Wed, 20 Apr 2022 20:53:40 GMT
server
cloudflare
etag
W/"5ed915f68568741e5af7548f969774d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
MqhEbCzLFU03AxU_ADaaa0aQu3ygv80U
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d56f9265b98-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
5573.159bf40f.chunk.js
cdn-client.medium.com/lite/static/js/
62 KB
16 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
803554
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
W5EH3ZWGCATAJ0JK
x-amz-id-2
uquA+D1mKTUgmaodaYFoBDYRFjBCghvQCPgGBuwnPNqPSgEh4m7aoHPDNWRkrQ4qGn6JNGvqqTU=
last-modified
Mon, 24 May 2021 10:33:47 GMT
server
cloudflare
etag
W/"285e9d718f6e570e00b30e966996ec1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
HmLCtdjGYWgk2SnFK4M0oX_6tJ50SNp9
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d56f9205b98-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
instrumentation.3c974b48.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/instrumentation.3c974b48.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c7d6eec6793799ee5594da6b8f51b2f2e5b49d6744ffca0e250613481ab452
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHC8B1TRZR74CBF
x-amz-id-2
z3WhWz+YlBJc2hPnc0ARhb27k1kgSjFT/omm5ncUygZ+Qwpg6JZUV6n4y0L6MjdGIun1sEhSbss=
last-modified
Thu, 14 Apr 2022 09:07:11 GMT
server
cloudflare
etag
W/"ff66ec13bbcc5b73c4019bb39bd044bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
qjF6fisK9JJ5aoxqQKyOQ9uuWcg0f8QA
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d56f9295b98-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
407.bc239897.chunk.js
cdn-client.medium.com/lite/static/js/
21 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/407.bc239897.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57d7e335635b2bbec137dff9afc1d284e8efcff1cc28cd2ac92edc8ccddc3749
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHFBM4SFEDKW4XV
x-amz-id-2
fJ+MDNRq2AsSO8E4R0uzQUZCJCS/I01UR4pzp879vBoGbMZ6IHI8cgB5YdD3jUSL17qHZ/lHxS8=
last-modified
Thu, 14 Apr 2022 09:06:27 GMT
server
cloudflare
etag
W/"34675f828a974dbf83babace038c3f15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
sGsjD3uwddUrPGuYfsZf8a24w0k_0NA3
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d56f9275b98-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
9216.3db13475.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9216.3db13475.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8021cf2dae7f4997b2c1a72ffe82fe2ad7fd4299ccfd7279c8fb8892ef0c495
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH296CRQQDYB2V8
x-amz-id-2
mY6rALMQB4cP9fqaURW2Y07YZHRs8vI5IdWzNsYIPZHORAoA+OOSU49hBGVHiRclmeqYQ3m8v58=
last-modified
Thu, 14 Apr 2022 09:06:35 GMT
server
cloudflare
etag
W/"5b419d65f14cdfdf454bd2f33e125a38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
heA.L9U6.758IbuJl9cz9qkk4zZnDDyl
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cae5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
AppLayout.787d6c25.chunk.js
cdn-client.medium.com/lite/static/js/
108 KB
21 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/AppLayout.787d6c25.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5431a574b9b9ce877ceac8b50e723dee871e664b10a1e4e626c025bb7b7c8cd5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
178773
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1B8ZA6N1X6MSVZBE
x-amz-id-2
o0a1ed82vEU6gRJZydL+ZmGFIWWirUXSGbIpTnFg/yWYZ06ukvxy9hS3P7Fr/eg0nT49QsJucUw=
last-modified
Thu, 21 Apr 2022 17:40:00 GMT
server
cloudflare
etag
W/"7dc0d1c37a6a1bf81c8539bda5b18e9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
nx099.52bj013DZXwMImKf3pOVURt9Mx
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cbc5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
reporting.f90575a9.chunk.js
cdn-client.medium.com/lite/static/js/
1 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/reporting.f90575a9.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abe5f8b85053850abb6e03c4fde96e2a2ea3f1d9220fdd307f18d5c371d50cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZTNFQ3DE11YMHABW
x-amz-id-2
MaoH80zs6gT3mZ9kscdnCoX3sGPVpE7mKymkioceeAFcF5EY9v+ywF0g+A/3xSr64Ws1eTUy2wE=
last-modified
Thu, 14 Apr 2022 09:07:31 GMT
server
cloudflare
etag
W/"635d49707990cdd4f3c1ad13b0d0eafa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
OrnP3Wx_LBAu5tvJHOBGMuYc5kyast0a
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cc05c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
3402.43690127.chunk.js
cdn-client.medium.com/lite/static/js/
5 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3402.43690127.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b223867849c67d463897ff4aa970bc9eb172b5ce0089c824bf15b9279a4d65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HAAG24G2J6Z2R75J
x-amz-id-2
jJHkPZz4jKyAsNP2i/dv6IaWMQwqhAapRtXjUBSK8q3UBd/y+/If7ERC72s6fXSiDmDrpgBjRnE=
last-modified
Thu, 14 Apr 2022 09:06:26 GMT
server
cloudflare
etag
W/"ca4b6f5071c04a623a9bc72ced0f2727"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
L_jxD7YdqC4D7M.9gF7agHoI1l8zYyGo
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cc15c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
1752.a348f767.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
457349
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
KZ14F4DJ39Z3KD31
x-amz-id-2
EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified
Tue, 25 May 2021 18:36:29 GMT
server
cloudflare
etag
W/"7741f0aa651938c2144d2a015cea95e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cc35c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
7794.9590314e.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZZ2GZ8XPEV2XSK8Q
x-amz-id-2
ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified
Tue, 25 May 2021 18:36:34 GMT
server
cloudflare
etag
W/"fdb51abd005c8009b18f0a8ff313072f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
edEnQQoOPA8J97QSUBTjXG.e16leDLA5
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cc65c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
8316.18f2a6aa.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8316.18f2a6aa.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHD5SFN5Y8TW45S
x-amz-id-2
hFIjAklPE8uAiFD3F+iWoIjr1hZAL+bvgJNwZvAJEZUDnYTo6ZgZ84z2QdIcyEiccMTz7/tDkuo=
last-modified
Thu, 14 Apr 2022 09:06:33 GMT
server
cloudflare
etag
W/"9fa67454adaeb385a3a70077ff7b7df1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
QUYK47Sx_vLYH.MHyrUF8Ib7srVpusAN
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cc95c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
2405.89e8736f.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2405.89e8736f.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5fa5d264f847e3bcd45c3aedbf330f93c59e6fe473ef54ff9f6aa59c3afffa0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH2TE2SJTAHKM5Z
x-amz-id-2
XhOOvodMaGPRX1ojQDX2fJ825yiUBac3LNf3jZg8okPfD032sOJYW39eboPyYoY017frR5Y++MU=
last-modified
Thu, 14 Apr 2022 09:06:25 GMT
server
cloudflare
etag
W/"d00a20bd58905eea8d54536e9f107647"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
rVT8_6QruDr0MpUrMx5.bmLv9Vum6pG1
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cca5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
5221.34ffa266.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5221.34ffa266.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c8712c34fb797bd6aa911669003ec9e520a69251be5f691384ce75b74c5dfa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
421297
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
08RXN5AT4P0Z7F9B
x-amz-id-2
tLYaODXU9X9VUTHpdwSCH5CxpUTWPQ68GS6SCT0SS8YRXUJibCY7fUb8Y+O5YX70VNkwAGZoL8E=
last-modified
Tue, 19 Apr 2022 12:20:31 GMT
server
cloudflare
etag
W/"eeb4b81d48196cc201b9110e489df684"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
uuG1XkdRA7leWUOvRsLV2BtMqyR4pccL
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573ccb5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
7927.2808b7fb.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7927.2808b7fb.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6c2c34730d1750fbeeafda24dea309bda720a0ba14518453b2314f778eda6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH1PP72JD7ZC4KX
x-amz-id-2
jL0uI8uuyrXYLFGE/1W82XjY6t/xLL2r94yNzdWzltKFy2xq+wPzVhtLYW216v/Z0kMGAC/0fqE=
last-modified
Thu, 14 Apr 2022 09:06:33 GMT
server
cloudflare
etag
W/"40219a5e404b723e34b385d93749eb93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
IxrJR.aQAJezcuYFrtyltHojOozyWQpH
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573ccd5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
786.03a36ffb.chunk.js
cdn-client.medium.com/lite/static/js/
4 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/786.03a36ffb.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631d2367c0fa2447811a1ce22c115bc828e6655cfedfc3ba4457ad8694cfd8ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH6RV2AGRQ0H7A1
x-amz-id-2
GBzNzo/Yy4mLB5vDNQiiJZbJaFjzBRUpqk2qrtjNnJICjvhRI7l2CFpbT6MC/aYuo49KWxbvf2w=
last-modified
Thu, 14 Apr 2022 09:06:33 GMT
server
cloudflare
etag
W/"2851e5a2798ff3cbdd1138972426933b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
3Dc.8odO3AGlGT8yk7bJev0oeYPYJNZI
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cd05c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
5472.5f6d4371.chunk.js
cdn-client.medium.com/lite/static/js/
11 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5472.5f6d4371.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH8PTMK5AP330DM
x-amz-id-2
xGpOOu8UZAzsu1YWUtNuDaspxj3NnwdsbLl4CFr6mQNnuC5VgdmPYNonihLFzHPh0iUQuVnGPss=
last-modified
Thu, 14 Apr 2022 09:06:30 GMT
server
cloudflare
etag
W/"6adb8844d763f7d58b6ed49ab89899c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
M9BL7xv54wPjdaXSST5ko_cL9x0mMNwi
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cd35c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
2981.a5db1477.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2981.a5db1477.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a50c182c3abff5281695952c4a4e15735b198053c6ffca9e67d44a2aa8a4696
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHD79BG7TYX8FQF
x-amz-id-2
i+703M4auI2KWsJr44vB1PX2t1YW8SvqTOaxNZoY6ZxLgCuFeMfj8xYi9lUJuKDlA8520qipoBs=
last-modified
Thu, 14 Apr 2022 09:06:26 GMT
server
cloudflare
etag
W/"2195fa1153170d02f4e8ffe85e34c5b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
0P7ivI0fxCKSZ0gTEie59OTCIkM7d5eE
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cd55c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
5260.626b1a4f.chunk.js
cdn-client.medium.com/lite/static/js/
150 KB
39 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5260.626b1a4f.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a81b674bedff3bff07f4f79c82d99f7fb4abc4d051725c3d370506bbfc002540
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH0NGF7PM5XVM3Q
x-amz-id-2
tUN9V2+xFd4zjSA+ZMII7pflnNw+pyPpiJtuuyR339PAg2pEfEqGPZ4lYH2M6DDxdgzZ7ePoFLk=
last-modified
Thu, 14 Apr 2022 09:06:29 GMT
server
cloudflare
etag
W/"d54dc2b69a8408e4b05103b956019a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
XEFVan_esU9zit2XEfJ9ZVMckrSpVrqN
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cfe5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
4869.8291240f.chunk.js
cdn-client.medium.com/lite/static/js/
17 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4869.8291240f.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e1a6bf4b5c74a541f197d4846a74c778b971d7781e4ed884f5998a286abb4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
343112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3HPAXY3S3JM1JGCQ
x-amz-id-2
A3bDweDeALOAwdmNjqSg8sEMgaNUyinZ8xtk3NU2+2AcwtKBdqVfqEWzbE18m/GbxTGkvG1TEAk=
last-modified
Tue, 19 Apr 2022 23:16:55 GMT
server
cloudflare
etag
W/"e1379e21a2011f93b063d7428e86c291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
1CO4NnJt45enFnCCLjZNoxupEP..cDwh
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573cff5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
7404.531e1078.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7404.531e1078.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c108d23203210bd05eccb17b3a0da55998114923136898a4974cf79937a22151
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHDT3YVNV2XZQR3
x-amz-id-2
ehb63TOKN9TCs4vED9kKrnIK1apetD/y1LRT0EQpAmVWRDsyHECuGlRbMconLTqH7hRan/2uM24=
last-modified
Thu, 14 Apr 2022 09:06:32 GMT
server
cloudflare
etag
W/"d0bc3d4525fce31951de95b94e99e4fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
4NZHYH9C2mIIj60xQabg5TkAEssLTQTj
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d005c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
455.ec8cb7d4.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/455.ec8cb7d4.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3ce9949e8a59979315dcb0dc1cfaba2f38485f563c680c429956e3925a91fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH1JRTJCQ4DS00V
x-amz-id-2
L/1jSUcYBuV76+1i+x4A1KmldHfKb16mMmdqv24PxOXu0srcb4rfvNvw4Y5AJEAWq9knqHifjtE=
last-modified
Thu, 14 Apr 2022 09:06:28 GMT
server
cloudflare
etag
W/"ac369a12224df79664f79fbb0cb6f5c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
9maM_TgDrwji3EW4E8KJPZFyo3qSMcol
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d025c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
7070.088d513c.chunk.js
cdn-client.medium.com/lite/static/js/
18 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7070.088d513c.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b01204c367b33010f85cfd42e023acd087dd548f8dfa8e68b18cacb45e1f876
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH32NHX2PK3308V
x-amz-id-2
zsvx/2w1ItKRz24BnsDl2fEJq4IZfPeeSEGQvT066vYkRPZNDOGz5UOf42N7pg1czdlQpuPnmjk=
last-modified
Thu, 14 Apr 2022 09:06:31 GMT
server
cloudflare
etag
W/"4d8fdc449efd237280288bbf688558f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
K0muy9JORxUH6p6bJfgV09ZGno7nymcE
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d035c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
7217.3953b0f0.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7217.3953b0f0.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e44b89888ba69b9a2e0fbf4cf2e26389f9ecf2711df12d0d286dbbebc1281b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHBYVEYW8BWXXNQ
x-amz-id-2
P0LsJ8j9mlyYmTP45azx+eH4U8lLRKb1lUbqryQn4YVtC5ILscAPJR9rhFMHGH+DeUDK/Eis60c=
last-modified
Thu, 14 Apr 2022 09:06:32 GMT
server
cloudflare
etag
W/"58720bdd388e0656b76f62b4a5ff5342"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
OZwFHpgdUD2sKDAtk4gZmMMvNPTrJlRt
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d045c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
8491.a2b7fab7.chunk.js
cdn-client.medium.com/lite/static/js/
40 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8491.a2b7fab7.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38111edac6045a680d3d8f2f7d638f024047b53fcc055dc11250d40dd98ee2d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH6SVKHC1BPPRR3
x-amz-id-2
36Hrc4Echk9c0rXd/ZzV2AvDGV98iS/Rer07bucHbq7lb1+RCcRBOopXJ7HxCt0ZJwpVnBB5rWo=
last-modified
Thu, 14 Apr 2022 09:06:34 GMT
server
cloudflare
etag
W/"5d01285ddf2c787bd518a32b366af371"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Jsy2Lxh1msL6Y.ooRtLzR4d6vHqwlQ3F
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d055c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
9211.b7a00c16.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9211.b7a00c16.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98433e98decfbc9278b45b95d83623746fcdb2662870afdbc0d9cd6d84caf54
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH4W640C9XF6RJN
x-amz-id-2
DRUt8mSyKes8nCq/psp4HGMhhDPpua9crWNc+2eEgEb5nqFc75RzvIl1M2mhUnBmuNlGMDhfBlA=
last-modified
Thu, 14 Apr 2022 09:06:35 GMT
server
cloudflare
etag
W/"577263f7900d50e63a75a1f0f05dbbe5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
VWEllxqkFrnSXO387u0TA6YYdC3U.pgv
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d065c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
6562.6c3f9802.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6562.6c3f9802.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d0a56f118231878b6efb098e52c15c24d01bb1d8ad2f4d6d4237bc4dfc3f3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
351207
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
P1M42AW9QBTBBTZQ
x-amz-id-2
XdlBeJW5OdzmY786nhuIdMkGi2IaxnEmlov0XClJV207SbauWrBY1qFK0AgNP/3pD/YaEE3wnLk=
last-modified
Fri, 15 Apr 2022 15:45:14 GMT
server
cloudflare
etag
W/"1ca654d2edbbd07104403857df5f81b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
AASPv5ptCk06M_vQZi9Up905TWUR.1Rn
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d1b5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
7215.d799b2b5.chunk.js
cdn-client.medium.com/lite/static/js/
37 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7215.d799b2b5.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca1be7fb0f10c09765a6b7bbe5cacd522ef68ca9656954e2ab93ebfbeadd5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH6ASKCBHWEH6YT
x-amz-id-2
thX0A0WpRM7CNFcf0QiWHYAuHXq2b/71GV+8DWH0JZPx+pWB1sXCstFGQZINVjbMbe+ngkvwu0I=
last-modified
Thu, 14 Apr 2022 09:06:32 GMT
server
cloudflare
etag
W/"3c526ca7c5fee7883f16deb523109c91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
8XpJXp74sBSDTltKZ7Iy4ZGcwhFWJyxk
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d1e5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
864.41fe9c86.chunk.js
cdn-client.medium.com/lite/static/js/
16 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/864.41fe9c86.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f8e45dd2eada0aa7f9746e369496a99ed0d1bc70ec364dc99066674373224f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZTNAF09XCK1FJT5C
x-amz-id-2
dTTttVwlA3PTaKgrh4eq3rmxgPAxiCJymvctDY+V9ov9AlhKhryMTs6tH98N8ocHdHR28jk/7A0=
last-modified
Thu, 14 Apr 2022 09:06:34 GMT
server
cloudflare
etag
W/"fff5133a06973c44d03a9975ebc499f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
35onYHaq2EFcCuHneGFmh1Rlc_q4dy_H
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d1f5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
4351.0369de5f.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4351.0369de5f.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
823af0ed59d37ff692a804950379a09490c6418e7b18629616ab9b6bc3b7d9ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHCBPE4W0A996V8
x-amz-id-2
ikWd7+eLYjwl8TmJwUxM03Dido2xgcO6wFP9ksGOFjfI4XE/6rk8TJPre7k1fc9qIg18H/76XN0=
last-modified
Thu, 14 Apr 2022 09:06:27 GMT
server
cloudflare
etag
W/"706de7bad195044244572950d562e14d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
LnE7PgGhZCmzrDthwn8d8CF.czjYz2iU
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d205c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
82.83ce6d83.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/82.83ce6d83.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a688bf794d2b0344741a5bd24831d2527d999e5395b8f19055b0b82805373d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHDCBR3B6ZMNA8X
x-amz-id-2
qJC1bfUmqAsLIIwNe7N7rxiKFcgwA3LbPEVSUrfDXggaxU5TzfiCXUlaRZhTzGUJfS/J8TMbnsU=
last-modified
Thu, 14 Apr 2022 09:06:33 GMT
server
cloudflare
etag
W/"14e1c3bb89a150e9af8b6e481200d7f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
pPofGSIVAl0KmPhGyMZSP9BXsaGh4qy_
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d215c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
108.03b9652e.chunk.js
cdn-client.medium.com/lite/static/js/
100 KB
18 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/108.03b9652e.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a9dfcc7fb458905a960b1d44c73ef9fd59c959393f31d0e5ecdf99e137a849
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH7CFHB8RDR73VJ
x-amz-id-2
kYoF14l5ZxbPwO0NZ+X7+shscUQBWUmUeGhVd5s+iLTzZpfb0QCDxLnTpatDgpMPWsaCDdUegaI=
last-modified
Fri, 15 Apr 2022 08:10:20 GMT
server
cloudflare
etag
W/"7c2ea1f36d696b74936232f1e88900d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
G2eY.NzI3u6RxUOwjwtpIZlWWV4tJwUj
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d235c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
5281.652a7988.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5281.652a7988.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efe526dc817b96a4822fdfbee06c9100af12e59e1e3a20932e6745c35e09988
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNHA6FG3QS6BVZBR
x-amz-id-2
bKpvQT0l0R+9iZqrjI+NXH9ySdz2IFP+YXfDKuy5s72Zk70knnO/JKoSdTDbKkL+TCOkHk72s6s=
last-modified
Thu, 14 Apr 2022 09:06:29 GMT
server
cloudflare
etag
W/"04b131139a2938b205f512652ec29a97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
33irNxWTdFjop9o1_s8tyzZ.0zoR_rMU
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d245c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
4483.0101c012.chunk.js
cdn-client.medium.com/lite/static/js/
38 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4483.0101c012.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07918926d32c0d5d21c288246436f1cc382a3b9adf3aa176a4b8c0816af62223
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH1YTQ6E6M920R7
x-amz-id-2
dYayIGduzTq4ZA4PK7fr/S4vhbNG20MqIBzVL0gN9baEYSZSgb+ekkXPwUV+BVhNUH2dpYE9jQc=
last-modified
Thu, 14 Apr 2022 09:06:27 GMT
server
cloudflare
etag
W/"561e556084890738e5ab71de9801ee5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
hRmNv03McdnjlIEbnQRlszZjFIUcsYjR
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d255c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
5436.0d53f129.chunk.js
cdn-client.medium.com/lite/static/js/
46 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5436.0d53f129.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88e666415b3c9cedc3c62c9ad58aee468a4699fd80aaa29f7b91fa8b1ce64bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH4MYCK2FPKY1XS
x-amz-id-2
sru++1AI0HptsQztpqru/K++fYXVLAZZ/7/eDbyVI0+59CDZiVxpYV/wR3/15Jdi+OcQk2tDFM4=
last-modified
Thu, 14 Apr 2022 09:06:30 GMT
server
cloudflare
etag
W/"45848e842e41350ef22d108dc3a90d17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
BM0lF1rKwhOhO_nsVQJcPDzOU1bfIpap
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d265c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
3043.34648c6a.chunk.js
cdn-client.medium.com/lite/static/js/
16 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3043.34648c6a.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41234e184791c80f9a83742fa6c197d988d2565c6608e0ee4e3373e93e31445b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
958011
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
41JJSBHRFDQ8PDRD
x-amz-id-2
XSga7+dFr1nQbg0udnpaD+ZembEzEPdu+SftY2Oh1KKvw1c9bKoMx1JiDFAD6dkwWt7KaglqoQE=
last-modified
Wed, 13 Apr 2022 09:57:05 GMT
server
cloudflare
etag
W/"57e7dd326c1b4d24e44ed9b8655754f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
qLLyYE6QMBOdC61niRO7qEtzgOLMz.Fw
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d285c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
8849.e115d3a3.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8849.e115d3a3.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e46dff53123335dce3e87dfc8251b15ed13b86826aa3118739b1243ed6d52c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HAATHP1X27M9HZPW
x-amz-id-2
683N1h/tXCINTqDwy3VcGYllMGCVmR7O99borv9elo47JM5seRVfVFqZ/3Ntjb+Snb+lPFzB4UA=
last-modified
Thu, 14 Apr 2022 09:06:34 GMT
server
cloudflare
etag
W/"d163a762211dc93b003999a47cafe931"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ugBxVtgkTa8ZpfcJJs1c.657kjvR0RNP
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d295c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
PostPage.MainContent.87a16840.chunk.js
cdn-client.medium.com/lite/static/js/
149 KB
35 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.87a16840.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b83a9b6c0b9885f1bbc658ed35a02f4249d18a7139ef598865d7fe1929b3dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
421297
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
08RXRBK3A9JB3K4K
x-amz-id-2
oq1KC1Hxbtyj0PWYqIS0qnjPRjmQAbi2gt2aUmwNf9L9Gi1OFISwvg4BtORKY9mm1BuhBzd9bJc=
last-modified
Mon, 18 Apr 2022 18:58:28 GMT
server
cloudflare
etag
W/"3c4f455ef87c509bc2e585d546d1ba8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
_7JSubchvF8jN34xOkbX8sL89Occb9rv
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d2a5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
9855.9e69fa39.chunk.js
cdn-client.medium.com/lite/static/js/
17 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9855.9e69fa39.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8abac313c0dae8e2709ed36c1c1676d1a8a86c8e3a3965a179442e669c25afa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH7H59J7QC6V68X
x-amz-id-2
gyS8ldjT8aws/lMw9VGPbkNS48v4x0dQz9XhRbQlSgj4SBP/PTxNceMrNo1pV1Nwwd1aERiim2E=
last-modified
Fri, 15 Apr 2022 18:26:13 GMT
server
cloudflare
etag
W/"01bbdff36d0c4903b3d076b034dbd253"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
koXbgREQZJn8hxN5mgAbbW0MQggqXgDa
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d2c5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
6867.bcfa4e6c.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6867.bcfa4e6c.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045676d2831ed605d4edf201f9b8e3bc4fc46e4d488d9e677b6fa83043de6720
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH7YTTQSSZG18XS
x-amz-id-2
XKHuYZfu5msrcHtwsAJFK4PajzVv2H7yH2KREVMevuFRrEo3FhDJ5YzD9YCBOURVowD9fmNpvk0=
last-modified
Thu, 14 Apr 2022 09:06:31 GMT
server
cloudflare
etag
W/"c35955eb45367a3c5a61cb3e5279c051"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
T1iOWUKz_Z7hLHCKM26CR_AUg99Ys3ui
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d2d5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
8267.bd6c7fcc.chunk.js
cdn-client.medium.com/lite/static/js/
14 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8267.bd6c7fcc.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e862a957a95b167600d06cd2c964ac06266092937f8ca2f587d302221e07736
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH9TT2FRDHEJAJN
x-amz-id-2
CzZXWd4XJhBL5DlE2SA+PFp4LcvTYJPcsYcI34zw48MscRCdM4Mw+AsEGsodT9ffByISg9U31vw=
last-modified
Thu, 14 Apr 2022 09:06:33 GMT
server
cloudflare
etag
W/"6398675540e0c71d315b2ef2e05ed6fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
fgCIJoEUvzHhaObJL5yEPMH3fkD2i4oj
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d2e5c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
PostPage.RightColumnContent.525c2d1b.chunk.js
cdn-client.medium.com/lite/static/js/
29 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.525c2d1b.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6515e1b20043c4803151cb909ad2b8123e47c9e92c7067d7c8df5a9172d80847
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNH1M7QMKR4PXV8S
x-amz-id-2
YsioLejBayHERSwtCh+B7t58fwo2Zi9LfbGgzInIrAa93yLVOLogn4qHRw6QhND5yl1PhFX90qg=
last-modified
Fri, 15 Apr 2022 08:10:45 GMT
server
cloudflare
etag
W/"a9c35206b49a53286cb65dececc301ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
dN4n2MJ9aZr5EpgkfNUiRA0BgPPcRPKs
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d573d305c62-FRA
expires
Mon, 24 Apr 2023 16:44:10 GMT
4792.14f7a597.chunk.js
cdn-client.medium.com/lite/static/js/
92 KB
24 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4792.14f7a597.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037c0651d9c9b72d1c9a88010e2530907e7fbca66d4f1c97bceea1393f1e7c3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HAAK2JN6DE2M03W6
x-amz-id-2
Ypea0MIYkuTkpRkidUVMlfjFOekUzA45uC+Vg260xcsMfq7uG8JtKFIS4kZQE6pRewZ1DuqXM8M=
last-modified
Thu, 14 Apr 2022 09:06:28 GMT
server
cloudflare
etag
W/"68d93728be9339fe82bac120d5ca3d8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
G5oQk1h_lSKJ4xkTzMHQRHB7mff9ylPH
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d5bbdc05c62-FRA
expires
Mon, 24 Apr 2023 16:44:11 GMT
7084.b2e2a6eb.chunk.js
cdn-client.medium.com/lite/static/js/
68 KB
19 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7084.b2e2a6eb.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9800223ce8f0691ee91d0721640086a5022d8c27d9497adbef62b5b76678aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HAAQ1BHG1Q16PVH1
x-amz-id-2
rpTC/g1yauiB3ex3gZ+cTKDlgxEFf7nDWcxwzgh1Yqr5GFF4SJIy94jJA7RtkinTdZa5o0XjG1A=
last-modified
Thu, 14 Apr 2022 09:06:31 GMT
server
cloudflare
etag
W/"73521766007a340f43277ee2bb9cef8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
cfpB7exect7gEoieK.cn9tDJbfHjhHR.
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d5bbdc45c62-FRA
expires
Mon, 24 Apr 2023 16:44:11 GMT
8537.29ab83f7.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8537.29ab83f7.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5679f29ecd4ef217d09efc2f24975ae464eaacb7f2a5d0c6d8f8826da7ec021b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HAANM2B6MZQ1F68J
x-amz-id-2
84d2zFKasory9ZlNDSGTzv3EI87GPZohOsS6HQXKDHJfZxnTUM7J1mJ4vUF7Ru6V2JeVI0zORIo=
last-modified
Thu, 14 Apr 2022 09:06:34 GMT
server
cloudflare
etag
W/"e184386ab56bc2c712b8e6fbc4f83a8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Qk_8LgS9pAqsMKxCAf8ZI8XsRNIYBH9A
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d5bbdc85c62-FRA
expires
Mon, 24 Apr 2023 16:44:11 GMT
3551.69fe8b4c.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3551.69fe8b4c.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cb950f759cf04de04b107cf1a1d3d7beb457c57abbb06ba0e53353d6854435
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HAAMWT2XVG25CV99
x-amz-id-2
O92GO+f5wp4MZTPejDTn027EcUMgktwemYti2/OluHYSoWgSQr9BjKB8dPZlk2XUWR7lcrHbwk0=
last-modified
Thu, 14 Apr 2022 09:06:26 GMT
server
cloudflare
etag
W/"bbfd20f6707f94928e866764ecff85e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ayC7oy9vYwAPAudL09GUE6theIm7Cjz_
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d5bbdcb5c62-FRA
expires
Mon, 24 Apr 2023 16:44:11 GMT
9104.d15c7fd3.chunk.js
cdn-client.medium.com/lite/static/js/
93 KB
27 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9104.d15c7fd3.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6da58ca59f2d4d96243cad2a0e35cdef45ded2eaa9f2288080cbb8f1a6b2e82
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
178773
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QEQG1NQ8J5CB39CW
x-amz-id-2
g5IYOXQ9mUKoAEomLHx2Hx3CTMEbyMdOVut6d64NtPVU9YZCmoP6u5c9ErbYOUXj8WIA4/rrbYk=
last-modified
Fri, 22 Apr 2022 08:22:49 GMT
server
cloudflare
etag
W/"2f090aef0d5d462631bb3c8eb2c005b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
lp88Tinxiq7hM9Uc.oqB0CgCT8vY1VHj
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d5bbdce5c62-FRA
expires
Mon, 24 Apr 2023 16:44:11 GMT
ThreadedResponsesSidebar.5bca90ec.chunk.js
cdn-client.medium.com/lite/static/js/
11 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.5bca90ec.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46ae7646156ceff7f10d7adf0ce70c42fe739a24a769c52b7377f7985d56ecb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HAAPMGZVJHNV5J09
x-amz-id-2
eF4yArygea9fVOUXGzbQQJNVcfA3odVWQVHCxt5IMmeKzyNRm4Msc5B29hxHg3vP7Uq2gsNocLY=
last-modified
Thu, 14 Apr 2022 09:07:04 GMT
server
cloudflare
etag
W/"6cb059260c23a64ab427e5204bbbf3f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
cZnuP3jpIHqMOMoLkKnEZh4blbs.yVCq
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d5bbdd05c62-FRA
expires
Mon, 24 Apr 2023 16:44:11 GMT
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/24/24/
383 B
790 B
Image
General
Full URL
https://miro.medium.com/fit/c/24/24/1*dmbNkD5D-u45r44go_cf0g.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
162174
x-envoy-upstream-service-time
25
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
383
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
70104d5d68de5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/20/20/
310 B
717 B
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*dmbNkD5D-u45r44go_cf0g.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2294c42a99ae9402581e67fe5c0262d7ebf4cc7f45bfe9fd2f00862e304f4a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
102678
x-envoy-upstream-service-time
137
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
310
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
70104d5d68e05c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
0*funYCBH8ZLu6MSOA.png
miro.medium.com/focal/56/56/50/50/
6 KB
6 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/0*funYCBH8ZLu6MSOA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc1ac3963739085f30313b6294292f19b68bb076beba9642d2652b276967549
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
74
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5772
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d68e15c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*OhkxLCD1h_TSBTPOP75Rrg.png
miro.medium.com/fit/c/20/20/
540 B
946 B
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*OhkxLCD1h_TSBTPOP75Rrg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6c287292c89e788fe136d073d55950c4345786d7f590262fb0f61372e920c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
69213
x-envoy-upstream-service-time
71
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
540
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d68e35c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
0*2eLT5gtF_KWAOWDJ.jpg
miro.medium.com/focal/56/56/50/50/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/0*2eLT5gtF_KWAOWDJ.jpg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cecbc0454ccefb6b943e7855674145b4b0bb7c7687d6caa53969ecb0fedb8aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
39
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2071
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d68e55c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
0*Uw3fhYnqOQUckfNr
miro.medium.com/fit/c/20/20/
1011 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/0*Uw3fhYnqOQUckfNr
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b243c310368ac236c9e0156e67ffd2a570d2159d41b4bea8d118f78becb922d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
80
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1011
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d68e75c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
0*qRuNqaPIwhZX8VwV
miro.medium.com/focal/56/56/50/50/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/0*qRuNqaPIwhZX8VwV
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7aca262af2707ffcedd0661f2d29ed60ce73979fcc14b7f954ea77959d4ab00
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
37
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1254
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d68e85c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*Ud-Mz31o0jymGcyxb-h9fg.png
miro.medium.com/fit/c/20/20/
780 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*Ud-Mz31o0jymGcyxb-h9fg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dadf143c638e50c0789b00847977d5e774b178b8852e7babcfe6ebc265f6c97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
20415
x-envoy-upstream-service-time
214
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
780
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d68eb5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*uBtxrj-S5TSb9QlA9GC9Hg.png
miro.medium.com/focal/56/56/50/50/
3 KB
3 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*uBtxrj-S5TSb9QlA9GC9Hg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9b3941e4c4b9915a3c8ca5e163a47c1626f479eaa81957999c9c82cb67e2dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
66
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2667
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d68ed5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*3v0ktJZ-a-uV7KOqs9vF6Q.png
miro.medium.com/fit/c/20/20/
256 B
663 B
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*3v0ktJZ-a-uV7KOqs9vF6Q.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3afe001413f291b7af730bb71a8899ff5bdee07b171ea0f04156c79e6d844e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
303772
x-envoy-upstream-service-time
63
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
256
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d68f45c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*FvKkCmvRbz2I_-A63PkVAA.jpeg
miro.medium.com/focal/56/56/50/50/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*FvKkCmvRbz2I_-A63PkVAA.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31f148f139d49c028556ba274f680cc2a6d1f96fe89541fc2849ed96d419e16
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
59
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2097
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d68f85c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
0*HLYpVTCwkw28aG-J.
miro.medium.com/fit/c/20/20/
1 KB
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/0*HLYpVTCwkw28aG-J.
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e63478f8570615ddb8b60a003172417b06b0c41095a1547d68f99f7e978226ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2195
x-envoy-upstream-service-time
58
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1033
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d68fa5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
0*6zHm9Xvv2-Mk16aw
miro.medium.com/focal/56/56/50/50/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/0*6zHm9Xvv2-Mk16aw
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f971121e33137fadaffc6af055b1c7bfc5029282d408fbdeec05ec54a4183be5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
53
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1922
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d68fb5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*jfE28M-bdq3M0NssXEFf5A.jpeg
miro.medium.com/fit/c/20/20/
1 KB
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*jfE28M-bdq3M0NssXEFf5A.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66706ccfc96b02938665a6f1cf55d834146b25e7074ddc13ce1690438a254419
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
83
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1066
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d68fd5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*g4HX3lGJhhvXcethuYQ3fQ.gif
miro.medium.com/freeze/focal/56/56/50/50/
657 B
1 KB
Image
General
Full URL
https://miro.medium.com/freeze/focal/56/56/50/50/1*g4HX3lGJhhvXcethuYQ3fQ.gif
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c46d79750c4f38ceab20ad7f9b3971a0d20301af94b5b0268708d8f93c138e93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
45
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
657
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d68ff5c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*lgzd8uaVC9kPSPblONEoiQ.jpeg
miro.medium.com/fit/c/20/20/
974 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*lgzd8uaVC9kPSPblONEoiQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0205dc64948b458e93fa7fd762b93fad08a841c9e1865c659e3f44e52b17bc4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
69
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
974
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d69005c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*Ep5kKJag6JEyemtyYFGO9A.png
miro.medium.com/focal/56/56/50/50/
6 KB
7 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*Ep5kKJag6JEyemtyYFGO9A.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0444a292e5617a3bc31414d691f00a3f3b1c8b413a3d97a133c686e12fc00a56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
36
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6510
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d69015c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
2*RaresSjZlyaur6QF_UWGew.jpeg
miro.medium.com/fit/c/20/20/
967 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/2*RaresSjZlyaur6QF_UWGew.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0352192b40314e1e6e58e40e662e634e6d4ac6b04639be6695d87f809dc81796
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5576
x-envoy-upstream-service-time
49
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
967
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d69035c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
0*JBqZtxUM88_58wK_.jpg
miro.medium.com/focal/56/56/50/50/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/0*JBqZtxUM88_58wK_.jpg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a75a9015bd3eeabc7da9a5114494940fe7d96551cdaa47eec60950b0f658824
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5576
x-envoy-upstream-service-time
381
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1498
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d69045c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*9vbms7n4gmYFKurrWMOukQ.jpeg
miro.medium.com/fit/c/20/20/
989 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*9vbms7n4gmYFKurrWMOukQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c73e5b5ada98711f2bf2ef8e6b72351d096e2fe1eb351552d7a943e782abdd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
111774
x-envoy-upstream-service-time
39
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
989
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d69065c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*C5lb7jEZgGmlx9qP_heTFw.jpeg
miro.medium.com/focal/56/56/50/50/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*C5lb7jEZgGmlx9qP_heTFw.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eb93d3025d34d98e78e47ba638c576e124df0b58bc9d6ea0c043af5c1fb3952
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
32325
x-envoy-upstream-service-time
65
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2125
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220418-141835-1d92ac7480
accept-ranges
bytes
cf-ray
70104d5d69075c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
1*ecP1reCgkzkxz77n2nlnmQ.jpeg
miro.medium.com/fit/c/20/20/
923 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*ecP1reCgkzkxz77n2nlnmQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef3c29a1b31cdb67a1dcb1c37b2c240e38f52afc05bee70387378c20282b355
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
43
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
923
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
70104d5d69095c62-FRA
expires
Tue, 24 May 2022 16:44:11 GMT
graphql
posts.specterops.io/_/
143 B
436 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cb8572fcfda3475d1c47408af104f3579de9a9e43a12ec99f59ec9f227fefdfd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Graphql-Operation
VisitorQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
sepia-upstream
medium
server
nginx
etag
W/"8f-14rwkO/Rncw0KHwB9f9ceFqrmuc"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7
x-envoy-upstream-service-time
15
content-length
143
x-xss-protection
0
x-request-received-at
1650818652062
graphql
posts.specterops.io/_/
108 B
429 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Graphql-Operation
PostPageMeterQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
sepia-upstream
medium
server
nginx
etag
W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7, tutu/main-20220422-175648-d1cf9a3057
x-envoy-upstream-service-time
48
content-length
108
x-xss-protection
0
x-request-received-at
1650818652058
graphql
posts.specterops.io/_/
840 B
1 KB
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ab9243510534b488df1392c597ccb049f06da76acbda8608d63eb39a5579f665
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Graphql-Operation
UserViewerEdge
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
sepia-upstream
medium
server
nginx
etag
W/"348-Rh3BxErVaQPelFqsd4K0IizBufQ"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7, tutu/main-20220422-175648-d1cf9a3057
x-envoy-upstream-service-time
65
content-length
840
x-xss-protection
0
x-request-received-at
1650818652058
graphql
posts.specterops.io/_/
33 B
354 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Graphql-Operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
sepia-upstream
medium
server
nginx
etag
W/"21-wYWzkSPGnZEMaisoTvxqzNqNGzY"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7, tutu/main-20220422-175648-d1cf9a3057
x-envoy-upstream-service-time
22
content-length
33
x-xss-protection
0
x-request-received-at
1650818652059
graphql
posts.specterops.io/_/
268 B
589 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6b8ede5fb9ef5848fa606172f7ae9a8d6919ecfb83fc4df2de23feed90540340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Graphql-Operation
PostViewerEdgeQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
sepia-upstream
medium
server
nginx
etag
W/"10c-3tpQPE2e9A/IXauIteZd+MHo42Y"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7, tutu/main-20220422-175648-d1cf9a3057
x-envoy-upstream-service-time
59
content-length
268
x-xss-protection
0
x-request-received-at
1650818652150
graphql
posts.specterops.io/_/
103 B
397 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3225bfe93c9c4a01969ea775dea21115e6c99cdb8e166fa3276ecdea02dcf5fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Graphql-Operation
MaybeTextToSpeechQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
sepia-upstream
medium
server
nginx
etag
W/"67-edfMalc743LTsLB0Y0+oaTw5E3E"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7
x-envoy-upstream-service-time
33
content-length
103
x-xss-protection
0
x-request-received-at
1650818652165
graphql
posts.specterops.io/_/
96 B
418 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
46a7bd21b15c1ca7c8608cf1a756f52c52c978a9570e2170ce06156c80d2b76b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Graphql-Operation
InteractivePostBodyQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
sepia-upstream
medium
server
nginx
etag
W/"60-UHyxTOX1DmbeWKvA7GYCTKc+X7M"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7, tutu/main-20220422-175648-d1cf9a3057
x-envoy-upstream-service-time
46
content-length
96
x-xss-protection
0
x-request-received-at
1650818652149
responses.editor.857df5ad.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/responses.editor.857df5ad.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.b06b69eb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c91ebb44296a087c6734815b767b2631cf21cbb446757abe01d92ebb97323a4a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
768325
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
887XZEAFQ44HRT6J
x-amz-id-2
flfXVoow0Wmc3WN/tyqoDVzkRf7DYQv4tJYETVVuuy28XaXVMqn40KHtB0lK5e8LRimUG5SDIZo=
last-modified
Thu, 14 Apr 2022 09:07:31 GMT
server
cloudflare
etag
W/"195376c9eb500dd7a4c4583562103d50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
n9gS1uYafrO67iJ9cRLDZTxo6qKQufkF
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
70104d5f5ccd5c62-FRA
expires
Mon, 24 Apr 2023 16:44:12 GMT
sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
20 KB
Font
General
Full URL
https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5101603
x-envoy-upstream-service-time
33
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70104d5f5d749a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 24 Apr 2023 16:44:12 GMT
graphql
posts.specterops.io/_/
3 KB
1 KB
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e0173e1b4fb75a2caacace68713a01cafd40c3c93e163593cc0560b7fabf3ca0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Graphql-Operation
PagedThreadedPostResponsesQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"a3f-resYWWL7A/xWdSnhPGaC3ExcUvI"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7, tutu/main-20220422-175648-d1cf9a3057
x-envoy-upstream-service-time
106
x-xss-protection
0
x-request-received-at
1650818652153
/
posts.specterops.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://posts.specterops.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2a0353f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, clientele/main-20220415-143145-f9ab5ad4ad
x-envoy-upstream-service-time
5
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
/
posts.specterops.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://posts.specterops.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2a0353f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, clientele/main-20220415-143145-f9ab5ad4ad
x-envoy-upstream-service-time
5
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
/
posts.specterops.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://posts.specterops.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2a0353f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Apr 2022 16:44:12 GMT
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, clientele/main-20220415-143145-f9ab5ad4ad
x-envoy-upstream-service-time
5
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4162
date
Sun, 24 Apr 2022 15:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 24 Apr 2022 17:34:50 GMT
branch-latest.min.js
cdn.branch.io/
79 KB
24 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3?gi=7decdbd78cef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
dPcbo._dc8laXt1CGk.P2lrH66o74Yit
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 16:27:46 GMT
server
AmazonS3
age
90
etag
"49d34b8e058b253d35893807b3bac09d"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Sun, 24 Apr 2022 16:42:43 GMT
x-amz-cf-pop
FRA2-C2
content-length
23872
x-amz-cf-id
ohYkzDt2RS6B31JcqDCZoNDJ3zBehS7djeL_qJ9az4TQ5BbxDdN8aQ==
_r
app.link/
91 B
566 B
Script
General
Full URL
https://app.link/_r?sdk=web2.59.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2363:4000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty / Express
Resource Hash
cb838a23297787415887bbef8f8ac2a6854b728975414e79a37fe403d2b1ee29
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:44:13 GMT
via
1.1 61ef32a4a99ff5a643cb4feaafaac43a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
openresty
x-amz-cf-pop
LAX53-P2
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
etag
W/"5b-RWO1m9Z+BFk7iHp1eDmOJeKfR0w"
x-amz-cf-id
OO8DVcC9Qwj40PgTTc2A5J8JSiE3296Wh5VlHrY9pW1e0m3-WgtK8w==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=339793518&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Frevisiting-remote-desktop-lateral-movement-8fb905cb46c3&ul=en-us&de=UTF-8&dt=Revisiting%20Remote%20Desktop%20Lateral%20Movement%20%7C%20by%20Steven%20F%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=804257234&gjid=838749972&cid=2066492504.1650818653&tid=UA-24232453-2&_gid=1483354973.1650818653&_r=1&_slc=1&z=1296061829
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Apr 2022 16:44:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://posts.specterops.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=339793518&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Frevisiting-remote-desktop-lateral-movement-8fb905cb46c3&ul=en-us&de=UTF-8&dt=Revisiting%20Remote%20Desktop%20Lateral%20Movement%20%7C%20by%20Steven%20F%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=868976369&gjid=1233905283&cid=2066492504.1650818653&tid=UA-102239211-2&_gid=1483354973.1650818653&_r=1&_slc=1&z=756591980
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Apr 2022 16:44:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://posts.specterops.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
posts.specterops.io/_/
138 B
450 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dc0a4948011b3bf48695d6b088a8ad2a65b902eee0dfa2bff5ec3b7d77e9941c
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
2287a2655104ec9f
Medium-Frontend-Path
/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Graphql-Operation
PostNextFiveStoriesCollection
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium-Frontend-App
lite/main-20220422-205901-123e6f15e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
apollographql-client-version
main-20220422-205901-123e6f15e2
ot-tracer-spanid
727e0ed222bee99f

Response headers

content-security-policy
default-src 'none'
x-content-type-options
nosniff
sepia-upstream
medium
server
nginx
date
Sun, 24 Apr 2022 16:44:13 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd, rito/main-20220420-162416-61c3e089e7
x-envoy-upstream-service-time
7
content-length
138
x-xss-protection
0
x-request-received-at
1650818653301
open
api2.branch.io/v1/
316 B
632 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:7800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e31f5d41e2247dfda432cbe02226cf42f4977343aee75fe2fd628846af8faf9

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Apr 2022 16:44:16 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
dd4e106a87b443c6887dfbf4ac9907c6-2022042416
content-length
316
x-amz-cf-id
F5XSd-oAy5hAYyS4iW-WwMCOWMqrYynWkMi_ZdeTEWCr8guG7pTHfA==
profile
api2.branch.io/v1/
183 B
566 B
XHR
General
Full URL
https://api2.branch.io/v1/profile
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:7800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
830697d861d8ae58e0154747bae6a3e0dac8374dba171be2a5cea51ea4209edc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Apr 2022 16:44:16 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
TXL52-C1
x-powered-by
Express
etag
W/"b7-cpzzC3k6OSxa6trrzz0UBuhARPE"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
40eff09707fc47fa90964f282f99e033-2022042416
content-length
183
x-amz-cf-id
a3rTjx3SUFeMFvTg2B-Ien0DNRWEgvVIg55pKqsp38DFBktheWqmVw==
batch
posts.specterops.io/_/
17 B
173 B
Fetch
General
Full URL
https://posts.specterops.io/_/batch
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2a0353f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
x-xsrf-token
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Apr 2022 16:44:16 GMT
medium-fulfilled-by
valencia/main-20220422-165907-7310052fbd
x-envoy-upstream-service-time
153
sepia-upstream
medium
server
nginx
content-length
17
content-type
application/json
pageview
api2.branch.io/v1/
28 B
389 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:7800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Apr 2022 16:44:16 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
ea59c0999b3f406f9dbe953c7ae27388-2022042416
content-length
28
x-amz-cf-id
M1b2Ax5y4sZIgcgy5nzJnC3Djx7nuFk0GGFw829q_2gLoI8GPJQvLA==
pageview
api2.branch.io/v1/
28 B
388 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2432.d8441b61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:7800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Apr 2022 16:44:17 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
4a5d7124bd8d4b68ba7e952e13d342f4-2022042416
content-length
28
x-amz-cf-id
y2a60mnlorw7GLaqVmr_rc-DgxaPQ3b6Nyjx-O17t4SXxO6teSiQRQ==

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_RUM object| process function| main object| __APOLLO_CLIENT__ function| _resizeIframe string| GoogleAnalyticsObject function| ga object| branch object| google_tag_data object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
.medium.com/ Name: uid
Value: lo_1edd2a3055a0
.medium.com/ Name: sid
Value: 1%3A57J7ANMGv7COml6P8e0yiM18vatqquEIAfmKKOqZ1fyMhZSZV%2F0WDCz%2BEsH4axuE
.medium.com/ Name: __cfruid
Value: c266a9127965b6806ae4ac29f5353ba169085c4c-1650818649
posts.specterops.io/ Name: uid
Value: lo_1edd2a3055a0
posts.specterops.io/ Name: sid
Value: 1:C2oF+r1oGGD6XDP1kAo+TiQY2HIjxOuZ4E8Lz9WPkN721R9hFl0rEq0I4uZvOXtF
posts.specterops.io/ Name: _dd_s
Value: rum=0&expire=1650819551480
.specterops.io/ Name: _ga
Value: GA1.2.2066492504.1650818653
.specterops.io/ Name: _gid
Value: GA1.2.1483354973.1650818653
.specterops.io/ Name: _gat
Value: 1
.specterops.io/ Name: _gat_tracker0
Value: 1
.app.link/ Name: _s
Value: UoF1X04jX4gQSRB9btQpAZkASq306xfx7LYrVfDB%2FT7WsxnNIRVXh%2BEfDFERwrzw

1 Console Messages

Source Level URL
Text
network error URL: https://posts.specterops.io/_/graphql
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
medium.com
miro.medium.com
posts.specterops.io
www.google-analytics.com
13.225.80.6
2600:9000:20e8:7800:11:f728:3040:93a1
2600:9000:2363:4000:19:9934:6a80:93a1
2606:4700:7::a29f:9904
2a00:1450:4001:812::200e
52.5.181.79
014d4c7f34c92a0c51c0fe4c395257e0e4e5d7a1cae86ffae95366e5d74c9902
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
0352192b40314e1e6e58e40e662e634e6d4ac6b04639be6695d87f809dc81796
037c0651d9c9b72d1c9a88010e2530907e7fbca66d4f1c97bceea1393f1e7c3d
0444a292e5617a3bc31414d691f00a3f3b1c8b413a3d97a133c686e12fc00a56
045676d2831ed605d4edf201f9b8e3bc4fc46e4d488d9e677b6fa83043de6720
07918926d32c0d5d21c288246436f1cc382a3b9adf3aa176a4b8c0816af62223
089bc26b6ce2d59656666b9437968dca5c763cddc695cfe1850ab4c609511dbf
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0e862a957a95b167600d06cd2c964ac06266092937f8ca2f587d302221e07736
0ef80b61e1a966ee6dd55d6245a58a609b78eff54c48b2cec57d364dd2dfacb6
0f4dc6dd36a4ae092e32a5c609246219937a469b9f7f5ecb52ce77ba22996045
10e46dff53123335dce3e87dfc8251b15ed13b86826aa3118739b1243ed6d52c
16b223867849c67d463897ff4aa970bc9eb172b5ce0089c824bf15b9279a4d65
1af895ac2e2cc3be64838f39999031dd5c24e71cb21b347f895c3b9a408b2b77
242e60243ac7ce532b33b89902c33af723f7ecc954cd2cbac13a68434a599be1
270b707f109100191ee4b6052c79a1c66ce66fb0f8a83a92e72177ed544fb108
2a6c287292c89e788fe136d073d55950c4345786d7f590262fb0f61372e920c6
2a75a9015bd3eeabc7da9a5114494940fe7d96551cdaa47eec60950b0f658824
2efe526dc817b96a4822fdfbee06c9100af12e59e1e3a20932e6745c35e09988
2f6c2c34730d1750fbeeafda24dea309bda720a0ba14518453b2314f778eda6c
2f9e0b7530752bf0fc36ca6edcf577a733e66607ce130a1e3ef785dc69ed1657
30e1a6bf4b5c74a541f197d4846a74c778b971d7781e4ed884f5998a286abb4c
314bffb6775b5ff58f70ef245efa91a21bb64fd25521c30f796fdf3c7b72b98d
3225bfe93c9c4a01969ea775dea21115e6c99cdb8e166fa3276ecdea02dcf5fb
38111edac6045a680d3d8f2f7d638f024047b53fcc055dc11250d40dd98ee2d1
3ca1be7fb0f10c09765a6b7bbe5cacd522ef68ca9656954e2ab93ebfbeadd5d5
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
3dadf143c638e50c0789b00847977d5e774b178b8852e7babcfe6ebc265f6c97
3f6641604da96a97d08c137adde1e15d355fc90c7b18ccc7893ac260dbb20337
41234e184791c80f9a83742fa6c197d988d2565c6608e0ee4e3373e93e31445b
46a7bd21b15c1ca7c8608cf1a756f52c52c978a9570e2170ce06156c80d2b76b
4fe9ef0ee727afa5d449bcd76ebe42bdcb04b448a1c6d2d7dccfb6c08efbfb61
52b724e8c08586b36b649517fae8132a8e374ef49fe6ad018e0ed807db9235dd
5431a574b9b9ce877ceac8b50e723dee871e664b10a1e4e626c025bb7b7c8cd5
55a9dfcc7fb458905a960b1d44c73ef9fd59c959393f31d0e5ecdf99e137a849
5679f29ecd4ef217d09efc2f24975ae464eaacb7f2a5d0c6d8f8826da7ec021b
579b32b4ab57ca2037c4c1ce0f8d9e1e9f24ade9aa267e78fe00afb519b8f0ab
57d7e335635b2bbec137dff9afc1d284e8efcff1cc28cd2ac92edc8ccddc3749
5a3fcacafda6fff63c09dc96bb91351afb4cf867bc44e2aa58bc179552a1acb7
5a50c182c3abff5281695952c4a4e15735b198053c6ffca9e67d44a2aa8a4696
5f8e45dd2eada0aa7f9746e369496a99ed0d1bc70ec364dc99066674373224f7
5f9800223ce8f0691ee91d0721640086a5022d8c27d9497adbef62b5b76678aa
631d2367c0fa2447811a1ce22c115bc828e6655cfedfc3ba4457ad8694cfd8ea
6515e1b20043c4803151cb909ad2b8123e47c9e92c7067d7c8df5a9172d80847
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
66706ccfc96b02938665a6f1cf55d834146b25e7074ddc13ce1690438a254419
68d0a56f118231878b6efb098e52c15c24d01bb1d8ad2f4d6d4237bc4dfc3f3b
6a59140956a8d1c73faa373177081d22efab75978a99cfe5f25a9dea1645faf8
6b8ede5fb9ef5848fa606172f7ae9a8d6919ecfb83fc4df2de23feed90540340
6d0392b6fc378f712b2d248eaf3d65fd8ec64194ce2c1690b32cf6017d36a0f5
6eb93d3025d34d98e78e47ba638c576e124df0b58bc9d6ea0c043af5c1fb3952
6fce0922ef388ad6f81ae62add760596c852b7c66503f3183cce6943ec5d4f5e
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
78a688bf794d2b0344741a5bd24831d2527d999e5395b8f19055b0b82805373d
7b243c310368ac236c9e0156e67ffd2a570d2159d41b4bea8d118f78becb922d
7cecbc0454ccefb6b943e7855674145b4b0bb7c7687d6caa53969ecb0fedb8aa
7dc1ac3963739085f30313b6294292f19b68bb076beba9642d2652b276967549
7e44b89888ba69b9a2e0fbf4cf2e26389f9ecf2711df12d0d286dbbebc1281b4
7f3afe001413f291b7af730bb71a8899ff5bdee07b171ea0f04156c79e6d844e
823af0ed59d37ff692a804950379a09490c6418e7b18629616ab9b6bc3b7d9ce
830697d861d8ae58e0154747bae6a3e0dac8374dba171be2a5cea51ea4209edc
83944c8fb47ac644883671e91b2cada01319f83fe563043fe25f20e0fba5c779
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
84c8712c34fb797bd6aa911669003ec9e520a69251be5f691384ce75b74c5dfa
85b5c086363264e36c43d428b736ef267fb310f119a626ff2a87ed226dd09fdf
8bbe6871b13980a0c8d28ad8267ab8827abb9a9eb1f80691d0e91ffb57a8a51b
8e31f5d41e2247dfda432cbe02226cf42f4977343aee75fe2fd628846af8faf9
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
9690d5bc2630c21a2b59021a1495c72a0393f450de96fa9c495ab7daac68cab3
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
9abe5f8b85053850abb6e03c4fde96e2a2ea3f1d9220fdd307f18d5c371d50cd
9b01204c367b33010f85cfd42e023acd087dd548f8dfa8e68b18cacb45e1f876
9c85a3a7964a438b73eb389d4db0b3d0c3f8fe14cf55aed11eaed21334b5469a
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a132b202e134fc5a2a9179cf72ece97a614f94ba00bce8af1778633d2337557b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
a8021cf2dae7f4997b2c1a72ffe82fe2ad7fd4299ccfd7279c8fb8892ef0c495
a81b674bedff3bff07f4f79c82d99f7fb4abc4d051725c3d370506bbfc002540
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ab9243510534b488df1392c597ccb049f06da76acbda8608d63eb39a5579f665
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b321bda8dc4e5245a74c21f8c2525cc85494b09844372f5805eaa46b4bb4590b
b373f50586a2241385ba8478d1b664bd8b30399d80cde74ecff4a94363117268
b8abac313c0dae8e2709ed36c1c1676d1a8a86c8e3a3965a179442e669c25afa
ba84748a9b5757f54b19992eb51d80e89836489a7957a504d280ff19de446d98
c108d23203210bd05eccb17b3a0da55998114923136898a4974cf79937a22151
c2294c42a99ae9402581e67fe5c0262d7ebf4cc7f45bfe9fd2f00862e304f4a8
c32aff93dddd5b714ce4192a5180455b682961a306d2a880a4a420826157794a
c46d79750c4f38ceab20ad7f9b3971a0d20301af94b5b0268708d8f93c138e93
c4ce1a0eb9bac0aa8342c79eb85406443b8eb32db4c4532ec5cfc107f5226b3c
c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a
c91ebb44296a087c6734815b767b2631cf21cbb446757abe01d92ebb97323a4a
c98433e98decfbc9278b45b95d83623746fcdb2662870afdbc0d9cd6d84caf54
cb838a23297787415887bbef8f8ac2a6854b728975414e79a37fe403d2b1ee29
cb8572fcfda3475d1c47408af104f3579de9a9e43a12ec99f59ec9f227fefdfd
cc9b3941e4c4b9915a3c8ca5e163a47c1626f479eaa81957999c9c82cb67e2dc
d7aca262af2707ffcedd0661f2d29ed60ce73979fcc14b7f954ea77959d4ab00
d7c73e5b5ada98711f2bf2ef8e6b72351d096e2fe1eb351552d7a943e782abdd
d88e666415b3c9cedc3c62c9ad58aee468a4699fd80aaa29f7b91fa8b1ce64bc
dc0a4948011b3bf48695d6b088a8ad2a65b902eee0dfa2bff5ec3b7d77e9941c
e0173e1b4fb75a2caacace68713a01cafd40c3c93e163593cc0560b7fabf3ca0
e14b232f43866f3a15ba2335e04b1e0964d3b42edaffd115f1e7a1deec1ad122
e31f148f139d49c028556ba274f680cc2a6d1f96fe89541fc2849ed96d419e16
e46ae7646156ceff7f10d7adf0ce70c42fe739a24a769c52b7377f7985d56ecb
e4cb950f759cf04de04b107cf1a1d3d7beb457c57abbb06ba0e53353d6854435
e5c7d6eec6793799ee5594da6b8f51b2f2e5b49d6744ffca0e250613481ab452
e63478f8570615ddb8b60a003172417b06b0c41095a1547d68f99f7e978226ef
e9073d7523e1218c2c456095f0a899badeca563641e7bccf93ff3df0f7dd1afd
e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8
e9aa297f08feb693c61ad78a788ac152996238fc29d638650aa8b2bda70c064f
ec7121b47a89c0f8c46fc497009d41ebd3f25601b5485753d11bc366050a8e0e
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
f0205dc64948b458e93fa7fd762b93fad08a841c9e1865c659e3f44e52b17bc4
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5fa5d264f847e3bcd45c3aedbf330f93c59e6fe473ef54ff9f6aa59c3afffa0
f6da58ca59f2d4d96243cad2a0e35cdef45ded2eaa9f2288080cbb8f1a6b2e82
f734153204010c6d8653cd9c96f140536bcf9f6661f107832a9f6ba464c95deb
f8b83a9b6c0b9885f1bbc658ed35a02f4249d18a7139ef598865d7fe1929b3dd
f971121e33137fadaffc6af055b1c7bfc5029282d408fbdeec05ec54a4183be5
fd3ce9949e8a59979315dcb0dc1cfaba2f38485f563c680c429956e3925a91fb
fef3c29a1b31cdb67a1dcb1c37b2c240e38f52afc05bee70387378c20282b355