posts.specterops.io Open in urlscan Pro
52.4.175.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Effective URL:
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Submission: On July 28 via manual (July 28th 2021, 12:31:43 pm UTC) from US

Summary HTTP 123 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 123 HTTP transactions. The main IP is 52.4.175.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 2nd 2021. Valid for: a year.

This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	52.4.175.111 52.4.175.111	14618 (AMAZON-AES) (AMAZON-AES)
1 13	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b7::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
73	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.99.20 13.224.99.20	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:3a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3032::6815:5081	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:219... 2600:9000:2190:ee00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.45.34.218 52.45.34.218	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:24e... 2600:1f18:24e6:b902:48f0:a226:4e0b:1e19	14618 (AMAZON-AES) (AMAZON-AES)
123	12

19 52.4.175.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-175-111.compute-1.amazonaws.com

posts.specterops.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b7::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-20.zrh50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:3a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:5081 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2190:ee00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.34.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-34-218.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:48f0:a226:4e0b:1e19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	1 MB
19	specterops.io 1 redirects posts.specterops.io	59 KB
5	branch.io cdn.branch.io api2.branch.io	26 KB
3	medium.systems lightstep.medium.systems Failed
3	google-analytics.com www.google-analytics.com	20 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	99 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
1	app.link app.link	567 B
123	8

	Domain	Requested by
41	cdn-client.medium.com	posts.specterops.io cdn-client.medium.com
36	miro.medium.com	posts.specterops.io
19	posts.specterops.io	1 redirects cdn-client.medium.com
8	glyph.medium.com	posts.specterops.io glyph.medium.com
4	api2.branch.io	cdn-client.medium.com
3	lightstep.medium.systems	cdn-client.medium.com
3	www.google-analytics.com	posts.specterops.io cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	errors.client.optimizely.com	cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	posts.specterops.io
1	cdn.optimizely.com	posts.specterops.io
1	medium.com	1 redirects
123	13

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
www.specterops.io
policy.medium.com
twitter.com
bloodhound.readthedocs.io
github.com
docs.microsoft.com
bloodhoundgang.herokuapp.com
ironsjaye.medium.com
asaad-taha.medium.com
deluxprotocol.medium.com
hackerslist11.medium.com
medium.datadriveninvestor.com
nonreflection1905.medium.com
help.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
posts.specterops.io Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2021-10-01`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Frame ID: 48A8F7DEF13DF6C83978EAC7B79697A4
Requests: 118 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound... HTTP 302
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

123
Requests

98 %
HTTPS

73 %
IPv6

8
Domains

13
Subdomains

12
IPs

2
Countries

1274 kB
Transfer

3525 kB
Size

5
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_page-----28147dedb73b---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F28147dedb73b&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----28147dedb73b--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_page-----28147dedb73b---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.specterops.io/?source=post_page-----28147dedb73b--------------------------------
Title: specterops.io

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-rules-30e5502c4eb4?source=responses-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=responses-----28147dedb73b---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/@_wald0?source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fb9c2df322eaf&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=post_page-b9c2df322eaf----28147dedb73b---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://twitter.com/_wald0/status/1377713493969805318
Title: United States Department of Homeland Security

Search URL Search Domain Scan URL

URL: https://twitter.com/_wald0/status/1400157591641071616
Title: PricewaterhouseCoopers

Search URL Search Domain Scan URL

URL: https://bloodhound.readthedocs.io/en/latest/#install
Title: installed

Search URL Search Domain Scan URL

URL: https://bloodhound.readthedocs.io/en/latest/#collect-your-first-dataset
Title: data collection

Search URL Search Domain Scan URL

URL: https://github.com/BloodHoundAD
Title: here

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/security/compass/privileged-access-access-model
Title: tiered administration model

Search URL Search Domain Scan URL

URL: https://bloodhound.readthedocs.io/en/latest/
Title: https://bloodhound.readthedocs.io/en/latest/

Search URL Search Domain Scan URL

URL: http://bloodhoundgang.herokuapp.com/
Title: http://bloodhoundgang.herokuapp.com/

Search URL Search Domain Scan URL

URL: https://medium.com/u/43fe4a5cc44?source=post_page-----28147dedb73b--------------------------------
Title: Matt Hand

Search URL Search Domain Scan URL

URL: https://medium.com/u/74ad66811b78?source=post_page-----28147dedb73b--------------------------------
Title: Will

Search URL Search Domain Scan URL

URL: https://medium.com/u/e7dfc7678b59?source=post_page-----28147dedb73b--------------------------------
Title: Justin Kohler

Search URL Search Domain Scan URL

URL: https://medium.com/u/8ae4966ea2d?source=post_page-----28147dedb73b--------------------------------
Title: Duane Michael

Search URL Search Domain Scan URL

URL: https://medium.com/u/9bef3c9a8b49?source=post_page-----28147dedb73b--------------------------------
Title: Andrew Chiles

Search URL Search Domain Scan URL

URL: https://medium.com/u/e8d131c41615?source=post_page-----28147dedb73b--------------------------------
Title: Nick Powers

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&collection=Posts%20By%20SpecterOps%20Team%20Members&collectionId=f05f8696e3cc&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=post_sidebar-----28147dedb73b---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_sidebar-----28147dedb73b---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=post_actions_footer-----28147dedb73b---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@_wald0?source=follow_footer-------------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fb9c2df322eaf%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=follow_footer-b9c2df322eaf-------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&collection=Posts%20By%20SpecterOps%20Team%20Members&collectionId=f05f8696e3cc&source=follow_footer--------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/digital-diplomacy/ransomware-attacks-is-on-a-surge-281727417d67?source=post_internal_links---------0----------------------------
Title: Ransomware Attacks Surging

Search URL Search Domain Scan URL

URL: https://ironsjaye.medium.com/?source=post_internal_links---------0----------------------------
Title: Jaye Irons

Search URL Search Domain Scan URL

URL: https://medium.com/digital-diplomacy?source=post_internal_links---------0----------------------------
Title: Digital Diplomacy

Search URL Search Domain Scan URL

URL: https://asaad-taha.medium.com/isc-urges-updates-of-dns-servers-to-wipe-out-new-bind-vulnerabilities-281a294b3201?source=post_internal_links---------1----------------------------
Title: ISC urges updates of DNS servers to wipe out new BIND vulnerabilities

Search URL Search Domain Scan URL

URL: https://asaad-taha.medium.com/?source=post_internal_links---------1----------------------------
Title: Asaad Taha, PhD

Search URL Search Domain Scan URL

URL: https://deluxprotocol.medium.com/delux-protocol-ama-with-crypto-infinity-community-2824c6840824?source=post_internal_links---------2----------------------------
Title: Delux Protocol — AMA with Crypto Infinity Community

Search URL Search Domain Scan URL

URL: https://deluxprotocol.medium.com/?source=post_internal_links---------2----------------------------
Title: Delux Protocol

Search URL Search Domain Scan URL

URL: https://hackerslist11.medium.com/hackerslist-co-various-types-of-hacking-hackers-283246e59cfe?source=post_internal_links---------3----------------------------
Title: Hackerslist.co — Various Types of hacking/ hackers

Search URL Search Domain Scan URL

URL: https://hackerslist11.medium.com/?source=post_internal_links---------3----------------------------
Title: Hackerslist.co

Search URL Search Domain Scan URL

URL: https://medium.datadriveninvestor.com/5-dangerous-cloud-attack-techniques-we-all-should-be-worried-about-28357054246?source=post_internal_links---------4----------------------------
Title: 5 Dangerous Cloud Attack Techniques We All Should Be Worried About

Search URL Search Domain Scan URL

URL: https://medium.com/@diorjuraev?source=post_internal_links---------4----------------------------
Title: Diyorbek Juraev

Search URL Search Domain Scan URL

URL: https://medium.datadriveninvestor.com/?source=post_internal_links---------4----------------------------
Title: DataDrivenInvestor

Search URL Search Domain Scan URL

URL: https://medium.com/@alvintai/looking-back-on-the-equifax-hack-and-why-the-credit-reporting-system-is-broken-54080045dee9?source=post_internal_links---------5----------------------------
Title: Looking Back on the Equifax Hack and Why the Credit Reporting System is Broken

Search URL Search Domain Scan URL

URL: https://medium.com/@alvintai?source=post_internal_links---------5----------------------------
Title: Alvin Tai

Search URL Search Domain Scan URL

URL: https://nonreflection1905.medium.com/update-cutemii-hack-free-resources-generator-53fc45c607cc?source=post_internal_links---------6----------------------------
Title: {UPDATE} Cutemii Hack Free Resources Generator

Search URL Search Domain Scan URL

URL: https://nonreflection1905.medium.com/?source=post_internal_links---------6----------------------------
Title: Alexine Laveen

Search URL Search Domain Scan URL

URL: https://medium.com/@promiselisha/problems-that-hagglex-platfrom-addresses-53ff97398911?source=post_internal_links---------7----------------------------
Title: INSIDE THE HAGGLEX WORLD

Search URL Search Domain Scan URL

URL: https://medium.com/@promiselisha?source=post_internal_links---------7----------------------------
Title: Promzyelisha

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----28147dedb73b--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----28147dedb73b--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://medium.com/creator-tools?source=post_page-----28147dedb73b--------------------------------
Title: Write a story on Medium.

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page-----28147dedb73b--------------------------------
Title: Write

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----28147dedb73b--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----28147dedb73b--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b HTTP 302
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b Show response
posts.specterops.io/
Redirect Chain

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

208 KB
42 KB

811ms
811ms

Document
text/html

52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ecdde8c9b9229ebdce1eec1d58db40a93faa9b9ed27389a57c29f0c44a274ddd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 28 Jul 2021 12:31:24 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
etag: W/"33e5c-wwzDM4ny3JdgbQ1HiKsgorUgMsg"
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, lite/main-20210727-225311-5ac263735e, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-194600-1137a47a2c
medium-missing-time: 220
set-cookie: uid=lo_1bd74d8ff200; Path=/; Expires=Thu, 28 Jul 2022 12:31:23 GMT; HttpOnly; Secure; SameSite=None sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; Path=/; Expires=Thu, 28 Jul 2022 12:31:23 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_1bd74d8ff200; Path=/; Expires=Thu, 28 Jul 2022 12:31:23 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 667
x-request-received-at: 1627475483598

Redirect headers

date: Wed, 28 Jul 2021 12:31:23 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
cf-ray: 675e1fca2e64c2a4-FRA
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
set-cookie: uid=lo_1bd74d8ff200; Path=/; Domain=medium.com; Expires=Thu, 28 Jul 2022 12:31:23 GMT; HttpOnly; Secure sid=1:v8MBEd6hks5M4qL3owDP/ugvqC32I1b2xeLjsxCuTE2/YXVHwSkf9tb56lUpaoGt; Path=/; Domain=medium.com; Expires=Thu, 28 Jul 2022 12:31:23 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_1bd74d8ff200; Path=/; Domain=medium.com; Expires=Thu, 28 Jul 2022 12:31:23 GMT; Secure; SameSite=None __cfruid=e3d4f78dfcc04b30622088972c8fd52b0c09eace-1627475483; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/4, valencia/main-20210727-222744-d4a948ed5d
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 86
x-frame-options: sameorigin
x-obvious-info: 20210727-2259-root,041beda4
x-obvious-tid: 1627475483329:a2b04f922845
x-opentracing: {"ot-tracer-spanid":"01448d567beea804","ot-tracer-traceid":"5e1cece9358752ee","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 unbound.css
glyph.medium.com/css/ 12 KB
1 KB 33ms
31ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2179
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 675e1fd0c912c2a4-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 28 Jul 2021 14:31:24 GMT

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 352 KB
98 KB 31ms
11ms Script
text/javascript 2a02:26f0:6c00:2b7::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2b7::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ddc17e1f50b37e84818224d3112cbddf32c00a8a26fbd08225f9cabfd42cc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: Nhjsx.gZCv7JHLRwLLr7zhoAomfdP0aE
content-encoding: gzip
etag: "f233231f13d2cd1ddee4afd15b9d1b86"
x-amz-request-id: PZWDXX2YD1XPXSGP
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 7060
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2b7::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 99846
x-amz-id-2: gTVxp9wDu7Zv+f56uT761DfzfrrEgU4rGQtRLDrQpw0iOCBSxMVDY1UUDOZUH3fVImg5NylmESE=
last-modified: Tue, 27 Jul 2021 21:14:13 GMT
server: AmazonS3
date: Wed, 28 Jul 2021 12:31:24 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/304/ 7 KB
7 KB 34ms
32ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/304/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 186
x-envoy-upstream-service-time: 884
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6883
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 675e1fd0c918c2a4-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H2 200 2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/96/96/ 14 KB
14 KB 25ms
24ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/2*G-LlqSNRGI8wIrjrYRzWdA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa81e31ec1390eb8abbe1e81f0e31d02647972b161049d6160d88e5fad2b555

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75
x-envoy-upstream-service-time: 54
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14131
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210625-142430-abd62260a9
accept-ranges: bytes
cf-ray: 675e1fd0c917c2a4-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 47ms
36ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1880812
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 675e1fd128454303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 24 KB
25 KB 40ms
30ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9010768
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 675e1fd128444303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 34ms
24ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11027124
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 675e1fd128464303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 0*l7ieaNG6vq0va1Gj
miro.medium.com/max/60/ 915 B
1 KB 130ms
116ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*l7ieaNG6vq0va1Gj?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63b78b9ab30410dda3b9bf91064e911e35693a43157f41b1044c6647fcf65216

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 22
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 915
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8140631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*hQOTUPDJWKCgKkqR
miro.medium.com/max/60/ 1 KB
1 KB 141ms
127ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*hQOTUPDJWKCgKkqR?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd9f3a790a6dd4f8ce63c68a1e4d915f20b225fcac6fb21f3d2ba27c0faaab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 3571
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1046
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a81c0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*y5cr36k-vq0ct3c6
miro.medium.com/max/60/ 1 KB
2 KB 131ms
118ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*y5cr36k-vq0ct3c6?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a6990e27b86a035b6ca5dacb9137b852b4a470939697f95eb8a420d0d3e0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 3909
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1171
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a80f0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*WoT0Kq2HtrirZKDO
miro.medium.com/max/60/ 1 KB
2 KB 137ms
124ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*WoT0Kq2HtrirZKDO?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507a30c31ab0504d0a4b0e823b52ec6ee696f009dd6ee705501777a7133d2a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 36
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1274
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8330631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*nXE_q96fLQsU3geK
miro.medium.com/max/60/ 1 KB
2 KB 133ms
120ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*nXE_q96fLQsU3geK?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c8980c52933cd778a3ad336871fcc88440ed7fb33f38cfe0f616e144243ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 36
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1275
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8360631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*60cVEBpj_uqQPPhA
miro.medium.com/max/60/ 2 KB
3 KB 133ms
120ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*60cVEBpj_uqQPPhA?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b66358492fc0e1f5ac41b2fdc25c96d1c129615754c88704ad972a7367d32032

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2303
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210709-175524-eebd6c4731
accept-ranges: bytes
cf-ray: 675e1fd1a8400631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*w6N0SV0ewzr6AeJb
miro.medium.com/max/60/ 2 KB
2 KB 139ms
128ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*w6N0SV0ewzr6AeJb?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653a562eba0bb3a78db868c907c969e337a4ee74f13c766e1978d2d8f6d251d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1959
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8080631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*3o2-bd4lW-NouJH2
miro.medium.com/max/60/ 2 KB
2 KB 129ms
117ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*3o2-bd4lW-NouJH2?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41369f4e1f416398d97cce9eb2aed485e130961d0f30dee4d80a91519ecf81a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 3131
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1950
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a81a0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*Rj9ouvdfNdZb0nVm
miro.medium.com/max/60/ 2 KB
2 KB 134ms
122ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*Rj9ouvdfNdZb0nVm?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e340a49d8095fbbd3fd135140fc7090ece24ff63f90a7c30a9b85c06904d609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 33
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2051
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8190631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*n-qyuvtFN73-rQwj
miro.medium.com/max/60/ 2 KB
3 KB 147ms
134ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*n-qyuvtFN73-rQwj?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae595460c58e158ec4fdaec962e5ab6309aa5356334a1af3afeb8b77d6424df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 68
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2288
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8460631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*eZ6Vy-8U7BKDjIsR
miro.medium.com/max/60/ 1 KB
2 KB 144ms
132ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*eZ6Vy-8U7BKDjIsR?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b2ba524e89cadd46eefa8f3f653bac8ab3cc47267cb8bf419ef64ad56d31874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 3248
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1246
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a82e0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*guXvp-zCoiviZLZD
miro.medium.com/max/60/ 3 KB
3 KB 137ms
124ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*guXvp-zCoiviZLZD?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f26ea681118b91a7c24d4fa45b2cfc97382023713549d6e2eb9da58d4f121c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 33
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2562
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a83e0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*75cnVtC-WR12gcZR
miro.medium.com/max/60/ 2 KB
3 KB 128ms
117ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*75cnVtC-WR12gcZR?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6736bbcf43d65775f5bcd9126f0e0cbb896edb1081d27e9a370243e8e947814

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 4684
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2254
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8150631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*nJrHJrTwCOHuo1xr
miro.medium.com/max/60/ 1 KB
2 KB 152ms
140ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*nJrHJrTwCOHuo1xr?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a02d3876264c8b8bbbbb097ad7411acabee81b3287b59fce1565fc1db94e573

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 2777
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1353
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8310631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*dYVe2B1dZ3Sh0FbC
miro.medium.com/max/60/ 2 KB
3 KB 132ms
120ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*dYVe2B1dZ3Sh0FbC?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ba1439124da243b102483d0d3b16a41d1481e65595b9eca9ca33e8979079cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 66
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2220
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8370631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*6vY6SdR6AN0PK2yk
miro.medium.com/max/60/ 2 KB
2 KB 128ms
115ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*6vY6SdR6AN0PK2yk?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd2006dbe3978bf125cb1e0002f09cbcd4ca6801ff701e52e53aa50c0fa190d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 28
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1837
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8450631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*PZ23onC-Fceylw4h
miro.medium.com/max/60/ 1 KB
2 KB 134ms
123ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*PZ23onC-Fceylw4h?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b6d83778ce23802c3aa319ce965bb679e791209f334605643f8d9b17083e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 39
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1351
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8290631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*fUVzGeytpo_DtQH5
miro.medium.com/max/60/ 1 KB
2 KB 133ms
122ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*fUVzGeytpo_DtQH5?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50bd82b1547e2db3bef7b27bed0aa7d436e51ef509c2adf789a66c7db6254dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 3546
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1529
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8130631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*WBmWRoh0RedmPoiG
miro.medium.com/max/60/ 2 KB
2 KB 131ms
120ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*WBmWRoh0RedmPoiG?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c4cd3264cdb8f145d364e09586abb4c9b7f36fc6c07729ced48ccbf643c000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 30
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1806
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a82b0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*NERR0eV1cOAXBAUX
miro.medium.com/max/60/ 3 KB
4 KB 129ms
118ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*NERR0eV1cOAXBAUX?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c1f1559a072531c1dcc82d9356ac612b1de4eab8110684e2c781632d48bfa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 226
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3331
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 675e1fd1a8350631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/160/160/ 34 KB
35 KB 54ms
43ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/2*G-LlqSNRGI8wIrjrYRzWdA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2735c24ff06af9bb0a0a46bc9b8bcdfa595a4ff72e2f28b7a96992ad41faa688

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75
x-envoy-upstream-service-time: 6349
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34957
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fd1a8410631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/160/160/ 6 KB
7 KB 39ms
29ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 211
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6539
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 675e1fd1a8170631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/80/80/ 10 KB
10 KB 39ms
28ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/2*G-LlqSNRGI8wIrjrYRzWdA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e3bf7cb09a27738c8d9e14ed5254d5e415e4fce8355d3bbe51408a34eec8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10278
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210422-105256-5b410a3e87
accept-ranges: bytes
cf-ray: 675e1fd1a81d0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 46ms
35ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 211
x-envoy-upstream-service-time: 61
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2735
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210617-165854-e4900a530f
accept-ranges: bytes
cf-ray: 675e1fd1a8320631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*lfY-iyizGIMHgQZ1MqoUAA.jpeg
miro.medium.com/max/60/ 859 B
1 KB 129ms
120ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*lfY-iyizGIMHgQZ1MqoUAA.jpeg?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db34be954b8636c73e159c9e56ef30faa08019c13a6c60a290427eaa8958804c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 859
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 675e1fd1a8420631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*hn4v1tCaJy7cWMyb0bpNpQ.png
miro.medium.com/max/60/ 3 KB
3 KB 44ms
35ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*hn4v1tCaJy7cWMyb0bpNpQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68078ec955d9fe1ecbba1656e1f4469e2585307cfc1b5b993df6e56e5de3d359

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1691631
x-envoy-upstream-service-time: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3059
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210625-142430-abd62260a9
accept-ranges: bytes
cf-ray: 675e1fd1a8440631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*VnmVTzPpj7LzrrSMfwEg0g.jpeg
miro.medium.com/max/60/ 929 B
1 KB 388ms
379ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*VnmVTzPpj7LzrrSMfwEg0g.jpeg?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a9463f195524fd8e9ae18554cbb9a371e98207134daca5d51818f98774f285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 929
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210709-175524-eebd6c4731
accept-ranges: bytes
cf-ray: 675e1fd1a8430631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*cqqbud-xiB7MplvwSbbNBg.jpeg
miro.medium.com/max/60/ 872 B
1 KB 135ms
127ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*cqqbud-xiB7MplvwSbbNBg.jpeg?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e895850f5519261fdeddf6cbfdb6d885367370baa9ff21c16d1ab178c835ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 39
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 872
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210709-175524-eebd6c4731
accept-ranges: bytes
cf-ray: 675e1fd1a83b0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 0*NbXzG7nSfpxOPlJn
miro.medium.com/max/60/ 908 B
1 KB 125ms
117ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*NbXzG7nSfpxOPlJn?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880f35520dc8346199a9abc4481116451dd2435cac763533d333a35d233960ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 93
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 908
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 675e1fd1a8390631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*vQrDUhZ8a3bNlqM8tQ5TLQ.jpeg
miro.medium.com/max/60/ 793 B
1 KB 130ms
123ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*vQrDUhZ8a3bNlqM8tQ5TLQ.jpeg?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8214b9c696291f3db69f42f018a3c5d7e705766ccb912b71ddb2bbbf4f323b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 793
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 675e1fd1a8110631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H3-29 200 1*vn3slx5SPo40awk-nbz1UQ.jpeg
miro.medium.com/max/60/ 1 KB
2 KB 406ms
398ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*vn3slx5SPo40awk-nbz1UQ.jpeg?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4094b55a200cf8897e6f82a76ae55c08d1024c2db9039cb32782f61b4e7f27f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1186
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 675e1fd1a83c0631-FRA
expires: Fri, 27 Aug 2021 12:31:24 GMT

GET
H2 200 manifest.e2c0007a.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
5 KB 45ms
33ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.e2c0007a.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

255708f6b0433a857832f894ac2e3a41152b5608e10eb3516ee68763bde63b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47728
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4FPM1W4QHRZZ05B0
x-amz-id-2: +ExheM2Hpv2RT+1VxlDeTml0MfJMohtbovu9mfcSKZuMRr/CZyrlrqx+Hd417XtBMPneDvnQ7uY=
last-modified: Tue, 27 Jul 2021 23:07:19 GMT
server: cloudflare
etag: W/"abd9106d243331935b79b3671f1d92d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 94YdTYDPBxEAExdBqXTh0tdvh7_._dhH
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1babdc2a4-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H2 200 1657.451e6d57.js Show response
cdn-client.medium.com/lite/static/js/ 732 KB
228 KB 50ms
39ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bbafa0ed683b99dd70f7a8e668ab79a3675e8a7cb1d9ed917708d79d3475c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 147115
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 35W2WTXAJ87T3PKK
x-amz-id-2: wSZvCyFlr8Z5fXuo4KxR02WF3oBLySdRLRmAa1PjVTo8WcdC7SOhN7Qed2xeGDTQdpRo7m1Kmsk=
last-modified: Mon, 19 Jul 2021 11:45:53 GMT
server: cloudflare
etag: W/"d1e8948c9f118ef169b2c247cbdb2e3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: bB7hvcE9qyUu3YiebjrSE6TIkIek3o8y
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1bac2c2a4-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H2 200 main.04c13d01.js Show response
cdn-client.medium.com/lite/static/js/ 799 KB
211 KB 42ms
31ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.04c13d01.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1063620ab081519dfe7786ea735f92ac8fa107be5cc2d37086cd32223863d347

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47728
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4FPRNZDS06TS94N2
x-amz-id-2: rjFj9mIa9ldg07PyG+vv+azyz5dH5JQ3CN9odu5gtAODxfLGgimMplVDUog3OEK8Dz6QLel1Nko=
last-modified: Tue, 27 Jul 2021 23:07:08 GMT
server: cloudflare
etag: W/"902a05e3a9b60e5265e40f71cd8874f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 2Cs4y8Al1hqlwVM5O.nXb6M_SBzGTZom
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1bac1c2a4-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H2 200 5573.159bf40f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 52ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 136094
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: W5EH3ZWGCATAJ0JK
x-amz-id-2: uquA+D1mKTUgmaodaYFoBDYRFjBCghvQCPgGBuwnPNqPSgEh4m7aoHPDNWRkrQ4qGn6JNGvqqTU=
last-modified: Mon, 24 May 2021 10:33:47 GMT
server: cloudflare
etag: W/"285e9d718f6e570e00b30e966996ec1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: HmLCtdjGYWgk2SnFK4M0oX_6tJ50SNp9
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1babec2a4-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H2 200 instrumentation.6fa29f8a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 54ms
43ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.6fa29f8a.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f533eb639be3ba90e9031b71779c52cdc20698da99dc51b3b5ac2f91e7134aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415126
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: FHA8A40J743DA5XW
x-amz-id-2: /tadu/KnxX9jH/CN5juvoR17bTIAzGfipCSVFBL/+gHr4ntd5Pywyt0YU83h2Qwwl73j2x1cPPI=
last-modified: Fri, 11 Jun 2021 03:03:38 GMT
server: cloudflare
etag: W/"2c6f1262e4dde3d463a8f6156e941f07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 4vjabhlbU1g80tUyyLDf7tBjSbTI2iRB
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1bac7c2a4-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H2 200 reporting.6471519f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 51ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.6471519f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bbacda37b119c290c184c6975dc0f9e7892a22c56bb572d70457e437484864d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 751806
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: Q0F7MQAAJVH2M7V8
x-amz-id-2: UGXQIw7HsYZm/FvYo7E+nq3jKishQRAFtyQb69eEX/C8myd/Yv4QrwPT9xzsKJnaEtF0J6LNuB8=
last-modified: Wed, 16 Jun 2021 18:41:31 GMT
server: cloudflare
etag: W/"69e0bbdc0c37d2f46b6be19732366a3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8sxb2msbxkYmtYsAbhhIRpG6q5cNmD6C
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1babfc2a4-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 5279.a081d25f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 45ms
35ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5279.a081d25f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bd46284abee72dbe93295f7b04a7297e851545b95fb9aa5e91237ff7b03fcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1102151
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 357VKND0B1MB9J43
x-amz-id-2: qypHuL7v59Qjr316foZFZMTqjc3Muzdceb1uiNOE3RnQedPCAjRp3WuDT8clbLqd105LdvrVK/s=
last-modified: Wed, 14 Jul 2021 17:47:44 GMT
server: cloudflare
etag: W/"6b6b78b0ebe6013d82a69b0804acb3ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: WGHdI13XLXqaDRlyjCbzo7hmZ7yJdTf8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f8fc0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 192.267fdb68.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 52 KB
16 KB 49ms
40ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/192.267fdb68.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9971503ea5cbc832b9d030f04e7c4f4124148bc50c1d7f5dc16af968c6fccb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 174545
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V03VJJDQX9043FAN
x-amz-id-2: 9Q323gJ/iDOP7dr36EHFsTGneUGdtAna9tYI2MawqvO2JSLBjha93kwBBgKUdlhlvZkmmh6RxDw=
last-modified: Mon, 26 Jul 2021 11:53:36 GMT
server: cloudflare
etag: W/"5d23be876cd1fe13c5399ffbd93b3ea7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ez6HSEb_GTkfFzu1vh_rBzAQZC_3L5UV
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f8ff0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 1969.1fbf6133.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 34ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1969.1fbf6133.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c18f0f46697f44e01385f68538d386db35c436a56fab78e78d4c0aa8a0cb422a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413867
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XTCQ5Q127NB0KCM3
x-amz-id-2: BsTJay/gLGCyGzBwOV+XsVyGoug3HYWlKBEkNS3y36YRAheGdv9e+1t1GxS4tfd/qwPSFEnVsuQ=
last-modified: Fri, 23 Jul 2021 01:01:32 GMT
server: cloudflare
etag: W/"2d4223a0d81104511b8f68de78d66fd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: R44NG9dB3Op25a2P_yF2gvC7v3Av._3F
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9080631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 7648.31e753ba.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
6 KB 76ms
67ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7648.31e753ba.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93384bf842a2cae6c63aa8979f3dfdbef5945682d2fc52610e43fb100d17de9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 581784
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1P4K0T1FQ0Z6MY8S
x-amz-id-2: Gkz/Rl0cpLq4DvYekSd7mD77Bgx7h7RdF7XJuCjUsyFa8+6bAXnbN1vl6XPDXNHMJY29cWWexEk=
last-modified: Wed, 21 Jul 2021 17:06:17 GMT
server: cloudflare
etag: W/"4106fdcf6bbfaff3a254ae152c368c57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: IUzZzzj_3LR3LoJwBi86c7A0JDLMVPnm
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f90a0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 1645.9072abeb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 42ms
33ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1645.9072abeb.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8aecc772988b29a46774bb5c5e2dd3373fca5cfab4122338414f41cfb6b656e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1106649
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 8Y1BZDP093PPSAHS
x-amz-id-2: FIjGFaY4sJcupp5iVHBqOlAWX9tg1vCb61BmTjtSS2e7RTCrB015u7nrEYkK0srxsFUQL8seKBI=
last-modified: Thu, 15 Jul 2021 16:24:49 GMT
server: cloudflare
etag: W/"553495539d619e8ee0e59ed00fbcb539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 1VQTPBA3r6hhPyXFbJwQveM5ukBLc7iI
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f90b0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 4586.57274e03.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 45ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4586.57274e03.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c641cb179c8381b2c690df8ecd3ad0497617941b337051c3b939fd1e33bea533

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 500738
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: Q70FA25KVP98J1HH
x-amz-id-2: SdKBF5LGo8/jY5fvKLmCmTkg7t9ilaNMvmoderF5XmZXT9kvMP9Wm2BvZlybCJT+BLOcAi0jRBs=
last-modified: Wed, 07 Jul 2021 16:52:37 GMT
server: cloudflare
etag: W/"e5f40c299d067fa0452860bc9bd66a17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: fFC5i.wY2cDHy2bdVwagxHwti8RG5ZVu
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f90d0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 3930.7dfd9fbe.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 54ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3930.7dfd9fbe.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b2d4d61d80e2deb5aca5d10fca76cf153e8b028b11361a1e34d729de6f8b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 434300
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PACHT0QE0VVW6VCG
x-amz-id-2: qAod96JFTdD1+3oxiZz4+NFAmlsVLH6A+4L2HOBD7plDBh7LZX0Rc0ZTcLYq+6Bm5jYElrhY8Jw=
last-modified: Thu, 08 Jul 2021 13:53:23 GMT
server: cloudflare
etag: W/"0101787eb2236a8fd767c457373b7b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 0d59W_ynYtXFzdXlnlV2gWMvY5BC7h3C
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9100631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 6753.78fcbf28.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 63ms
54ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6753.78fcbf28.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcfb0767fe1baf2168d5e4668d2c7d9ca367e83d3ed8e5ce26c172d246746f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 98058
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: ZS9PWGFHKF28056K
x-amz-id-2: M5hg8uabB93Rrl87XGmLJ3s7zyGjm2vLipkAzzo2ixuO7686lnR2BEvHA3lhjZDk2ufbcfZMk9I=
last-modified: Mon, 26 Jul 2021 14:43:24 GMT
server: cloudflare
etag: W/"259913ba222b78057d82e14d1cbd715f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: gv5TotU4_7e.4xj0URa54pwEbXHrqZ6K
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9130631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 7296.87bb1886.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 55 KB
16 KB 49ms
40ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7296.87bb1886.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0a96c5afb4c6eb7a0e5097c7c9c8db226053448abaec8dd173b7ce8c8bd1503

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51667
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XTFHJADE66KEPSF6
x-amz-id-2: Dxh9WgrWNhbAqYHEXjBy1mFoAJecibEKqhTxVByyAkOaPALjOVum1jpHBrMDlpER65tMJ9PUG+U=
last-modified: Tue, 27 Jul 2021 21:37:44 GMT
server: cloudflare
etag: W/"cb827505c160a7d6384552d613e8f99c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 952ATyRTjs_6d5ZLRKtnq0ByaXIfvsg2
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9140631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 4881.687aa6c4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
4 KB 39ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4881.687aa6c4.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31841c0553a88ef72572428c8afe8696d589e27364b961199d15589399f73b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412760
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: NK67K342SA6YYTAR
x-amz-id-2: On4arbvR6g51l4FOq4cJmxqXkJEXxO+Gu512tt7xEkNADMBzOZ75wWMnw11vgT+OQUXUe8ZzfTg=
last-modified: Wed, 21 Jul 2021 16:14:47 GMT
server: cloudflare
etag: W/"0481b64d50d6bd6b3fc2018599c76a5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: fKTjf6wOuvUm13ec8leMYVP4xZAgopPD
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9160631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 8275.ba7ae579.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 40ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8275.ba7ae579.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6ae63e9057ae825638418ec7dab6f6e56757af6313d4acb2069106cf5b113e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1191793
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: VMK99CPAVQCCY4WK
x-amz-id-2: UHPLtjndM4aVo0+HzKF3CgQJOhU0QYeQIY9tkHsNeAc3aq99HBq6gIfLZQnM/zKt0idMkqI/T0A=
last-modified: Wed, 14 Jul 2021 00:25:01 GMT
server: cloudflare
etag: W/"84c6187d464a760eabc09ae2162b3237"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8bFywd0LqRDBaZ6EKGzMfPyNzajwd0Me
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9180631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 5727.8c32a0a2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 41ms
33ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5727.8c32a0a2.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1f284928f13cdec7b8185b66c2827c65f0a093f58e6e9aae2b030b9583579a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 155174
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V8BGPT5P3Y731K28
x-amz-id-2: Ri54cGpgGD63sxol8xtj/iQuBaguwFLAnxVmB1jYACacyNINC2tSyzpcdj4UqOF3ZEmsF39FwT0=
last-modified: Mon, 12 Jul 2021 12:23:55 GMT
server: cloudflare
etag: W/"b5b5700cd1085211b1106867ce648df4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: aLEla.jHfC3x6XucihOC5u9SyhmFyJVf
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f91a0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 3810.5da23cd2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 34ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3810.5da23cd2.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e039a45cebc2581d5b9a67fbe4b2b00abfcbc22e3640f50f803b0eb578c886c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412756
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: NK6C88HK2KWPTK0C
x-amz-id-2: 6m0ZViNKsoLuVdGYAENeiKyppSLVg161HccX39Fxv++h3gOBwqdTsCzJqUYajp5hboQijHdzdro=
last-modified: Wed, 21 Jul 2021 16:14:46 GMT
server: cloudflare
etag: W/"bfd57986e4a22ed65a95db2641a09ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: yJ9jA9qiz0v2.hJh7tiPLHZqVYgGRy8M
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f91c0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 8710.890112f0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
5 KB 40ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8710.890112f0.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c018e4c154a7d3accbeba646ada9374a74bf900ae1122d178db1bc20b0f4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 434300
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PACKV5BCY19VJ297
x-amz-id-2: Jd5CbuOL76Gxc9KzpXr2+0pMj5eK6LCnrGCInn+PgqhE66rpAYpJXhecd/G/+JUSPIgG5Co61Yk=
last-modified: Fri, 09 Jul 2021 07:13:30 GMT
server: cloudflare
etag: W/"b5f89ee07478951da5703d5ed39cd3a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: BPVOjXysB2vskFg6AkE1B1TY5gii86ZN
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f91f0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 7001.85fe76b0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
7 KB 40ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7001.85fe76b0.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9c6e1289121eb2965730e7f788666427f0c86802494f6197af3262fbb59764

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1020957
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: DT8Q80DKZ1SECG03
x-amz-id-2: sW2FYII+nJWztMJHhhwIj2e3GvSOhWlpR/++FiJUE4098ccBP/mt3m9b06D/J4A5x+qFBFg+4KI=
last-modified: Thu, 15 Jul 2021 23:51:11 GMT
server: cloudflare
etag: W/"ba70e489f45dec06b79d13ebc170dd49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: scyZwakuCXKRJN8VIDx9xt_1x1HGWSk3
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9210631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 570.e0a3eb44.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 44ms
35ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/570.e0a3eb44.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19197895be53d335aea8e7565196f2d0331caa03153cac3ee256219db8f2dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70754
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7DG6A45BCRXTVG91
x-amz-id-2: X24IoWoZcbjysaZx7nhmObCIvx/Tzw4JNFUHmW+z4pc0kNGNRLv2SxSLgLS95XsI7HmjTZjtsII=
last-modified: Tue, 27 Jul 2021 12:21:13 GMT
server: cloudflare
etag: W/"2fad5e32e11e2a496ca6a69083d75cba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: uQArHFyMBl2kR.uYcxB9eY.B0FdwvXih
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9240631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 7546.4e2d27d7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 60ms
51ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7546.4e2d27d7.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bde7f622acf7cad52a90ecdef1e60cd2b231765604e82a166841b8efae5d0f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68947
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: X0V5FE74TEBWT34D
x-amz-id-2: 0B2J+gdmdsmnmMPr1rLhxbIcuFTRpMy/Rc8UZw4Fzy2p3YskbiIwen7Dd/N3FwIMZoOSgqcrv24=
last-modified: Tue, 27 Jul 2021 17:08:15 GMT
server: cloudflare
etag: W/"4d3d2f7c31aed59c6928624af68c32d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: e0oAzL4Ey9gqMLMmHYLwoRGkxPiZ_bJE
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f93c0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 1479.53c495eb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 56 KB
18 KB 48ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1479.53c495eb.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3adce7396d0a310a55119c8d7a0c3f050c8e9709e895a0aecfeaca032820688c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68947
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: X0VFYXVH8ZPG43K0
x-amz-id-2: gt4ExIEKLOVf+oywhbr2ZMvn6TM88i78IHraT+2/2Q4OORJznoYy8ibOATMl+nAfjg/Bckecjcw=
last-modified: Tue, 27 Jul 2021 16:24:48 GMT
server: cloudflare
etag: W/"5e855c1fc1150aafccece24d65c11220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 56BXk3qE.nPOHfE3iNCT.9u71MSv93hq
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f93e0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 7883.27cc2c5f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 53ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7883.27cc2c5f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f701c887b2e25cd543a5a533fcecf7ba585c4adbadf14463a9ff998a6ab3c7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1191793
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 704DGPR8022S1VF7
x-amz-id-2: Gc2sA9RfN8/sigvyv5szJXdKJLU/1pu9Kr5/lUh0x89wVcKxKd8ONlq3AwAgheC2T3Icd944Z4o=
last-modified: Wed, 14 Jul 2021 17:03:53 GMT
server: cloudflare
etag: W/"3beeb202573ad14f06fd500687d99bb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: sGgHdQ8DNnm1p1dVx60vcMQVICtr7zlP
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f93f0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 609.dc20663b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 40ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/609.dc20663b.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bffd86a9718f167caf12cd9a4f24b3e86f7789f918d472249976fb90122e654

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412711
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: NK6539Y16GK8THAJ
x-amz-id-2: YZtfgiOAJAYFebtZZFpDReVuXW8DiJDhgGmKTG5nTaa0ufWlokIuQW6ge/DPPuni49//JzsVr3k=
last-modified: Fri, 23 Jul 2021 17:42:20 GMT
server: cloudflare
etag: W/"181af4f105c53d7e4ea024fd18d5e674"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: p.fqF7.e5FOI6075a_MM1XMSh8qeN73Q
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9400631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 8886.c12d0b01.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 46ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8886.c12d0b01.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e1fe8bf6596a9d50a1bcec78ac5323c0c7adc44317312513e349ae955bb61d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 788797
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7WMZHFBV1CEZD8A0
x-amz-id-2: iNKyPaFKcSWF4tLCrBsyinuNPiqIQ7JsUeKo8hbar34eyBl0qX9otT7NVt+CF+OpRNWt0lIyKLY=
last-modified: Fri, 16 Jul 2021 17:01:46 GMT
server: cloudflare
etag: W/"105783a65501e03a83c52344cfe6775c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: KY5o1mtnpDGzf3txfkVlsRz4_UB70_V1
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9420631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 6297.b3e3438d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 53ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6297.b3e3438d.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046b63e87de2c1a2348ac72a42d9919b307b0daa5da84a92ee4cd685401c43b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 411296
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: CTHSKNMSRN6WQTGS
x-amz-id-2: Gjt4aX79B5a2j6nPoIIrQ4TyHBA2Uu3+w6i3pr5n6NyAGZqHsZCgYB9IVJeLwG0Ey++hL+dOREk=
last-modified: Fri, 23 Jul 2021 02:52:26 GMT
server: cloudflare
etag: W/"1bbb71d949eb0d1543de09eeb135724b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ulsJ6A5CER4.T_U5fc9Ym0tlNbrhEdKe
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9430631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 9972.370e8bc2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 54ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9972.370e8bc2.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f645c0679c81df44a885fe643440b95b9c14237f81923935f99e8954ebae9fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412711
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 82MKDV602DQA2XAP
x-amz-id-2: ftpqZfjFT2U3V5vN8HbQ1q7E/J0Jzay7w/LCk//8Tbe4NFmpH6TRgn5qBkClceqB362TlaEu2lA=
last-modified: Thu, 22 Jul 2021 23:37:26 GMT
server: cloudflare
etag: W/"ad7d3f6819ecac572db8d9d9a91bc9dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Xj5beO1shnnuMY8yvlODgYYJeIttPDFr
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9450631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 6209.046a0cc0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 54ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6209.046a0cc0.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbd0ec2901332e0a1bf7c030a2ab761e119615ca1feb6a3d2944bf8a8f2a2fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 98058
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57HN9F58KW6TG59Q
x-amz-id-2: bFSZDhcWeZY+hiEMEalbgJ41zh+qj5MWWA5aIc6P3gn9eOjzAYeMdACJMoigpuFW8GHWnUONrPQ=
last-modified: Mon, 26 Jul 2021 14:43:24 GMT
server: cloudflare
etag: W/"255326462f212c0f5068a193161d0e8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: k1FWyjK1ioYpkTuoB4iOIfFWGmZp0eg9
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9480631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 7515.07df192e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 41 KB
13 KB 54ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7515.07df192e.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e460f38859c2b0e7def63f07524fd7f40786587cae4ece137dc5ef6618cbd8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412711
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 82MVJQ8EHYPCWXB6
x-amz-id-2: 0K0AgBZ1A6Byvf8o9/761+63wmlg0Ln/qgXsYnx5TBsf8IL/7xvl1HQzxr9T4sbHLokimq/W8xw=
last-modified: Fri, 23 Jul 2021 17:42:21 GMT
server: cloudflare
etag: W/"9dae40852c49e14223bfc13aa053a283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: fgJbpwbwaSETrX_rYvcYhJtqm0aoMINr
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9490631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 2182.90b75066.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
6 KB 56ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2182.90b75066.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb975e32fec11ab1bd1df3de6b2a237a99f34f91d4a1003ecfac8533038f949

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 443374
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7VYYXJHJ93EZKP54
x-amz-id-2: 1vZbn5Yr0wtG0XCr5zxhT4Qhf6d2tS/MggGMZ4o7LBSCqxEtqljKlQ33vZ7M54EU5AxJ3/wrL8U=
last-modified: Thu, 22 Jul 2021 12:06:13 GMT
server: cloudflare
etag: W/"68b973c6bb510794da5c351a03432b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: R6OhpMH32qOfKSwuaVi.L9Aty1ZKVU_I
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f94a0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 5435.61b05a8d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 47 KB
15 KB 69ms
59ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5435.61b05a8d.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e14ed543d43d892711ac17f34f7e8ec67d6adccd3267c2fe5c9a9e180a1b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412711
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 82MQP7KRR3KATCY9
x-amz-id-2: 1FqCyAkkIWeoCYN9XsfTY3UbtXGYuLzQRHgKr/k5mt829hCaUnJL4/oepFHciTX6DvNpgAKcAfU=
last-modified: Wed, 21 Jul 2021 16:14:47 GMT
server: cloudflare
etag: W/"8052b28a0d8330a495d3b89d19eaab1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: diRb57deVb3M4_TFcDSN737IGJDyEctV
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f94e0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 499.8ebd9851.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 38 KB
8 KB 57ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/499.8ebd9851.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ddf50a27f7d92397724e90079d5d899c20488b4bfa138be742398bf6629d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412711
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 82MP4XT1BVFYP7N7
x-amz-id-2: ih9MIWKrt2KkCtso3+QaiN4xQCZL6UiaGDorz2XyqNL/GoULBBIedNT0J+S7Hh4nv3wX4RVFj90=
last-modified: Wed, 21 Jul 2021 16:14:47 GMT
server: cloudflare
etag: W/"23a4b057df4bb7f3c6b528bf9c16eb54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: _9suw9zyZ6zcHIgCqLp4WnyEt4dQvmGB
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f94f0631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 3209.dc27eb3f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 51 KB
17 KB 57ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3209.dc27eb3f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e09149de9b774af1a79769ba2543975052260a43ece0f8bcc04d91ed64becc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70754
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: T7Z68WZC531RMR3P
x-amz-id-2: OPrKoy97h1oM2XY/xG4gMuT8HkcfY6g+z10EJx+wp8U3XNZLlHBdZUE2rnKYrV+ivwGKQEe/TQE=
last-modified: Mon, 26 Jul 2021 15:52:48 GMT
server: cloudflare
etag: W/"65e3a263533eeb57c1dcf61058f2d151"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: pVw9mUhmvyGG.eqiiKtfaEcyzXyHH5wp
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9520631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 Post.9df377e7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
6 KB 59ms
49ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.9df377e7.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67d490239e98164bc4304ae4f91e5f0b6f23dc10b5866fb98653df050b77112

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 412711
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 82MQCMQQAGXFET4Q
x-amz-id-2: lSakefE1EMD6ujic2gE7+ZwvdxUcOt1SnQhDU4QHfr4ui/DpdjqnVbLc4BQvej4dxswzo6GFKfs=
last-modified: Thu, 22 Jul 2021 23:37:37 GMT
server: cloudflare
etag: W/"f8d7b69a43ac8cc0ecf333e1c169aee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: tLmX.tF7Vul6msWWNnVhSM1TSfUbCAgh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd1f9530631-FRA
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 27ms
26ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8996390
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 675e1fd1c9c84303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 27ms
27ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11027123
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 675e1fd1c9ca4303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Jul 2022 12:31:24 GMT

GET
H3-29 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 18ms
18ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11027123
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 675e1fd1c9cc4303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Jul 2022 12:31:24 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 141 B
454 B 211ms
210ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

13fadad46c24a6581d9aaa678e6d8abfe477e2def9a981ae8565f5da8085554d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 195
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"8d-WlDL4PggnWUQvf0IWaC8t7jc928"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef
x-envoy-upstream-service-time: 69
medium-missing-time: 0
content-length: 141
x-xss-protection: 0
x-request-received-at: 1627475485046

POST
H2 200 graphql Show response
posts.specterops.io/_/ 40 KB
8 KB 911ms
910ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4ee71cb4194b4cd0d96f8d084e68f118f43f951f26d8d203b841752cb609b9a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 5242
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: PostViewerEdgeContent
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: PostViewerEdgeContent
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"9e58-2Qijslm9yQoKcGxV8+zVJu0iKhA"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-194600-1137a47a2c
x-envoy-upstream-service-time: 435
medium-missing-time: 27
x-xss-protection: 0
x-request-received-at: 1627475485203

POST
H2 200 graphql Show response
posts.specterops.io/_/ 443 B
785 B 292ms
292ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

abe7720a1aabd2b002d5b78d7ba2bf114c71b21c3092a16af51b8af671b705b4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 603
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: UserViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: UserViewerEdge
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"1bb-E8B2wInvDZ+8OHkBHaDeSKud4Gg"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-194600-1137a47a2c
x-envoy-upstream-service-time: 147
medium-missing-time: 3
content-length: 443
x-xss-protection: 0
x-request-received-at: 1627475485203

POST
H2 200 graphql Show response
posts.specterops.io/_/ 281 B
621 B 284ms
284ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

eeaee99349be44aa1a73f625b9ba29662435b36a6eeb42511ddc5b2c8715052a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 451
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: PostViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: PostViewerEdge
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"119-RMdzKrQcHtF3n3uy/+sMcH6Fh8M"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-194600-1137a47a2c
x-envoy-upstream-service-time: 140
medium-missing-time: 4
content-length: 281
x-xss-protection: 0
x-request-received-at: 1627475485206

POST
H2 200 graphql Show response
posts.specterops.io/_/ 395 B
736 B 280ms
279ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

310d2dc37be3e08043be4ec5f465c5ebaa0f7d76af3d4e7e42fca1d2ad6919d3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 599
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: CollectionViewerEdge
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"18b-SxMMsYxIorYd9jKfBuk8XgS3hqE"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-225745-041beda443
x-envoy-upstream-service-time: 123
medium-missing-time: 0
content-length: 395
x-xss-protection: 0
x-request-received-at: 1627475485222

POST
H2 200 graphql Show response
posts.specterops.io/_/ 543 B
884 B 248ms
248ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8cbbbf25f29f1e2b7d3e2a1b2b84a69cb2cbe4149d230f830f6e441eb7277218

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 1505
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"21f-WyqqGsjbRmnnjU2ifeU+gK9RrMs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210726-193255-94a4456e36
x-envoy-upstream-service-time: 107
medium-missing-time: 2
content-length: 543
x-xss-protection: 0
x-request-received-at: 1627475485370

POST
H2 200 graphql Show response
posts.specterops.io/_/ 611 B
955 B 312ms
311ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f01bdb6212837f5e7edca2dab61be189fc39d7e99c4d7ade3fb41d853be4b93d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"263-dqQLYp6dMglNkCbIv5P+zIYfAMM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210726-193255-94a4456e36
x-envoy-upstream-service-time: 166
medium-missing-time: 18
content-length: 611
x-xss-protection: 0
x-request-received-at: 1627475485383

POST
H2 200 graphql Show response
posts.specterops.io/_/ 550 B
890 B 249ms
249ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4c2e6931fab7877715a45cf9793c528e586e2978eec2c121d0fedbf151ac1799

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"226-Jrqc9cZCth2XarkhPDe7GMHwcf8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-174035-5c4f4aab89
x-envoy-upstream-service-time: 99
medium-missing-time: 2
content-length: 550
x-xss-protection: 0
x-request-received-at: 1627475485381

POST
H2 200 graphql Show response
posts.specterops.io/_/ 567 B
909 B 256ms
256ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

41ac1ace16012e5184cee084befd751b67abcc1476841a7403b848f2c465a3ff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 1505
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"237-XU4+2X+pJ1Plq5Ur3Aov9iPLZSY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-174035-5c4f4aab89
x-envoy-upstream-service-time: 108
medium-missing-time: 3
content-length: 567
x-xss-protection: 0
x-request-received-at: 1627475485383

POST
H2 200 graphql Show response
posts.specterops.io/_/ 438 B
778 B 251ms
250ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4b94b8ff81038261d0c5a2c59b0abef342a37b40e4b6ec24158f7652214bfb3b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"1b6-oC5e7Z4uIaz5fl+lf3Yh8cJ/hP0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-225745-041beda443
x-envoy-upstream-service-time: 95
medium-missing-time: 2
content-length: 438
x-xss-protection: 0
x-request-received-at: 1627475485393

POST
H2 200 graphql Show response
posts.specterops.io/_/ 418 B
759 B 280ms
280ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f25973b997f8156b5788575741f0821e2cbfece8c47ac46b857e37c18bdce1b5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"1a2-ObOSoKjAuXDJIOk6aeDKwQWoxvI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210726-193255-94a4456e36
x-envoy-upstream-service-time: 127
medium-missing-time: 1
content-length: 418
x-xss-protection: 0
x-request-received-at: 1627475485394

GET
H3-29 200 8342.6aa0b45e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
34 KB 21ms
20ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8342.6aa0b45e.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.e2c0007a.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 129693
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XZ1MCW81DYX4XYRA
x-amz-id-2: JBq2v1mt0X2gMH7anuTD0L29hBl6YEbcNFuFx4UcXyhBHZAwmrTku09UuVijG7UrHr9mRGJu58E=
last-modified: Fri, 14 May 2021 07:49:57 GMT
server: cloudflare
etag: W/"5daacb41c4e6b401be87ada016250ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QtuMS.aBLj19jleyzZwgHGYQHQ8_ziQc
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd7de4b0631-FRA
expires: Thu, 28 Jul 2022 12:31:25 GMT

GET
H3-29 200 8698.667348ec.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 29 KB
10 KB 22ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8698.667348ec.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.e2c0007a.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7906af2d894a3d44ff1ec06feeb68e2ba73592d352ea46f750a7812b8b077541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85208
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 30813J4S0STW673X
x-amz-id-2: 2ddoy/2Fb51xGEb2qofa1xM+yuUjfP43WXegzF8YHH2z10vgXWvjNRSQ1zKP+136CUxhwowOIvk=
last-modified: Thu, 24 Jun 2021 19:29:13 GMT
server: cloudflare
etag: W/"4685017117f36eac810ca87a483defc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: qOAyiPiHU69qia3mybHyZEGEgfKbYk_I
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd7de510631-FRA
expires: Thu, 28 Jul 2022 12:31:25 GMT

GET
H3-29 200 9590.d155f1b6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 42 KB
12 KB 19ms
17ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9590.d155f1b6.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.e2c0007a.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c88b51fd6aa5b4e3f432429ebf3c87c4549f3a17094e0bd2f3201b97e326d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70753
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BYEWGY40WRS4S46Z
x-amz-id-2: p/QY5uL8Ag/3jbVRQmtLrrmtK57wj39hlonAepAVRVsLXYt7DHwxV1jU/7CIx617NVb/4F5jzZE=
last-modified: Mon, 26 Jul 2021 15:52:52 GMT
server: cloudflare
etag: W/"f602d795369f8f7be22fab201af367cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: kb7HywYkMcz707kQZhs9qJGyY83iufSR
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd7de550631-FRA
expires: Thu, 28 Jul 2022 12:31:25 GMT

GET
H3-29 200 ThreadedResponsesSidebar.f48469c1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 63 KB
20 KB 24ms
23ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.f48469c1.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.e2c0007a.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

966dcba4b6d480009332656d68e796f18e7f8d7b9373958ae81ba88d6eb8595d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70753
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BYEJ31KB9QK19JDX
x-amz-id-2: mW6cPjg2PbmjXUVw62aMGwhKweRgV1LntyVkc4Q3McYQCm4Y4zuJvm9M4XDK8k/3speMfye+iZs=
last-modified: Tue, 27 Jul 2021 12:21:30 GMT
server: cloudflare
etag: W/"ef63e880edaa8a9448941d366504c54d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: RIseCkl5DqXQnW4yfFrx..i.3NbIcn3C
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fd7de560631-FRA
expires: Thu, 28 Jul 2022 12:31:25 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 94 B
433 B 361ms
361ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0019a1fc91016d681e66c2bfc619ada899412714080b3df589fd847f77f26dc4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200; dd_cookie_test_2ce2945b-f95b-4239-bf76-bc3dbee4c3b1=test; _dd_s=rum=0&expire=1627476385424; dd_cookie_test_44d9e672-7bff-4fdd-8353-a44a41dec61d=test; dd_cookie_test_463c6abb-7f72-415b-8e53-adf62f06abd8=test
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 5605
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
sepia-upstream: medium
server: nginx
etag: W/"5e-kVSKSU69nbF4I0o+bxzn1H7FIQ8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-194600-1137a47a2c
x-envoy-upstream-service-time: 115
medium-missing-time: 5
content-length: 94
x-xss-protection: 0
x-request-received-at: 1627475485761

GET
H3-29 200 0*l7ieaNG6vq0va1Gj
miro.medium.com/max/700/ 30 KB
30 KB 109ms
109ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/0*l7ieaNG6vq0va1Gj

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd3507489c8228b3c86c476938a77a7984f87ae1eaa1054501321cc085a0d22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 114
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30228
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 675e1fda4bd00631-FRA
expires: Fri, 27 Aug 2021 12:31:25 GMT

POST
H2 200 /
posts.specterops.io/_/clientele/reports/performance/ 0
0 152ms
151ms Fetch
application/octet-stream 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.04c13d01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200; dd_cookie_test_2ce2945b-f95b-4239-bf76-bc3dbee4c3b1=test; _dd_s=rum=0&expire=1627476385424; dd_cookie_test_44d9e672-7bff-4fdd-8353-a44a41dec61d=test; dd_cookie_test_463c6abb-7f72-415b-8e53-adf62f06abd8=test; lightstep_guid/lite-web=02802aab1ba95d3f; lightstep_session_id=1a9003f8113533e1; dd_cookie_test_a2c2f457-7a20-4af3-8c1d-12f94323756a=test; dd_cookie_test_c1721fdf-0483-45a5-a4b9-aaf95ead73bb=test
content-length: 194
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, clientele/main-20210709-175524-eebd6c4731
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
posts.specterops.io/_/clientele/reports/performance/ 0
0 150ms
150ms Fetch
application/octet-stream 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.04c13d01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_1bd74d8ff200; sid=1:C2oF+r1oGGD6XDP1kAo+TtYTQwQEYaMnE2a0WhGlz5+87VJxA5q2pNXRsQKDHpG2; optimizelyEndUserId=lo_1bd74d8ff200; dd_cookie_test_2ce2945b-f95b-4239-bf76-bc3dbee4c3b1=test; _dd_s=rum=0&expire=1627476385424; dd_cookie_test_44d9e672-7bff-4fdd-8353-a44a41dec61d=test; dd_cookie_test_463c6abb-7f72-415b-8e53-adf62f06abd8=test; lightstep_guid/lite-web=02802aab1ba95d3f; lightstep_session_id=1a9003f8113533e1; dd_cookie_test_a2c2f457-7a20-4af3-8c1d-12f94323756a=test; dd_cookie_test_c1721fdf-0483-45a5-a4b9-aaf95ead73bb=test; dd_cookie_test_9b8c8f3f-a164-44b6-bb60-86e817def7e7=test
content-length: 220
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Jul 2021 12:31:25 GMT
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, clientele/main-20210709-175524-eebd6c4731
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6027
date: Wed, 28 Jul 2021 10:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 28 Jul 2021 12:50:59 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 170ms
69ms Script
text/javascript 13.224.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=bfedb48679ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-20.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00ea178cbba5d3f907ab88426a2380ee06fc6267ea1e7e9815e4063fcdd8d8ac

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qarmcwXsLN.jA_Lr9PtDBnGJTnfPptaQ
content-encoding: gzip
last-modified: Mon, 24 May 2021 20:22:06 GMT
server: AmazonS3
age: 54
etag: "611960e84a5f2287a232699af98b27d9"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 28 Jul 2021 12:30:33 GMT
x-amz-cf-pop: ZRH50-C1
content-length: 23842
x-amz-cf-id: poNle0kMdaj2QhLRY9-KcuAEugsxgcOGKEggszhLynWRDGmbD3qjeQ==

GET
H2 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/135/ 4 KB
4 KB 37ms
37ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/135/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971c28b0d1f472873001dc7dc6a2cccb67ae422fd00cd6a12e753fbc1ff1e2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2256376
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cached-on: Fri, 02 Jul 2021 09:34:39 GMT, Fri, 02 Jul 2021 09:40:57 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4048
pragma: public
sepia-upstream: medium
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210610-161437-d086756654
accept-ranges: bytes
cf-ray: 675e1fdf7998c2a4-FRA
expires: Fri, 27 Aug 2021 12:31:26 GMT

GET
H2 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/135/ 4 KB
4 KB 43ms
43ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/135/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a16399be3dd5a77dab492b09571656ea17bcab138b1422484312c761aecbf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2255968
x-envoy-upstream-service-time: 35
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cached-on: Wed, 30 Jun 2021 07:14:29 GMT, Fri, 02 Jul 2021 09:40:57 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4354
pragma: public
sepia-upstream: medium
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210617-165854-e4900a530f
accept-ranges: bytes
cf-ray: 675e1fdf799cc2a4-FRA
expires: Fri, 27 Aug 2021 12:31:26 GMT

GET
H2 200 responses.editor.0475a6fd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.0475a6fd.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.e2c0007a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7886fd547f29bbdcee03bf5add560ee3efa25774e7463e130c38546816673aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70753
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: C766MVTZ27S8HHBY
x-amz-id-2: FAEq1GbkYCYkLsVOqwei3BH1x20J2DXwDNmiJ4BH02XZ5qU9E++dqd5pdPYBuhaGn7t7n29IixQ=
last-modified: Mon, 26 Jul 2021 15:53:25 GMT
server: cloudflare
etag: W/"817231ddde6020935561adf53a24ad45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: vcR3hH8UWbrkpShYPQg2rF2jjpzJfkT.
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 675e1fdffaccc2a4-FRA
expires: Thu, 28 Jul 2022 12:31:26 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 462 B
874 B 275ms
275ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

15e6e428024ecfb2554a22fb9928cb8291d4fef98666849a98b3cd19a2e6c167

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 3b1afcf105da9221
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210727-225311-5ac263735e
content-length: 7136
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
graphql-operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
apollographql-client-version: main-20210727-225311-5ac263735e
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 68fee84bf385a5f5
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Graphql-Operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Medium-Frontend-App: lite/main-20210727-225311-5ac263735e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210727-225311-5ac263735e
ot-tracer-spanid: 3b1afcf105da9221

Response headers

date: Wed, 28 Jul 2021 12:31:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"1ce-JFCPbK5Hrtti+5/2t1eCWieaG50"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, rito/main-20210728-111625-c29ffb14ef, tutu/main-20210727-194600-1137a47a2c
x-envoy-upstream-service-time: 120
set-cookie: uid=lo_a5579fe7e9da; Path=/; Expires=Thu, 28 Jul 2022 12:31:26 GMT; HttpOnly; Secure
medium-missing-time: 5
content-length: 462
x-xss-protection: 0
x-request-received-at: 1627475486818

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 12ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1630041171&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&ul=en-us&de=UTF-8&dt=BloodHound%20versus%20Ransomware%3A%20A%20Defender%E2%80%99s%20Guide%20%7C%20by%20Andy%20Robbins%20%7C%20Jun%2C%202021%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=110429761&gjid=1890175021&cid=54933456.1627475487&tid=UA-24232453-2&_gid=1272307709.1627475487&_r=1&_slc=1&z=343175045

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 12:31:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posts.specterops.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1630041171&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&ul=en-us&de=UTF-8&dt=BloodHound%20versus%20Ransomware%3A%20A%20Defender%E2%80%99s%20Guide%20%7C%20by%20Andy%20Robbins%20%7C%20Jun%2C%202021%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1555510980&gjid=1407735818&cid=54933456.1627475487&tid=UA-102239211-2&_gid=1272307709.1627475487&_r=1&_slc=1&z=1284314965

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 12:31:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posts.specterops.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 90 B
567 B 195ms
167ms Script
text/javascript 2600:9000:2190:3a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.2&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:3a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

600c25b356484ac09ae7f7bf12fb8db6b6fe2c73320a7f56ca5c9278a843bb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:27 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-cG4+XkjVnBowJN82boKgDCIbj1c"
x-amz-cf-id: ham_ZAUfqXqcm_RcFb2iGh2U44LIlSV9C3W2YNcGWBANukUmQhxsaQ==

GET
H2 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 47ms
31ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8320664
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 675e1fe288504ac3-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Jul 2022 12:31:27 GMT

POST reports
lightstep.medium.systems/api/v0/ 0
0

OPTIONS
H2 503 reports
lightstep.medium.systems/api/v0/ 0
0 182ms
155ms Preflight
text/plain 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 28 Jul 2021 12:31:27 GMT
content-type: text/plain
content-length: 91
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk70uoDorJILs%2BcNRRDk35Qy2uCNK24%2F8EhFlG8Epis%2Bs7LphEeakkfMiZZSgo7kSOhwZKiBtbnhFF6y8%2B3uuXeNSioyhFDsnTKVkNH%2FDGiFR3kIyBj41RsF5ELwkt%2BxentEYExJO09vPD5JBhnQ2w%2FyYx%2FnF5k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 675e1fe2bfa5c27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
627 B 221ms
191ms XHR
application/json 2600:9000:2190:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9f324c2fe5309eb60a92b874694b1f9ff12838b5253e81e9d86d97bfd979c0ec

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Jul 2021 12:31:27 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 1aa06b19a8b4440cb9d0703796be07a5-2021072812
content-length: 312
x-amz-cf-id: JoRzOqonU53IWTH9_hcYaTIUUy5FcOSDSyTorNsdJWFwNu-RUepMPA==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 0
0 535ms
132ms Preflight
text/plain 52.45.34.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.45.34.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-34-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://posts.specterops.io
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Wed, 28 Jul 2021 12:31:27 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
245 B 130ms
130ms XHR
text/plain 52.45.34.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.34.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-34-218.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://posts.specterops.io
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Wed, 28 Jul 2021 12:31:27 GMT
Content-Type: text/plain

POST
H2 200 /
posts.specterops.io/_/clientele/reports/performance/ 0
0 147ms
147ms Fetch
application/octet-stream 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.04c13d01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_a5579fe7e9da; _ga=GA1.2.54933456.1627475487; _gid=GA1.2.1272307709.1627475487; _gat=1; _gat_tracker0=1
content-length: 1436
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Jul 2021 12:31:27 GMT
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d, clientele/main-20210709-175524-eebd6c4731
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 136ms
136ms Fetch
application/json 2600:1f18:24e6:b902:48f0:a226:4e0b:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.04c13d01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:48f0:a226:4e0b:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 28 Jul 2021 12:31:27 GMT
content-length: 2
content-type: application/json

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0 291ms
94ms Preflight 2600:1f18:24e6:b902:48f0:a226:4e0b:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b902:48f0:a226:4e0b:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 28 Jul 2021 12:31:27 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
564 B 448ms
447ms XHR
application/json 2600:9000:2190:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

ea7fa7c3f46cc13a4530665969e6eaddfb5f487fddf429111e57a328a96b168c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Jul 2021 12:31:27 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
etag: W/"b4-3scQIw36nruEhypQRzzFUo9mg80"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: fd5754b26f664d71969900b1fb5b4543-2021072812
content-length: 180
x-amz-cf-id: mLtV80YYcQMFxLjbYWagIlNLKb58-IFAYNdntH7toVkk7pjB_DUQIw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
389 B 195ms
195ms XHR
application/json 2600:9000:2190:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Jul 2021 12:31:28 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: fac581cc762a4bbb8944bbd8685ff341-2021072812
content-length: 28
x-amz-cf-id: YncGzvbyeVFsEARmt-W3RUm8veT4-imrq9QnmNDg_oXjB6aV8gbROw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
389 B 190ms
190ms XHR
application/json 2600:9000:2190:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/1657.451e6d57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Jul 2021 12:31:28 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 68d082e706a14b20911d25f9581360b3-2021072812
content-length: 28
x-amz-cf-id: rMy3Y14FSsRYJuP9IvWuBdkGQqk7rOQKHLwC0w_9Fa__-Sh4F5mMig==

POST
H2 200 batch Show response
posts.specterops.io/_/ 17 B
173 B 304ms
304ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.04c13d01.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
x-xsrf-token: 1
accept-language: en-US
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: uid=lo_a5579fe7e9da; _ga=GA1.2.54933456.1627475487; _gid=GA1.2.1272307709.1627475487; _gat=1; _gat_tracker0=1
content-length: 7264
:path: /_/batch
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Jul 2021 12:31:30 GMT
medium-fulfilled-by: valencia/main-20210727-222744-d4a948ed5d
x-envoy-upstream-service-time: 146
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

POST reports
lightstep.medium.systems/api/v0/ 0
0

OPTIONS
H2 503 reports
lightstep.medium.systems/api/v0/ 0
0 137ms
134ms Preflight
text/plain 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 28 Jul 2021 12:31:31 GMT
content-type: text/plain
content-length: 91
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2h9WIK%2FWBs3eXI%2Bfqy5mGm0j2loTZEjhQjPTDQdaUU87goX6s2EnBwuVnqJp%2BPelS4R%2FfnHgcaGv0znWHoaVJymk2Kwo2dL4F3UBrV35SmfyqvqNQCq53ikmym37GQtXWHVb6dGffr6WjBTHLE0TpvomVrM03c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 675e1ffb8a62c27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST reports
lightstep.medium.systems/api/v0/ 0
0

OPTIONS
H2 503 reports
lightstep.medium.systems/api/v0/ 0
0 162ms
162ms Preflight
text/plain 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 28 Jul 2021 12:31:37 GMT
content-type: text/plain
content-length: 91
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm8ctBtgk1eaheZYBxb4N%2BQI8Qy%2FbyRJZJlp6NdcM7M4U4VEaeUoTeKSa3dOiYs3OM1PbaNuoUDA%2FZGKP1tPeG7zjVLExzuezBQ7LjwJ1uqlgOpVvZP%2BNvjCayq2%2FWy%2BcFKVOiFgp1cFta1%2BGRIB34PtflgFKMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 675e20221cb0c27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lightstep.medium.systems
URL: https://lightstep.medium.systems/api/v0/reports

Domain: lightstep.medium.systems
URL: https://lightstep.medium.systems/api/v0/reports

Domain: lightstep.medium.systems
URL: https://lightstep.medium.systems/api/v0/reports

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.specterops.io/	1970-01-19 20:04:35	Name: _gat_tracker0 Value: 1
.specterops.io/	1970-01-19 20:06:01	Name: _gid Value: GA1.2.1272307709.1627475487
.specterops.io/	1970-01-20 13:35:47	Name: _ga Value: GA1.2.54933456.1627475487
.specterops.io/	1970-01-19 20:04:35	Name: _gat Value: 1
posts.specterops.io/	1970-01-20 04:50:11	Name: uid Value: lo_a5579fe7e9da

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.04c13d01.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.04c13d01.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
errors.client.optimizely.com
glyph.medium.com
lightstep.medium.systems
medium.com
miro.medium.com
posts.specterops.io
www.google-analytics.com
lightstep.medium.systems
13.224.99.20
2600:1f18:24e6:b902:48f0:a226:4e0b:1e19
2600:9000:2190:3a00:19:9934:6a80:93a1
2600:9000:2190:ee00:11:f728:3040:93a1
2606:4700:3032::6815:5081
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2a00:1450:4001:80f::200e
2a02:26f0:6c00:2b7::13b8
52.4.175.111
52.45.34.218
0019a1fc91016d681e66c2bfc619ada899412714080b3df589fd847f77f26dc4
00ea178cbba5d3f907ab88426a2380ee06fc6267ea1e7e9815e4063fcdd8d8ac
03e3bf7cb09a27738c8d9e14ed5254d5e415e4fce8355d3bbe51408a34eec8e7
046b63e87de2c1a2348ac72a42d9919b307b0daa5da84a92ee4cd685401c43b9
04b6d83778ce23802c3aa319ce965bb679e791209f334605643f8d9b17083e79
05e14ed543d43d892711ac17f34f7e8ec67d6adccd3267c2fe5c9a9e180a1b67
0bffd86a9718f167caf12cd9a4f24b3e86f7789f918d472249976fb90122e654
0dd2006dbe3978bf125cb1e0002f09cbcd4ca6801ff701e52e53aa50c0fa190d
0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107
1063620ab081519dfe7786ea735f92ac8fa107be5cc2d37086cd32223863d347
13fadad46c24a6581d9aaa678e6d8abfe477e2def9a981ae8565f5da8085554d
15e6e428024ecfb2554a22fb9928cb8291d4fef98666849a98b3cd19a2e6c167
19197895be53d335aea8e7565196f2d0331caa03153cac3ee256219db8f2dda4
1bd46284abee72dbe93295f7b04a7297e851545b95fb9aa5e91237ff7b03fcf4
1e1fe8bf6596a9d50a1bcec78ac5323c0c7adc44317312513e349ae955bb61d6
23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7
255708f6b0433a857832f894ac2e3a41152b5608e10eb3516ee68763bde63b49
2735c24ff06af9bb0a0a46bc9b8bcdfa595a4ff72e2f28b7a96992ad41faa688
2ae595460c58e158ec4fdaec962e5ab6309aa5356334a1af3afeb8b77d6424df
2fd9f3a790a6dd4f8ce63c68a1e4d915f20b225fcac6fb21f3d2ba27c0faaab5
310d2dc37be3e08043be4ec5f465c5ebaa0f7d76af3d4e7e42fca1d2ad6919d3
31841c0553a88ef72572428c8afe8696d589e27364b961199d15589399f73b50
32c88b51fd6aa5b4e3f432429ebf3c87c4549f3a17094e0bd2f3201b97e326d4
37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55
386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572
3adce7396d0a310a55119c8d7a0c3f050c8e9709e895a0aecfeaca032820688c
3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51
3c1f1559a072531c1dcc82d9356ac612b1de4eab8110684e2c781632d48bfa4e
4094b55a200cf8897e6f82a76ae55c08d1024c2db9039cb32782f61b4e7f27f7
41369f4e1f416398d97cce9eb2aed485e130961d0f30dee4d80a91519ecf81a9
41ac1ace16012e5184cee084befd751b67abcc1476841a7403b848f2c465a3ff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b94b8ff81038261d0c5a2c59b0abef342a37b40e4b6ec24158f7652214bfb3b
4c2e6931fab7877715a45cf9793c528e586e2978eec2c121d0fedbf151ac1799
4ee71cb4194b4cd0d96f8d084e68f118f43f951f26d8d203b841752cb609b9a9
507a30c31ab0504d0a4b0e823b52ec6ee696f009dd6ee705501777a7133d2a10
50bd82b1547e2db3bef7b27bed0aa7d436e51ef509c2adf789a66c7db6254dc6
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
600c25b356484ac09ae7f7bf12fb8db6b6fe2c73320a7f56ca5c9278a843bb57
63b78b9ab30410dda3b9bf91064e911e35693a43157f41b1044c6647fcf65216
653a562eba0bb3a78db868c907c969e337a4ee74f13c766e1978d2d8f6d251d6
67c4cd3264cdb8f145d364e09586abb4c9b7f36fc6c07729ced48ccbf643c000
68078ec955d9fe1ecbba1656e1f4469e2585307cfc1b5b993df6e56e5de3d359
69ddf50a27f7d92397724e90079d5d899c20488b4bfa138be742398bf6629d7e
6aa81e31ec1390eb8abbe1e81f0e31d02647972b161049d6160d88e5fad2b555
6e460f38859c2b0e7def63f07524fd7f40786587cae4ece137dc5ef6618cbd8c
6e895850f5519261fdeddf6cbfdb6d885367370baa9ff21c16d1ab178c835ade
70b2d4d61d80e2deb5aca5d10fca76cf153e8b028b11361a1e34d729de6f8b38
7886fd547f29bbdcee03bf5add560ee3efa25774e7463e130c38546816673aaf
78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee
7906af2d894a3d44ff1ec06feeb68e2ba73592d352ea46f750a7812b8b077541
7a02d3876264c8b8bbbbb097ad7411acabee81b3287b59fce1565fc1db94e573
85c018e4c154a7d3accbeba646ada9374a74bf900ae1122d178db1bc20b0f4d7
880f35520dc8346199a9abc4481116451dd2435cac763533d333a35d233960ba
8a16399be3dd5a77dab492b09571656ea17bcab138b1422484312c761aecbf2d
8bbacda37b119c290c184c6975dc0f9e7892a22c56bb572d70457e437484864d
8cbbbf25f29f1e2b7d3e2a1b2b84a69cb2cbe4149d230f830f6e441eb7277218
8d1f284928f13cdec7b8185b66c2827c65f0a093f58e6e9aae2b030b9583579a
8e039a45cebc2581d5b9a67fbe4b2b00abfcbc22e3640f50f803b0eb578c886c
93384bf842a2cae6c63aa8979f3dfdbef5945682d2fc52610e43fb100d17de9f
966dcba4b6d480009332656d68e796f18e7f8d7b9373958ae81ba88d6eb8595d
971c28b0d1f472873001dc7dc6a2cccb67ae422fd00cd6a12e753fbc1ff1e2ea
9971503ea5cbc832b9d030f04e7c4f4124148bc50c1d7f5dc16af968c6fccb27
9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16
9b2ba524e89cadd46eefa8f3f653bac8ab3cc47267cb8bf419ef64ad56d31874
9bbafa0ed683b99dd70f7a8e668ab79a3675e8a7cb1d9ed917708d79d3475c02
9ddc17e1f50b37e84818224d3112cbddf32c00a8a26fbd08225f9cabfd42cc04
9f324c2fe5309eb60a92b874694b1f9ff12838b5253e81e9d86d97bfd979c0ec
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3ba1439124da243b102483d0d3b16a41d1481e65595b9eca9ca33e8979079cb
a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d
a6736bbcf43d65775f5bcd9126f0e0cbb896edb1081d27e9a370243e8e947814
a8214b9c696291f3db69f42f018a3c5d7e705766ccb912b71ddb2bbbf4f323b1
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
abe7720a1aabd2b002d5b78d7ba2bf114c71b21c3092a16af51b8af671b705b4
b1a9463f195524fd8e9ae18554cbb9a371e98207134daca5d51818f98774f285
b3a6990e27b86a035b6ca5dacb9137b852b4a470939697f95eb8a420d0d3e0d3
b66358492fc0e1f5ac41b2fdc25c96d1c129615754c88704ad972a7367d32032
b8aecc772988b29a46774bb5c5e2dd3373fca5cfab4122338414f41cfb6b656e
bbd0ec2901332e0a1bf7c030a2ab761e119615ca1feb6a3d2944bf8a8f2a2fb7
bde7f622acf7cad52a90ecdef1e60cd2b231765604e82a166841b8efae5d0f05
c0f26ea681118b91a7c24d4fa45b2cfc97382023713549d6e2eb9da58d4f121c
c18f0f46697f44e01385f68538d386db35c436a56fab78e78d4c0aa8a0cb422a
c641cb179c8381b2c690df8ecd3ad0497617941b337051c3b939fd1e33bea533
cdb975e32fec11ab1bd1df3de6b2a237a99f34f91d4a1003ecfac8533038f949
d0a96c5afb4c6eb7a0e5097c7c9c8db226053448abaec8dd173b7ce8c8bd1503
db34be954b8636c73e159c9e56ef30faa08019c13a6c60a290427eaa8958804c
dd3507489c8228b3c86c476938a77a7984f87ae1eaa1054501321cc085a0d22e
df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f
e09149de9b774af1a79769ba2543975052260a43ece0f8bcc04d91ed64becc2a
e340a49d8095fbbd3fd135140fc7090ece24ff63f90a7c30a9b85c06904d609b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8
ea7fa7c3f46cc13a4530665969e6eaddfb5f487fddf429111e57a328a96b168c
ecdde8c9b9229ebdce1eec1d58db40a93faa9b9ed27389a57c29f0c44a274ddd
eeaee99349be44aa1a73f625b9ba29662435b36a6eeb42511ddc5b2c8715052a
f01bdb6212837f5e7edca2dab61be189fc39d7e99c4d7ade3fb41d853be4b93d
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f25973b997f8156b5788575741f0821e2cbfece8c47ac46b857e37c18bdce1b5
f533eb639be3ba90e9031b71779c52cdc20698da99dc51b3b5ac2f91e7134aaf
f645c0679c81df44a885fe643440b95b9c14237f81923935f99e8954ebae9fd6
f67d490239e98164bc4304ae4f91e5f0b6f23dc10b5866fb98653df050b77112
f701c887b2e25cd543a5a533fcecf7ba585c4adbadf14463a9ff998a6ab3c7d5
f8c8980c52933cd778a3ad336871fcc88440ed7fb33f38cfe0f616e144243ad5
fcfb0767fe1baf2168d5e4668d2c7d9ca367e83d3ed8e5ce26c172d246746f0d
fd6ae63e9057ae825638418ec7dab6f6e56757af6313d4acb2069106cf5b113e
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1
ff9c6e1289121eb2965730e7f788666427f0c86802494f6197af3262fbb59764

posts.specterops.io Open in urlscan Pro 52.4.175.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

98 %HTTPS

73 %IPv6

8 Domains

13 Subdomains

12 IPs

2 Countries

1274 kBTransfer

3525 kBSize

5 Cookies

59 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

posts.specterops.io Open in urlscan Pro
52.4.175.111 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

73 %
IPv6

8
Domains

13
Subdomains

12
IPs

2
Countries

1274 kB
Transfer

3525 kB
Size

5
Cookies

123 HTTP transactions
0 data transactions