urlscan.io logo urlscan.io
SecurityTrails logo

www.alteredsecurity.com Open in urlscan Pro
34.149.87.45  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Submission: On February 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 125 HTTP transactions. The main IP is 34.149.87.45, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.alteredsecurity.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 15th 2024. Valid for: 3 months.
This is the only time www.alteredsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.149.87.45 396982 (GOOGLE-CL...)
70 34.96.106.200 396982 (GOOGLE-CL...)
14 44.214.209.158 14618 (AMAZON-AES)
31 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.205.36.100 14618 (AMAZON-AES)
125 8
4    34.149.87.45 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.87.149.34.bc.googleusercontent.com
www.alteredsecurity.com
70    34.96.106.200 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 200.106.96.34.bc.googleusercontent.com
static.parastorage.com
siteassets.parastorage.com
14    44.214.209.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-209-158.compute-1.amazonaws.com
frog.wix.com
31    2600:9000:2057:4a00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2600:9000:225e:9a00:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)
a.mailmunch.co
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    18.205.36.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-36-100.compute-1.amazonaws.com
forms.mailmunch.co
Apex Domain
Subdomains		 Transfer
70 parastorage.com
static.parastorage.com — Cisco Umbrella Rank: 6668
siteassets.parastorage.com — Cisco Umbrella Rank: 7121
978 KB
31 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6205
189 KB
14 wix.com
frog.wix.com — Cisco Umbrella Rank: 6549
4 KB
4 mailmunch.co
a.mailmunch.co — Cisco Umbrella Rank: 24234
forms.mailmunch.co — Cisco Umbrella Rank: 25193
13 KB
4 alteredsecurity.com
www.alteredsecurity.com
337 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 434
33 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 59
1 KB
125 7
Domain Requested by
66 static.parastorage.com www.alteredsecurity.com
static.parastorage.com
31 static.wixstatic.com www.alteredsecurity.com
14 frog.wix.com www.alteredsecurity.com
static.parastorage.com
4 siteassets.parastorage.com www.alteredsecurity.com
4 www.alteredsecurity.com www.alteredsecurity.com
static.parastorage.com
3 a.mailmunch.co static.parastorage.com
a.mailmunch.co
1 forms.mailmunch.co a.mailmunch.co
1 ajax.googleapis.com a.mailmunch.co
1 lh3.googleusercontent.com www.alteredsecurity.com
125 9
Subject Issuer Validity Valid
alteredsecurity.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-15 -
2024-04-14		 3 months crt.sh
*.parastorage.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-11 -
2024-07-09		 6 months crt.sh
*.frog.wix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-22 -
2024-03-20		 6 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-01 -
2024-06-29		 6 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.mailmunch.co
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
forms.mailmunch.co
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Frame ID: B109A02E49259549D9745563AA41A0A0
Requests: 125 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A primer on DCSync attack and detection

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.parastorage\.com
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

125
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1554 kB
Transfer

5280 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

125 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request a-primer-on-dcsync-attack-and-detection
www.alteredsecurity.com/post/ 		1 MB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
afe3659b113b5aa33fa20bb48eae43ac8dcaa1bbd7838aeff171b2c82976fede
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
content-language
en-US
content-length
190186
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 12:46:45 GMT
etag
W/"1e63a7120b2944fa37260c99813b5a7a"
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
link
<https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
server
Pepyaka/1.21.6
server-timing
cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_g
strict-transport-security
max-age=3600
vary
Accept-Encoding
via
1.1 google
x-cache
HIT
x-content-type-options
nosniff
x-seen-by
yvSunuo/8ld62ehjr5B7kA==
x-served-by
cache-fra-eddf8230039-FRA
x-wix-request-id
1708346195.172226770628011881
2347.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/2347.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
6ccb79531ed19681c72462d4663c55ecc2793bf97328fff74310c72fc5f26013

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
JApxkIS1nPG7vGk2Z1wGmYpIL441GpGf
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1577
x-wix-request-id
1708002177.6833347480844682144
last-modified
Thu, 15 Feb 2024 08:52:16 GMT
server
Pepyaka/1.19.10
etag
W/"f9060dca681114a16c78efd75dcfcefc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
708366702 908843513
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
7547.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/7547.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
4dac472598c69fdaa8f3d658386aeb9bed8cab6221af8a4a7eaea296c28b338f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
AutoQc8fUVPj6ot5NnNb.OJxWvaBMCBj
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4417
x-wix-request-id
1708002177.7193367144821605676
last-modified
Thu, 15 Feb 2024 08:52:16 GMT
server
Pepyaka/1.19.10
etag
W/"ad7b1bed9e68153233ca9c65cee8e12e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
910919315 842329808
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
3933.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/3933.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
8dd116f8119f900a7f25a963ef7dbb9b78ab06a8abe9de2c5326fd66d02c73b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
76iwSBdLW6Iwf5htRj6tTPzFH0o0WH3p
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4740
x-wix-request-id
1708002177.73733497131203522356
last-modified
Thu, 15 Feb 2024 08:52:16 GMT
server
Pepyaka/1.19.10
etag
W/"1b857eb85000a974aa4ea2d0995fec7a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
314627131 279068318
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
3482.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/3482.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
ac984f05f021f2c6d90b5a9e2170f14271420a7d63b1f38cf718a4f7c6600908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
XYIHMPXmGoELW41YrsJ_6fHJfo9FC80y
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15879
x-wix-request-id
1708002177.691336738457465676
last-modified
Thu, 15 Feb 2024 08:52:16 GMT
server
Pepyaka/1.19.10
etag
W/"c33030b903f677a71f5873da1d89f265"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
708366712 912510092
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
8989.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/8989.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
8a42e017be9da30f9de14a20e0a3dc8f179786f3dd639fa7e93ef1c9ea3a7e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
pOy6d3VOxz.fX6p2UIOI5MypY43H12xs
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8082
x-wix-request-id
1708002177.7063347480844692144
last-modified
Thu, 15 Feb 2024 08:52:17 GMT
server
Pepyaka/1.19.10
etag
W/"28613904e654563a1a341a4273371025"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
613417664 583684889
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
347.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		112 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/347.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d16a76e6bc25fbb3d06cb905e8e291d01266bf0a1ad1c295dd13db312f1e0ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
wrd9qNTqPbOhH9Yjpd4uNmT42N59wQBY
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30057
x-wix-request-id
1708002177.70233497169684322357
last-modified
Thu, 15 Feb 2024 08:52:16 GMT
server
Pepyaka/1.19.10
etag
W/"e13ae705f5bd0020a71f2acca3403991"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
650184651 913022943
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
7944.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/7944.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
f5c683138349220e034022cbb3735e5fb2a97b51a99622b366453221e3fbe318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
NDy4Aqfnfk0MuypnjWxzlMQIBc0egAcU
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21076
x-wix-request-id
1708002177.6833367144821595676
last-modified
Thu, 15 Feb 2024 08:52:17 GMT
server
Pepyaka/1.19.10
etag
W/"71141fc1172009b0250988ac05288e00"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
909341155 842030283
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
wix-ricos-viewer.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/wix-ricos-viewer.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
f8df9bf365698c5a9906a2b145290bd9feb808d88e138496bbe2f61fd4077af0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
NWJDxiuJyMJ.2KCqch8CZ1mtOZz6C6Wd
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6080
x-wix-request-id
1708002177.6863359523803410171
last-modified
Thu, 15 Feb 2024 08:52:18 GMT
server
Pepyaka/1.19.10
etag
W/"901c95a6cd0d075e21c50abdd01343ca"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
348600345 289096839
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
1210.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/1210.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
076d8d8aec79e9117a80be872ddc7f8763c80ce0fe863fa5d0f051397af8b4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
Kl698dUAM1Oe8cbkYoIHsPQnHSl_sXOf
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4065
x-wix-request-id
1708002177.68433497131203422356
last-modified
Thu, 15 Feb 2024 08:52:16 GMT
server
Pepyaka/1.19.10
etag
W/"bbad1018c009a8d4501399f64a2b7261"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
611873249 528041654
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
image.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/client-viewer/image.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
06894ec39381458aeaefa4279683276effa1c1bc6ac75fd9cd88e823569bd05f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
LB6XStIU9Dlc3HNyGcGsdy9wdb6knjHc
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:57 GMT
age
344628
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4643
x-wix-request-id
1708002177.68633595027631110171
last-modified
Thu, 15 Feb 2024 08:52:17 GMT
server
Pepyaka/1.19.10
etag
W/"ca08896b870d458fee3f9c1d49790f51"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
301512766 286105272
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
bolt-performance
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&microPop=fastly_g&is_cached=true&msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&session_id=9c7ff12a-04c9-47c3-89f8-d819d5456b2f&ish=true&isb=true&isbr=plugins-extra&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&caching=hit,hit_hit&pv=visible&pn=1&v=1.13603.0&url=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&st=2&ts=1&tsn=125&platformOnSite=true
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:45 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
dynamicmodel
www.alteredsecurity.com/_api/v2/ 		37 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.alteredsecurity.com/_api/v2/dynamicmodel
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
30a8ea8c141074e4638383fd74adde79dc29b98d46471417b1ff3e7493717602
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
br
x-content-type-options
nosniff
date
Mon, 19 Feb 2024 12:46:45 GMT
via
1.1 google
age
23896
x-cache
MISS
server-timing
cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_84_g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-fra-etou8220127-FRA
x-wix-request-id
1708346805.20610425386444918799
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
server
Pepyaka/1.21.6
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private,no-cache,no-store
accept-ranges
bytes
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,W1c2/pqHBqplxcWufHCkILxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLqRuPvfvC6RzOgH6bZ0UWxkFJmEKNgQ96+wiTVoMq713,2d58ifebGbosy5xc+FRalgEtbIx9rl8IVgRF9+mz0CTw4cRhqzBH8gK/Cp5plt1i0ZZEd2rYlJgtUz94X1LVvw==,2UNV7KOq4oGjA5+PKsX47ColFAsYHzhwVraIJxv2pmy8ZDY613cHYLbuhNMgAom1
AS2.png
static.wixstatic.com/media/52db83_dd3dab7bcbdf45609df5faa9c62d9a54~mv2.png/v1/fill/w_48,h_34,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/52db83_dd3dab7bcbdf45609df5faa9c62d9a54~mv2.png/v1/fill/w_48,h_34,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/AS2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
c4946a0aede12e3a6acf29da8c3bf44f25703cc14c79afa5187506f8297edb68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 10:48:03 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
525522
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2394
wix-tracer
2cJESoK40VjXookobFJlLnH43iZ
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
w9Rd4YvYHlyQoQIWil3LSfSLmgBtCA9d1HOuoJCVPI3Va9GQaCYGNw==
x-seen-by
image-manipulator-7f98d79f5c-4qp4f
9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png
static.wixstatic.com/media/9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png/v1/fill/w_100,h_114,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png/v1/fill/w_100,h_114,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
5d35f10548eff877c675516232a4e880618d0ac116e5fa32d64bf6d22e0386e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:27 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15858
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4644
wix-tracer
2cZtUvGPAvpzIz82BFXrIplkUtc
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
zRHlV59Y3zUT_cvAZf-S8m5S4rTTpaFjG7ig8AnVSfARYDJQNCIvGw==
x-seen-by
image-manipulator-7f98d79f5c-wvgpf
9df86b_43ef4abcf0c94c49846cb21908a1fd5b~mv2.png
static.wixstatic.com/media/9df86b_43ef4abcf0c94c49846cb21908a1fd5b~mv2.png/v1/fill/w_45,h_16,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		706 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_43ef4abcf0c94c49846cb21908a1fd5b~mv2.png/v1/fill/w_45,h_16,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_43ef4abcf0c94c49846cb21908a1fd5b~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
8af2e31261db4fdcc96145fb43b243d60ae8fc1303551874e01027afcae45076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:27 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15858
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
706
wix-tracer
2cZtUyVHqZVMXH4nH9LluBaBoWy
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
_V24unJqQC6M5-aUbmgxBCfJFUWJjSGMAfUj5IhiS9-b3lfKMsxwEA==
x-seen-by
image-manipulator-7f98d79f5c-tkcg8
9df86b_c6db9db2e43e4022b37f1a0e342499bb~mv2.png
static.wixstatic.com/media/9df86b_c6db9db2e43e4022b37f1a0e342499bb~mv2.png/v1/fill/w_49,h_31,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_c6db9db2e43e4022b37f1a0e342499bb~mv2.png/v1/fill/w_49,h_31,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_c6db9db2e43e4022b37f1a0e342499bb~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e5d22e269960aa637fe0bfcab860fca3b3767c61e23c0ea234eb5d2f7858265b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:27 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15858
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1062
wix-tracer
2cZtUtIhZ4U6ywtaALW4SReHuUS
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
478wkOkRnlDVgb4GORzaE6shEVgAGkOAeXBYI561QMN5lY6q0h7x8w==
x-seen-by
image-manipulator-7f98d79f5c-dkdzp
9df86b_64141ca6977548f99782db8388f0c3a2~mv2.png
static.wixstatic.com/media/9df86b_64141ca6977548f99782db8388f0c3a2~mv2.png/v1/fill/w_49,h_32,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_64141ca6977548f99782db8388f0c3a2~mv2.png/v1/fill/w_49,h_32,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_64141ca6977548f99782db8388f0c3a2~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
8cd7c13537144c9397a8238bd0422c05e46ab79d2cbdd6a0d2d4c8a93212b59f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:27 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15858
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1060
wix-tracer
2cZtUvuaRfeMDluxJh1a2xx9vR2
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
Fn63K5KVhplyJT8BewGmOdZNVAh8p44J72vKI098_H_PxVeRBZ3-dw==
x-seen-by
image-manipulator-7f98d79f5c-c5q7l
9df86b_59e44fdd85d04c8a94754c7039f2eb86~mv2.png
static.wixstatic.com/media/9df86b_59e44fdd85d04c8a94754c7039f2eb86~mv2.png/v1/fill/w_49,h_18,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		862 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_59e44fdd85d04c8a94754c7039f2eb86~mv2.png/v1/fill/w_49,h_18,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_59e44fdd85d04c8a94754c7039f2eb86~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
4382d1f5ca3f056c38249879bab9c4aa0f2c9ce0445ac859c7ad678c1488c574

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:27 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15858
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
862
wix-tracer
2cZtUsstBquRUt7iXGJKfznKkht
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
hXw0KEk3W6eCSCksOxD5Rh9Lz2Lm_cbA9PhLRmNqJjcrkUjR0u6KJw==
x-seen-by
image-manipulator-7f98d79f5c-rbm5s
9df86b_6b513012ac594a649ac29a7ba0db02bf~mv2.png
static.wixstatic.com/media/9df86b_6b513012ac594a649ac29a7ba0db02bf~mv2.png/v1/fill/w_49,h_20,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		822 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_6b513012ac594a649ac29a7ba0db02bf~mv2.png/v1/fill/w_49,h_20,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_6b513012ac594a649ac29a7ba0db02bf~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e8337a41cc582660c80ddb65cb0bb1f40df4d051e04a03d95550a1764d0f9cc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:27 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15858
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
822
wix-tracer
2cZtUyLH8rdXw969xB0Q54e8aiF
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
tR4oCJN3SzQqVgNaeb4pbQtovHcWm38MO-UTCJJAI2AKZfDuxwWjOg==
x-seen-by
image-manipulator-7f98d79f5c-8m74j
9df86b_0949a001c4094dfaa50d8560cfcecbf2~mv2.png
static.wixstatic.com/media/9df86b_0949a001c4094dfaa50d8560cfcecbf2~mv2.png/v1/fill/w_83,h_76,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_0949a001c4094dfaa50d8560cfcecbf2~mv2.png/v1/fill/w_83,h_76,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_0949a001c4094dfaa50d8560cfcecbf2~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
db62221e21d98e7088d14aebb8313ecc4119a0da294de96d53449171b3b31d70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 09:14:31 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
12734
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2906
wix-tracer
2cZzpZomVABdxjKL2C0tQQ4HwoD
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
qhHV3s48pIl-djVlGk3536jruKaNFxi8iZgy6Gkxzhj8jCZrXVYb6g==
x-seen-by
image-manipulator-7f98d79f5c-rk6b9
9df86b_627a0a964c434d148cebbbd798050842~mv2.png
static.wixstatic.com/media/9df86b_627a0a964c434d148cebbbd798050842~mv2.png/v1/fill/w_49,h_39,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_627a0a964c434d148cebbbd798050842~mv2.png/v1/fill/w_49,h_39,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_627a0a964c434d148cebbbd798050842~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
dc45c440be48cb8fb60c0aea4ceb7b42227c525812eba5d38a19243315de7b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1152
wix-tracer
2cZtV6OQUUyByO5uGJEQPbdPSEe
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
Y5tzZNbXpMAGL7iaIalozG1JxCXSKtfcVYbDhpyfJ5U3hgnC3IlMIg==
x-seen-by
image-manipulator-7f98d79f5c-n9bp8
9df86b_7bca3aa65b974e64b9bd7f10f39c960b~mv2.png
static.wixstatic.com/media/9df86b_7bca3aa65b974e64b9bd7f10f39c960b~mv2.png/v1/fill/w_49,h_14,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		728 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_7bca3aa65b974e64b9bd7f10f39c960b~mv2.png/v1/fill/w_49,h_14,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_7bca3aa65b974e64b9bd7f10f39c960b~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
b7bc663726f5314c0308ab59039d0346c930869e335eb8352ef792a6bec1159a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
728
wix-tracer
2cZtV12HBQTVZb4pDiVM0UCDMNH
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
z6hREtlf1nae-B46sB3SvGLXX1NKVA4OSvQL_zx4hD_expzPWuP2fw==
x-seen-by
image-manipulator-7f98d79f5c-crwx8
9df86b_2863f039407e48b2ba25a5139c02dcd8~mv2.png
static.wixstatic.com/media/9df86b_2863f039407e48b2ba25a5139c02dcd8~mv2.png/v1/fill/w_48,h_37,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_2863f039407e48b2ba25a5139c02dcd8~mv2.png/v1/fill/w_48,h_37,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_2863f039407e48b2ba25a5139c02dcd8~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
7642c901398b5c33f0609a92f0111a143a70c195dc68d333ff5bc41a4282d76a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
832
wix-tracer
2cZtV8LwtMTC0wvJOU5Kc4Zqd1h
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
x5K9YHvgK4gTcWjVUgPuEyUjlHDp5Atb9NYtschrzaI_4DS9MMrzcQ==
x-seen-by
image-manipulator-7f98d79f5c-rg6t2
9df86b_5448662eaabc4f2d8a39a34dd771e1e6~mv2.png
static.wixstatic.com/media/9df86b_5448662eaabc4f2d8a39a34dd771e1e6~mv2.png/v1/fill/w_49,h_15,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		744 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_5448662eaabc4f2d8a39a34dd771e1e6~mv2.png/v1/fill/w_49,h_15,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_5448662eaabc4f2d8a39a34dd771e1e6~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
7d2ed3eb35d19cffa3732293ee3d0547b5cb6f1520d7a221c164839911e0b13c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
744
wix-tracer
2cZtV6TDfDOOLAOJBJn2FMMJCTS
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
yyvS8boOFOhCcgmL4yQubH6BCphhNQMTsDx6T_4QMqKMkwjfVHFtmw==
x-seen-by
image-manipulator-7f98d79f5c-t2n2t
9df86b_140ff887b03a4a02bbd18c310e940af6~mv2.png
static.wixstatic.com/media/9df86b_140ff887b03a4a02bbd18c310e940af6~mv2.png/v1/fill/w_89,h_15,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		758 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_140ff887b03a4a02bbd18c310e940af6~mv2.png/v1/fill/w_89,h_15,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_140ff887b03a4a02bbd18c310e940af6~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
fee88ba6fbff556e8725803954fafc90ffd2b0017bd82109159488bdf91ecaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
758
wix-tracer
2cZtV3MtzBMb8E4flPEDKioVhW6
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
fhPwXrhBIt05Xnt6QOyLDtQfm-NULUXTpTaPN5JXILA_Yr3kZb6ugA==
x-seen-by
image-manipulator-7f98d79f5c-7bf67
9df86b_daef0d580c9141fc93ea4983942d7104~mv2.png
static.wixstatic.com/media/9df86b_daef0d580c9141fc93ea4983942d7104~mv2.png/v1/fill/w_49,h_16,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		766 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_daef0d580c9141fc93ea4983942d7104~mv2.png/v1/fill/w_49,h_16,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_daef0d580c9141fc93ea4983942d7104~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
1bc31f4c224bcefad58dfd10d68b222eefec7185ac9a76280f6edde381c0e947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
766
wix-tracer
2cZtV187Ca0xe5muXluoTxPo0XR
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
oRrH-6uzWg0VQJo7XZJA-MMwu_A0vKE4MyHXtZIPbLmES135kGwgrA==
x-seen-by
image-manipulator-7f98d79f5c-97jzl
9df86b_49bbc8ed25634c1a8ab06077896186f1~mv2.png
static.wixstatic.com/media/9df86b_49bbc8ed25634c1a8ab06077896186f1~mv2.png/v1/fill/w_86,h_42,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_49bbc8ed25634c1a8ab06077896186f1~mv2.png/v1/fill/w_86,h_42,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_49bbc8ed25634c1a8ab06077896186f1~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
7dee103a9b010862fad14d3ca17d43045e34c33aa956b879c016bcf01855526b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1426
wix-tracer
2cZtV87J8DuWn1XxVal5hJCKyej
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
wOWmzqm6wwJKZbDkI_YSsbgrKcvqpt1sQIvxTq85y_yJ-fRJbFdvyg==
x-seen-by
image-manipulator-7f98d79f5c-w4ckj
9df86b_339abbe99ba947b98b368cdc451e45b7~mv2.png
static.wixstatic.com/media/9df86b_339abbe99ba947b98b368cdc451e45b7~mv2.png/v1/fill/w_86,h_42,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_339abbe99ba947b98b368cdc451e45b7~mv2.png/v1/fill/w_86,h_42,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_339abbe99ba947b98b368cdc451e45b7~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
a069b833f01dec640b150c810c23602c30b28e1e105a24a7898ce2e82d4daed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1232
wix-tracer
2cZtV29dHrsEov0lHOs3wOQko98
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
JgSPX2yz7G3PFUB1dJ7sWh3M6PYRxPnNR80uRvuZjxmmXV7HHYaFNg==
x-seen-by
image-manipulator-7f98d79f5c-hnwq6
9df86b_712847b963e8445a86892de48d5fc40c~mv2.png
static.wixstatic.com/media/9df86b_712847b963e8445a86892de48d5fc40c~mv2.png/v1/fill/w_49,h_17,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		786 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_712847b963e8445a86892de48d5fc40c~mv2.png/v1/fill/w_49,h_17,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_712847b963e8445a86892de48d5fc40c~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0f4a52d744f7ff520ff78cf89a90efcb7265c802cc82be14be98dbf6a9bf03cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
786
wix-tracer
2cZtV0olcJAXo8oZKShTQktxXQW
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
T5pOPAbIwpMxmU4Nj0PNGoWk-ZDAaXIRvvgk5WEg7VQbahdKPn1gMg==
x-seen-by
image-manipulator-7f98d79f5c-snddl
9df86b_a55269b960fd45488cc7a6eb095ddc1e~mv2.png
static.wixstatic.com/media/9df86b_a55269b960fd45488cc7a6eb095ddc1e~mv2.png/v1/fill/w_89,h_15,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		770 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_a55269b960fd45488cc7a6eb095ddc1e~mv2.png/v1/fill/w_89,h_15,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_a55269b960fd45488cc7a6eb095ddc1e~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
942df77a523b862efe94e46df5848f10d0e8ce4cd0322b82430ff6fb055df013

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
770
wix-tracer
2cZtV6nxnKkmnLqiOriCgNmGNre
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
Ge2iuUIqF26xqUv1nxgIzXm9oZMMMFcKn-_DWQZHJBYgBD-7w5TPnw==
x-seen-by
image-manipulator-7f98d79f5c-gvzcw
9df86b_2e258652047e4e75918bc3c747245fc6~mv2.png
static.wixstatic.com/media/9df86b_2e258652047e4e75918bc3c747245fc6~mv2.png/v1/fill/w_49,h_19,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		770 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_2e258652047e4e75918bc3c747245fc6~mv2.png/v1/fill/w_49,h_19,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_2e258652047e4e75918bc3c747245fc6~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
dcb698305f87582f6329d73ed4773f225970ac9d8dcd054285cfb4debe9d87cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:28 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15857
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
770
wix-tracer
2cZtV6wiyqRGV3nSLdUnEOopXZf
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
fSt_74XppuWr6DaepH47mC93sERnaXGNTJeyVNdPRYmdGJmXbq5yPg==
x-seen-by
image-manipulator-7f98d79f5c-q6xwr
9df86b_955252bab49d486c859c8c551649eb39~mv2.png
static.wixstatic.com/media/9df86b_955252bab49d486c859c8c551649eb39~mv2.png/v1/fill/w_49,h_21,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		580 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_955252bab49d486c859c8c551649eb39~mv2.png/v1/fill/w_49,h_21,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_955252bab49d486c859c8c551649eb39~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
569057a73fb81e4a8d5b48c985ba6defc215ad6be0d40295fa3a8108507e7fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:29 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15856
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
580
wix-tracer
2cZtV5PSPfRRxkZJ3n7szcwom5e
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
dGUCMTNSrZDzx-An-VTpJfz0yK65z1YYvA4hEq14dSVE9Kp5z9YuhA==
x-seen-by
image-manipulator-7f98d79f5c-7mmb8
9df86b_aba9376eaf9e40329854ef7b757cd706~mv2.png
static.wixstatic.com/media/9df86b_aba9376eaf9e40329854ef7b757cd706~mv2.png/v1/fill/w_49,h_20,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		582 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_aba9376eaf9e40329854ef7b757cd706~mv2.png/v1/fill/w_49,h_20,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_aba9376eaf9e40329854ef7b757cd706~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
38fee7a7262d0e30cad23048ea0e80ee4a6c7494e9b2bd31cc74f16808e27dcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:29 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15856
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
582
wix-tracer
2cZtVFwnwIwBUdRhnbby5zWickg
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
RaH8HZOW4q2dTrrC6f6S5DTdmHvJb7njU9QIQvfHPU5TqAyIWZm0KQ==
x-seen-by
image-manipulator-7f98d79f5c-9smqb
9df86b_3baeccdef0274ea6bd19cdb1555844e9~mv2.png
static.wixstatic.com/media/9df86b_3baeccdef0274ea6bd19cdb1555844e9~mv2.png/v1/fill/w_49,h_22,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/ 		738 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_3baeccdef0274ea6bd19cdb1555844e9~mv2.png/v1/fill/w_49,h_22,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/9df86b_3baeccdef0274ea6bd19cdb1555844e9~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
9a558d221537357fb9551abb67dfa984cbdef93486681ac7a41a8c9bb3dd0b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:29 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15856
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
738
wix-tracer
2cZtVFSjQOdKPIib0FzLcudsWjb
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
dFHEhliYrRmWT2itF8id3h4EXqQSo9ZeVbTaG5bbia0_mMC9-XGjgA==
x-seen-by
image-manipulator-7f98d79f5c-nbk5c
thunderbolt
siteassets.parastorage.com/pages/pages/ 		129 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221053%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2225%22%2C%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221546%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.mlUtilsImport%3Atrue%2Cspecs.thunderbolt.useRefDisplayCssVar%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.2934.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_changeMinBreakpointValue%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_removePageDataUnderTranslations%2Cdm_stripColumnsContainerScreenInBehaviorsFixer&externalBaseUrl=https%3A%2F%2Fwww.alteredsecurity.com&fileId=17a3c621.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=en&languageResolutionMethod=QueryParam&metaSiteId=17d55ce8-425c-4842-8aad-a18ee5d889fb&migratingToOoiWidgetIds=1380bbc4-1485-9d44-4616-92e36b1ead6b%2C14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-features&originalLanguage=en&pageId=9596c6_90b3d98a0874d0f66f537af00e7162d4_2748.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=327b0294-2ee3-49fa-8e7a-491f22c6d1c0&siteRevision=2748&staticHTMLComponentUrl=https%3A%2F%2Fwww-alteredsecurity-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
1c1ec673002d33d2fa2f9aa01f861cb2be1be8f777009bf8a710e5d8a9f2be3e

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 07:45:04 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
age
18101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-wix-request-id
1708328704.9583771250821822356
server
Pepyaka/1.19.10
etag
W/"202c4-70zvyb/FREY4A5Hc+hkclnLFmPY"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
257132799 220328187, 837917559 787245443, 883562120
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
content-type
application/json
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377MgboBQKyB2cy+aZvw1lxd,ZUT6NeJ/NsDmQ9DMGnwT1Mx3e0kIKpTXVdpZBbexn4FdYwKl4ufXgkvp8MQJNJ+d
thunderbolt
siteassets.parastorage.com/pages/pages/ 		46 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221053%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2225%22%2C%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221546%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.mlUtilsImport%3Atrue%2Cspecs.thunderbolt.useRefDisplayCssVar%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.2934.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_changeMinBreakpointValue%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_removePageDataUnderTranslations%2Cdm_stripColumnsContainerScreenInBehaviorsFixer&externalBaseUrl=https%3A%2F%2Fwww.alteredsecurity.com&fileId=17a3c621.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=en&languageResolutionMethod=QueryParam&metaSiteId=17d55ce8-425c-4842-8aad-a18ee5d889fb&migratingToOoiWidgetIds=1380bbc4-1485-9d44-4616-92e36b1ead6b%2C14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-features&originalLanguage=en&pageId=9596c6_e26a54152bb90a96bd3c6563c821c9bc_2746.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=327b0294-2ee3-49fa-8e7a-491f22c6d1c0&siteRevision=2748&staticHTMLComponentUrl=https%3A%2F%2Fwww-alteredsecurity-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.0 /
Resource Hash
ee07c21eb9e3ba7afbc5de14064428393a171ca74cd500c98b072aae2eca5ff6

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:54:17 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
age
13948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8714
x-wix-request-id
1708332857.7654971014268167540
server
Pepyaka/1.19.0
etag
W/"b6d8-bWo9RQOMiZKi8JjRdX93KxpamPg"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
838035786 835086069, 861647041 797237180, 652347721
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
content-type
application/json
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375doDcb+JuzLucmWkKUGZxh,ZUT6NeJ/NsDmQ9DMGnwT1CIjmOzmapZydGfiqJCxYjxGm22l4sMMyE0/ceb+9yL4
thunderbolt
siteassets.parastorage.com/pages/pages/ 		10 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221053%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2225%22%2C%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221546%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.mlUtilsImport%3Atrue%2Cspecs.thunderbolt.useRefDisplayCssVar%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.2934.0&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_changeMinBreakpointValue%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_removePageDataUnderTranslations%2Cdm_stripColumnsContainerScreenInBehaviorsFixer&externalBaseUrl=https%3A%2F%2Fwww.alteredsecurity.com&fileId=1e1c1fae.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=en&metaSiteId=17d55ce8-425c-4842-8aad-a18ee5d889fb&migratingToOoiWidgetIds=1380bbc4-1485-9d44-4616-92e36b1ead6b%2C14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-platform&originalLanguage=en&pageId=9596c6_90b3d98a0874d0f66f537af00e7162d4_2748.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=327b0294-2ee3-49fa-8e7a-491f22c6d1c0&siteRevision=2748&staticHTMLComponentUrl=https%3A%2F%2Fwww-alteredsecurity-com.filesusr.com%2F&viewMode=desktop
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
16558e404589538717c2b06a0d3ab02862a1a89b82fd09fc1720d5563cae28ef

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 07:45:05 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
age
18100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2414
x-wix-request-id
1708328705.2903785618833115678
server
Pepyaka/1.19.10
etag
W/"293c-im/DUXRu4pfOAXUcX+Oe+m8/Vd8"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
260588885 283744376, 1036866867 993160689, 530147117
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
content-type
application/json
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375iK9ipUuWu57EktsrV6pBx,ZUT6NeJ/NsDmQ9DMGnwT1DZe7saXJrqXI/cbJwRhqu7nC3aU3eD2HBz2L1HK3V0l
thunderbolt
siteassets.parastorage.com/pages/pages/ 		18 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221053%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2225%22%2C%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221546%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.mlUtilsImport%3Atrue%2Cspecs.thunderbolt.useRefDisplayCssVar%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.2934.0&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_changeMinBreakpointValue%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_removePageDataUnderTranslations%2Cdm_stripColumnsContainerScreenInBehaviorsFixer&externalBaseUrl=https%3A%2F%2Fwww.alteredsecurity.com&fileId=1e1c1fae.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=en&metaSiteId=17d55ce8-425c-4842-8aad-a18ee5d889fb&migratingToOoiWidgetIds=1380bbc4-1485-9d44-4616-92e36b1ead6b%2C14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-platform&originalLanguage=en&pageId=9596c6_e26a54152bb90a96bd3c6563c821c9bc_2746.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11770.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=327b0294-2ee3-49fa-8e7a-491f22c6d1c0&siteRevision=2748&staticHTMLComponentUrl=https%3A%2F%2Fwww-alteredsecurity-com.filesusr.com%2F&viewMode=desktop
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.0 /
Resource Hash
5d66a66737f512434bce7959caf1972ee0cf767b57eb49bdeeaae815d786d4d8

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:54:17 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0),1.1 varnish (Varnish/6.0), 1.1 google
age
13948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3219
x-wix-request-id
1708332857.7894971078614157541
server
Pepyaka/1.19.0
etag
W/"46e6-bNy32OAjz9xOgYXu90TXgukNE7Y"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
868654488 873169738, 939554958 1057959741, 909443414
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
content-type
application/json
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375doDcb+JuzLucmWkKUGZxh,ZUT6NeJ/NsDmQ9DMGnwT1IZznndW0TCF2d09XsbxCxuQJ8cPH27e2VpbAR6tgsG3
d513e15e-8f35-4129-ad05-481815e52625.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/d513e15e-8f35-4129-ad05-481815e52625.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
9c9224b0743c9ae4c456fdb5a45303c1110253b1a88f6d143cedf2b4acb9032e

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
bXTlr_GbZMylwgMdVneu96vaI.2aONgN
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 01 Feb 2024 23:34:31 GMT
age
1516334
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17176
x-wix-request-id
1706830471.54121071928632224213
last-modified
Tue, 17 Apr 2018 11:10:59 GMT
server
Pepyaka/1.19.10
etag
"b6efd05c765793d0613d4c65585e8edb-1"
access-control-max-age
3000
access-control-allow-methods
GET,GET, OPTIONS, POST
x-varnish
709768071 651022396
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
z9rX03Xuz9ZNHTMg1_ghGRUOjZSKWg4xBWp_C_qQx0o.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/worksans/v3/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/worksans/v3/z9rX03Xuz9ZNHTMg1_ghGRUOjZSKWg4xBWp_C_qQx0o.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
443c894d3780f5b7513455a54a1cb12d9b3a784ac48fd4695f2639a51b356050

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:27:50 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
age
533935
x-cache-status
HIT
x-envoy-upstream-service-time
156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30000
x-wix-request-id
1707812870.7813079591475822356
server
Pepyaka/1.19.10
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
287192276 240706265
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
file.woff2
static.wixstatic.com/ufonts/592466_00d4d4832a3c4ce4b3c0804a67d11c12/woff2/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/ufonts/592466_00d4d4832a3c4ce4b3c0804a67d11c12/woff2/file.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
f494cbfac95eee04dd6cd6cc4117be81a17b34165dbf462423fb3450822efead

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-seen-by
gcp.us-central-1.media-router-f89dc7b48-9ljqt
date
Wed, 15 Nov 2023 16:51:04 GMT
via
1.1 google, 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
8279741
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17528
last-modified
Wed, 01 Dec 2021 21:48:21 GMT
server
openresty/1.21.4.1
etag
"6baff58df4a5e690974224a9e214e7ac"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RWSqiXNtFqI6ivviz0tVpYFg_Daro4Q7I3ZrAbfFG1bf1lTl6yEtNw==
expires
Wed, 15 Nov 2023 17:51:04 GMT
file.woff2
static.wixstatic.com/ufonts/592466_650d7e012236488db069f849a059607b/woff2/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/ufonts/592466_650d7e012236488db069f849a059607b/woff2/file.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
2b29118b324cc7264f9627c719416f0116067618ded742e2c07fefa4838c1044

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-seen-by
gcp.us-central-1.media-router-f89dc7b48-qd2ts
date
Wed, 15 Nov 2023 16:51:04 GMT
via
1.1 google, 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
8279741
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17424
last-modified
Wed, 01 Dec 2021 21:48:36 GMT
server
openresty/1.21.4.1
etag
"a48c1fc5a4b2e5f12bb2a2e38aa8b4e8"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RurGT4nh-DVifF7evAi-BRAeaoiHJ9pLVIYShD5QGtI3iUz42KkyDw==
expires
Wed, 15 Nov 2023 17:51:04 GMT
file.woff2
static.wixstatic.com/ufonts/592466_9b55a1a215aa4cd1a2a3e468d5469822/woff2/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/ufonts/592466_9b55a1a215aa4cd1a2a3e468d5469822/woff2/file.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e4c2622810530874b9cd86eb2f9ba47ca40fb57e9aaf2308f7a9a7460f974e38

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-seen-by
gcp.us-central-1.media-router-f89dc7b48-zjlb8
date
Wed, 07 Feb 2024 15:16:26 GMT
via
1.1 google, 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1027819
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17452
last-modified
Wed, 01 Dec 2021 21:49:57 GMT
server
openresty/1.21.4.1
etag
"a87444445ace7546c9e17f4f8c61258c"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ZByFGNSy2NOHttuAbuCYWDcjX-c7gQ_kqwsYuFGeNkCq2vL-8wQzBA==
expires
Wed, 07 Feb 2024 16:16:26 GMT
4udXuXg54JlPEP5iKO5AmRUOjZSKWg4xBWp_C_qQx0o.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/worksans/v3/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/worksans/v3/4udXuXg54JlPEP5iKO5AmRUOjZSKWg4xBWp_C_qQx0o.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
581cc6dc537f3ae479077588bfd1ae2aad1f4e771f86230d76494a4a4d8abf07

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 03:09:17 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
age
639448
x-cache-status
HIT
x-envoy-upstream-service-time
111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30328
x-wix-request-id
1707707357.4092967673329810171
server
Pepyaka/1.19.10
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
335922069 293915251
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
file.woff2
static.wixstatic.com/ufonts/5216cb_e527d50c4e1042d4b5738b23b079e2b7/woff2/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/ufonts/5216cb_e527d50c4e1042d4b5738b23b079e2b7/woff2/file.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
b7e25239d326c22d1791622e6766efe171323091bebc8763f16d8906bb1d832d

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-seen-by
gcp.us-central-1.media-router-f89dc7b48-2gb5w
date
Wed, 15 Nov 2023 16:51:05 GMT
via
1.1 google, 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
8279740
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17608
last-modified
Thu, 01 Sep 2022 15:51:59 GMT
server
openresty/1.21.4.1
etag
"5d3658aa910a99219d1a8278116fea97"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
f_pZTyBpyAF2S6Z78YwJT8p9RlxCEUg5_XqgvL_8vWavk9oWYpgyxA==
expires
Wed, 15 Nov 2023 17:51:05 GMT
0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
ZJhEgw5338rDGW18OcyggGHIv4bi5qCO
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Tue, 06 Feb 2024 20:32:00 GMT
age
1095285
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17216
x-wix-request-id
1707251520.4722507819418529856
last-modified
Tue, 17 Apr 2018 11:11:01 GMT
server
Pepyaka/1.19.10
etag
"ef4257ccfa0fce4d914b23a28aa6fdf4-1"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
504144265 451436556
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
thunderbolt-commons.587aa77c.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		83 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-commons.587aa77c.bundle.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
ce79ff909d52dce29155d9ac9c8bf33b6b2aa4ea7238e7d19653f32ae21a1450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
pw1uGJoWx57rRydXqNYkhID85w3kItDr
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sat, 17 Feb 2024 07:43:38 GMT
age
190987
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25325
x-wix-request-id
1708155818.7403550206964262144
last-modified
Thu, 15 Feb 2024 10:44:56 GMT
server
Pepyaka/1.19.10
etag
W/"162a9d65637f69d5ff800b59458c93c5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
78698897 929069820
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
main.317a27be.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		170 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
1db8756ea682d4ffab6326da075c769dde88183a52253a108488a5855463acfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
kq9prmTiJB5.3mwbgZxJ4GaxsICk.WUv
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sat, 17 Feb 2024 07:43:38 GMT
age
190987
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46027
x-wix-request-id
1708155818.739357133949875676
last-modified
Sat, 17 Feb 2024 02:35:30 GMT
server
Pepyaka/1.19.10
etag
W/"b407552cbd092fbddca1790a58a5eeec"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
775847102 767659561
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
lodash.min.js
static.parastorage.com/unpkg/lodash@4.17.21/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/lodash@4.17.21/lodash.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 22:29:27 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
age
1001838
x-amz-server-side-encryption
AES256
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25102
x-wix-request-id
1707344967.3592622257759229856
last-modified
Mon, 15 Jan 2024 16:12:19 GMT
server
Pepyaka/1.19.10
etag
W/"9becc40fb1d85d21d0ca38e2f7069511"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
65496046 986746567
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
react.production.min.js
static.parastorage.com/unpkg/react@16.14.0/umd/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/react@16.14.0/umd/react.production.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 22:29:27 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
age
1001838
x-amz-server-side-encryption
AES256
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4703
x-wix-request-id
1707344967.58926131042461516639
last-modified
Sun, 04 Feb 2024 01:06:52 GMT
server
Pepyaka/1.19.10
etag
W/"63d498e143f421cc44dfb64f22fef270"
access-control-max-age
3000
access-control-allow-methods
GET,GET, OPTIONS, POST
x-varnish
765694472 440028030
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
react-dom.production.min.js
static.parastorage.com/unpkg/react-dom@16.14.0/umd/ 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:35:53 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
age
533452
x-amz-server-side-encryption
AES256
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36048
x-wix-request-id
1707813353.6323091740111410171
last-modified
Wed, 07 Feb 2024 05:34:27 GMT
server
Pepyaka/1.19.10
etag
W/"c5abc87541fe6bb0f43f22af475a8b20"
access-control-max-age
3000
access-control-allow-methods
GET,GET, OPTIONS, POST
x-varnish
371773482 1073391667
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
bt
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_hit&dc=84&microPop=fastly_g&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&pn=1&sessionId=9c7ff12a-04c9-47c3-89f8-d819d5456b2f&siterev=2748-__siteCacheRevision__&st=2&ts=165&tts=289&url=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&v=1.13603.0&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&_brandId=wix
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:45 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bt
frog.wix.com/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_hit&dc=84&microPop=fastly_g&et=12&event_name=Partially%20visible&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&pn=1&sessionId=9c7ff12a-04c9-47c3-89f8-d819d5456b2f&siterev=2748-__siteCacheRevision__&st=2&ts=166&tts=290&url=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&v=1.13603.0&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&_brandId=wix
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:45 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bolt-performance
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&microPop=fastly_g&is_cached=true&msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&session_id=9c7ff12a-04c9-47c3-89f8-d819d5456b2f&ish=true&isb=true&isbr=plugins-extra&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&caching=hit,hit_hit&pv=visible&pn=1&v=1.13603.0&url=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&st=2&ts=1&tsn=125&name=partially_visible&duration=1708346805337&pageId=tvmm2&isSuccessfulSSR=true
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:45 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
siteTags.bundle.min.js
static.parastorage.com/services/tag-manager-client/1.827.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/tag-manager-client/1.827.0/siteTags.bundle.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
86e9b3587c8419756abe19dac3aa42a054d28b11f56d27912acfb2053781df82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
x8S3djfKGKU12oNJLLPX_mInfKaFhg6j
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 13:02:00 GMT
age
344685
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2890
x-wix-request-id
1708002120.7623367038364215676
last-modified
Wed, 14 Feb 2024 15:52:53 GMT
server
Pepyaka/1.19.10
etag
W/"a76f370ea20b812382ebe915671e3e24"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
531871974 943634709
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
wix-perf-measure.umd.min.js
static.parastorage.com/services/wix-perf-measure/1.1095.0/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-perf-measure/1.1095.0/wix-perf-measure.umd.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
d_65nj5pIwn6CoD0aRGfXMjjwX8shxmq
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Mon, 05 Feb 2024 16:09:56 GMT
age
1197409
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11261
x-wix-request-id
1707149396.3072380693473816640
last-modified
Mon, 02 Oct 2023 07:39:57 GMT
server
Pepyaka/1.19.10
etag
W/"5e646fa090a760653cfa56c727bb5a13"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
786220622 656664621
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
clientWorker.00e0ede2.bundle.min.js
www.alteredsecurity.com/_partials/wix-thunderbolt/dist/ 		495 KB
137 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.alteredsecurity.com/_partials/wix-thunderbolt/dist/clientWorker.00e0ede2.bundle.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
980cad68d51ad49cf44dfe4634caac37fd9f81ed34fa614dc5c497ec43ce5b0c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
MJhKdmFzAAeSkawsAoeMoQVa1lmU0NDa
content-encoding
br
x-content-type-options
nosniff
date
Mon, 19 Feb 2024 12:46:45 GMT
via
1.1 google
strict-transport-security
max-age=300
age
218728
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
REPLICA
server-timing
cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140366
x-served-by
cache-fra-eddf8230043-FRA
x-wix-request-id
1708249620.27910178887097713192
last-modified
Fri, 16 Feb 2024 23:54:20 GMT
server
Pepyaka/1.21.6
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
etag
W/"63801be8ed6a8100e51ec98132bd53b4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
yvSunuo/8ld62ehjr5B7kA==
11062b_2533d1d4c31245408717d17b946bc8d8~mv2.png
static.wixstatic.com/media/11062b_2533d1d4c31245408717d17b946bc8d8~mv2.png/v1/fill/w_25,h_25,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		724 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/11062b_2533d1d4c31245408717d17b946bc8d8~mv2.png/v1/fill/w_25,h_25,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/11062b_2533d1d4c31245408717d17b946bc8d8~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
af08c408155dd6d67cef14cd7ff1a9b54f197bd3b229bcc78c259d78aff0ba1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 15:11:36 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1028108
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
724
wix-tracer
2c2nm4SK32qPGMY0QhkRfBta02q
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
tk03BrcKlc7nxAmZmHh6t2NEt_fqiO3ptXd7Kekes-kIPcMXjIYg6A==
x-seen-by
image-manipulator-7f98d79f5c-8b9w2
11062b_7dcffe5daf2944b7be0a46ac6d472634~mv2.png
static.wixstatic.com/media/11062b_7dcffe5daf2944b7be0a46ac6d472634~mv2.png/v1/fill/w_25,h_25,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/11062b_7dcffe5daf2944b7be0a46ac6d472634~mv2.png/v1/fill/w_25,h_25,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/11062b_7dcffe5daf2944b7be0a46ac6d472634~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e406993e0cce3e17d0cb3b882c179ce5cf4e724db064895c3a258cf5bba036ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 15:12:53 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1028032
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
732
wix-tracer
2c2nvkT6TfUG03VtAGJva96cFAh
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
7SBd9P0brAf6JM8ZjKgVrJFXPfCM6Kdcpuxo_WEyW5OESk6VWJdX5w==
x-seen-by
image-manipulator-7f98d79f5c-kklgg
11062b_06b8fba6b104430da4abdb0c1ac35673~mv2.png
static.wixstatic.com/media/11062b_06b8fba6b104430da4abdb0c1ac35673~mv2.png/v1/fill/w_25,h_25,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		754 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/11062b_06b8fba6b104430da4abdb0c1ac35673~mv2.png/v1/fill/w_25,h_25,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/11062b_06b8fba6b104430da4abdb0c1ac35673~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
ec4d78969b4b9138cb5168fa6b6aef9d8eca32a12004e1897da3544f1a3e5b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 15:11:36 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1028109
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
754
wix-tracer
2c2nm8ZnzjoBazfRtCP5npzVJI2
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
VPgaxNkX7XtiQ-eM9aPfcB0e98fQbF9bX0fZqd-P61XsRahF6zuxiw==
x-seen-by
image-manipulator-7f98d79f5c-mflvd
AATXAJxk1OOMMmHIMTFgAI23AvrpVrhZGrfGOZkonXZk=s96-c
lh3.googleusercontent.com/a/ 		800 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/a/AATXAJxk1OOMMmHIMTFgAI23AvrpVrhZGrfGOZkonXZk=s96-c
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
091c0e2fe196a438759d5014383ed0f659a13e1b557eb6fa776f4f27a82ed12f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 10:02:57 GMT
x-content-type-options
nosniff
server
fife
age
9828
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
800
x-xss-protection
0
expires
Tue, 20 Feb 2024 10:02:57 GMT
9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png
static.wixstatic.com/media/9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png/v1/fill/w_480,h_546,al_c,lg_1,q_85,enc_auto/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png/v1/fill/w_480,h_546,al_c,lg_1,q_85,enc_auto/9df86b_f0e2e8d4d6224cfc82b9d284395f711e~mv2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
033843a981a66f4608cf451831c0c99c1a3e3b4152a0058d1aae3f6e4a0d5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:22:42 GMT
via
1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
15843
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
77976
wix-tracer
2cZtWpzcM37Wbh0AzNDlDH1ZeYk
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
l6PqJMxhjcvYwaiFonZWXD359U5IK_PIeoDjYp1eauTfRsTvPDi34Q==
x-seen-by
image-manipulator-7f98d79f5c-8s89s
thunderbolt-components-registry.01bdd2cc.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
9443022a2ee238c7f73c8737951f224b770d292d16ed0ee5c2657a72f4583e1c

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
RBOj6RTNXLo36bxAw7Bg9TpJWvP1hB3W
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sat, 17 Feb 2024 12:10:21 GMT
age
174984
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21107
x-wix-request-id
1708171821.8463589958613245676
last-modified
Sat, 17 Feb 2024 02:35:31 GMT
server
Pepyaka/1.19.10
etag
W/"16e2ae430456450ceb06583924463ec3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
791296661 760472816
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
group_2.7bda241b.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_2.7bda241b.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
1bdb30e7ed4828a327b3c14c8ca0dc729b6d4c4b68be3bbda7758cac2b4e30df

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
cS7uX5L1ymyksic4eTe07Rgj3JCb3I4I
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9353
x-wix-request-id
1707637273.44328764221801422356
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"c8257724ac3c624445a460d158517fe1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
39077995 67974738
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
assetsLoader.d1a56644.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/assetsLoader.d1a56644.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
fe743dd3c450b9c6addb369e576cbe851f2939106088a9102a4bc48dd90cd3fa

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
jQGSIX3GxyUC6D6au1JfhD6I84jiJaDU
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Wed, 14 Feb 2024 12:45:11 GMT
age
432094
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1614
x-wix-request-id
1707914711.13732119857659722356
last-modified
Wed, 14 Feb 2024 11:39:21 GMT
server
Pepyaka/1.19.10
etag
W/"752a0e65d1bb900865546ddc54224655"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
639381827 434413964
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
group_3.d4b19820.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_3.d4b19820.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
011429ba3abdfdb73288b998da7a2f2338a9a5a0256e3fa8b183ea1a9aeaf274

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
yjasaRWMyCVtGagKlZddnvn_ZGZUlr9a
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20747
x-wix-request-id
1707637273.4502893845861115676
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"2d16252bcc5dd495dde22c7bd531ba2a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
273094589 220583963
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
group_7.5da085db.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_7.5da085db.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
b5e1d4d1da3696c5b231b69e2a897e941e37d9f67c574da6f9bd535b0efb9a3b

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
qnnOYYdvHAvEZsim8naxD9q0lca9KmmL
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20279
x-wix-request-id
1707637273.4582879808028222144
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"09cf3579ead885c273543332bf6f1067"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
273714805 226181183
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
group_4.07e0d8c8.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_4.07e0d8c8.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d8e022ee89fd0a9d94feadb8fb32f322654e935780116e61576ed5b1df07bcfa

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
.Lp1NGLGKq88KtajVWHkpRB8z7SmqrhL
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Wed, 14 Feb 2024 12:45:11 GMT
age
432094
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10465
x-wix-request-id
1707914711.13932124047011222357
last-modified
Wed, 14 Feb 2024 11:39:22 GMT
server
Pepyaka/1.19.10
etag
W/"43cbc0e8636e91c1199b4fe1117909a3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
23513467 8285390
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
group_5.56cb9583.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_5.56cb9583.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
17acf069d037a23a815c0494a8ba763382c3c6c5d2095bdb0f18885ffc013e4b

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
BCXp0MQWUEDlzk6Jz_cpvHOVzM37Wk9t
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10649
x-wix-request-id
1707637273.534289389975115676
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"cdc25771ce94c6114f3935543414ae1e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
104376844 69241679
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
group_44.519462ba.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_44.519462ba.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
03f37a69486257716ec8e9877d92ccdf12d96699e20d0b22f59f87d718b9aca6

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
0s6.pGNzi.CY0K7nY48c1Tej4Mi0p1gb
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:44:01 GMT
age
709364
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1370
x-wix-request-id
1707637441.3212887693921310172
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"94c61c9fe225f9086e6e8d7e051d0985"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1040555242 946806263
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
cyclicTabbing.47021c70.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		518 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/cyclicTabbing.47021c70.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
10e84acb1b806bb195c926ddd3fc1ed095231c229728b6ee11b07e25c1bc0114

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
DWzS_R5tCdEdRbOzmtBwHgdfXwIkFe_F
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
319
x-wix-request-id
1707637273.47228875380941210171
last-modified
Sat, 10 Feb 2024 10:50:25 GMT
server
Pepyaka/1.19.10
etag
W/"595dfd5fb954104248a97cd37455c824"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
273714809 226181192
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
environmentWixCodeSdk.22df4f14.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		562 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/environmentWixCodeSdk.22df4f14.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
831a7fc701a46f1f9afa8cbf7c2350da8cd2b92d122e5b99c974241c11d971bd

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
aowZgmO8Mk5oJVeR5B9EL1a._O8eftbG
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-wix-request-id
1707637273.47228875341242310171
last-modified
Sat, 10 Feb 2024 10:50:25 GMT
server
Pepyaka/1.19.10
etag
W/"dd92e307be56311956698191a6856995"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
721417334 689624541
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
group_20.e6d1e0cc.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_20.e6d1e0cc.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
aac87ff578c694a3b88b49b53abb3fe8131ebc21a1d69fd69d00b8176fbad404

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
NyWhtT8U5Na2_Gg_kMQdLFg7HMBXyQtA
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:44:01 GMT
age
709364
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2330
x-wix-request-id
1707637441.3312879909215272144
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"f0d7a44a95f04509ea010e66c08cf828"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
722700844 690829966
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
popups.408d7d12.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		381 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/popups.408d7d12.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d219937f9e52446b2a1d0effb5b405079fa0f726ecb269c6e559e640391ff4b6

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
GtSGNtHQKT4RjoWfiDjNaC5JvLQNtRxA
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:44:01 GMT
age
709364
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
381
x-wix-request-id
1707637441.330287999778532144
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
"929ebf4c330d4a238dab2cee9b7234cd"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1038593670 945899381
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
panorama.2ad69317.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		723 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/panorama.2ad69317.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d2daaa7dbe6e1cea2c841aceef88d3f638cd3ef17bd9d0db25d654e991f14b91

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
C89AKQ0pb2CUfH9KPAlei7rHOpeOYvxW
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
439
x-wix-request-id
1707637273.51128874640163410171
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"226affef1a59a5210eb22557abcdceeb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
273714819 220584039
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
routerFetch.e61ed916.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/routerFetch.e61ed916.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
422ce54f30bd1b6cf67e5d198c8e97b0b0aaa954c4e15bcd1ccb0a27e8776e25

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
p1hc6.TKIWOQ9cew7CAoAgF9rTyFOIo4
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:43:24 GMT
age
709401
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1109
x-wix-request-id
1707637404.335287997178522144
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"de26ffd992786ef24b46d8f81a9e3c7a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1039903943 944700422
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
group_6.0310931a.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		264 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_6.0310931a.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
7d48a83e037d64345822ee00d1cb44f65db12c542af4155af48b2227d484b70f

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
szqCoHf2PZOIhPLFbnpe0jqg7PruOXxa
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 15:33:02 GMT
age
681223
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61724
x-wix-request-id
1707665582.52229163131973622356
last-modified
Sun, 11 Feb 2024 15:29:41 GMT
server
Pepyaka/1.19.10
etag
W/"233e439608f1adde9150f9d34107c285"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
305464851
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm
siteMembersWixCodeSdk.0e49e83a.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembersWixCodeSdk.0e49e83a.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
8687d0473d31c7e44bfd371475cdd402e60c57426331d48ec0667305f660aad8

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
2rNsj1c6.VovgoRcs8bJYhn0xamdBgSq
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2872
x-wix-request-id
1707637273.51728764330681522356
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"98f82831d102d94b6e810472b8dfe9f5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
721417344 690765072
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
group_8.7ccda154.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_8.7ccda154.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
81a38fc96a80af06594264f09c76f3755fe296a865e694b4a62d3d6d00916602

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
IJYhmOkyFi7KvGTY3hHPgceOpFtS_QR4
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22224
x-wix-request-id
1707637273.5182893783907405676
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"1af2abf6770b2caee27166cba2c560e7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1038587879 944700427
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
passwordProtectedPage.22f9c359.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/passwordProtectedPage.22f9c359.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
ced388662a70d86ba66d24edd01a066ebc63676cb8d0c0b0252e3b0a64a61110

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
KeklNVc_ljRACe4lkKPskijAne2jaglr
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-wix-request-id
1707637273.519287987633832144
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"54183be1b7a50be9ab99187d780a84ad"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
262338810 193688028
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
siteMembers.cb4e9b02.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembers.cb4e9b02.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
6f82ef128d5560ccba2b98a4eca3bf4d5a7d20abf424784ce9e5272d21e79111

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
i8p510CfuOtRn3ChB08_pylYznZdqmmZ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2864
x-wix-request-id
1707637273.51728764107972622356
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"e990d4faecb6b7d6ac56d25beee476fe"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
384754908 329207938
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
tslib.inline.866596bb.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/tslib.inline.866596bb.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
b5f453fdd7b6005979edc60de0444c8253f434d28045d329ac3e558d22e3bbfe

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
88yqmSNg.x3lWytPAKYzisn0eaFh22.u
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1525
x-wix-request-id
1707637273.5182893731291525676
last-modified
Sat, 10 Feb 2024 10:50:28 GMT
server
Pepyaka/1.19.10
etag
W/"7c3fe1efad34519af3778c7e949e1724"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
410990997 330309708
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
tpaCommons.0710f749.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/tpaCommons.0710f749.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
a9a18a11661e42a038470d210bc303bb250d3735feb18409121f1cb6cc41cd80

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
WXXEpnUBnjCgTS09w9eVip8ezjGoXB6t
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1338
x-wix-request-id
1707637273.53428874640163510171
last-modified
Sat, 10 Feb 2024 10:50:28 GMT
server
Pepyaka/1.19.10
etag
W/"0981fd36673e9818639a903102caabae"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
721972330 690765075
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
group_22.d065ecf5.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_22.d065ecf5.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
67b9aa1069046042a0e4f67be64782e4a01b05388c426821555c7ffb233dcc20

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
XREdJbk.DnH3k8jbqo_gqfMJ4NKqf9AM
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:13 GMT
age
709532
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1032
x-wix-request-id
1707637273.51628875445581210171
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"0d7ec2a5da1c4ebb4cad49f5020f4ee0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
272075100 229837118
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
site-members
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/site-members?_msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&_av=thunderbolt-1.13603.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=466&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=aadeb69c-4886-495f-8c44-45f5abebbe27&_siteMemberId=undefined&bsi=bb75cb69-18a4-49b1-8adf-6d1a2248e7e8%7C1&src=5&evid=698&biToken=17d55ce8-425c-4842-8aad-a18ee5d889fb&context=undefined&ts=342&viewmode=undefined&visitor_id=aadeb69c-4886-495f-8c44-45f5abebbe27&site_member_id=undefined&site_settings_lng=en&browser_lng=en&lng_mismatch=false&layout=undefined&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17083468055150
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:45 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
17d55ce8-425c-4842-8aad-a18ee5d889fb
www.alteredsecurity.com/_api/tag-manager/api/v1/tags/sites/ 		1 KB
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.alteredsecurity.com/_api/tag-manager/api/v1/tags/sites/17d55ce8-425c-4842-8aad-a18ee5d889fb?wixSite=false&htmlsiteId=327b0294-2ee3-49fa-8e7a-491f22c6d1c0&language=en&partytown=false
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.827.0/siteTags.bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.21.6 /
Resource Hash
3a46bbf3f5bcf74dfc20c79fe7446c072976db4d9c7bfdda645be3f3a0606baf
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
accept-language
de-DE,de;q=0.9
authorization
wOgoEYCRppdqFa7OKcKoFt4yhXxlq9qkoH2ownt4SZc.eyJpbnN0YW5jZUlkIjoiMTdkNTVjZTgtNDI1Yy00ODQyLThhYWQtYTE4ZWU1ZDg4OWZiIiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiMTdkNTVjZTgtNDI1Yy00ODQyLThhYWQtYTE4ZWU1ZDg4OWZiIiwic2lnbkRhdGUiOiIyMDI0LTAyLTE5VDEyOjQ2OjQ1LjIxN1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImFhZGViNjljLTQ4ODYtNDk1Zi04YzQ0LTQ1ZjVhYmViYmUyNyIsInNpdGVPd25lcklkIjoiOTU5NmM2ODgtOGRlZC00YzhkLTg5NjMtNTAzNjVkNDZiZjVlIn0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

date
Mon, 19 Feb 2024 12:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=300
via
1.1 google
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-fra-eddf8230139-FRA
pragma
no-cache
x-wix-request-id
1708346805.54810432529881220458
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
server
Pepyaka/1.21.6
etag
W/"578-pPtxyZBFzFCb5Purr5oPjnxZf/k"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache
accept-ranges
bytes
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,yI4PPEXc3bvXNWfpzSkUarxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLqv1Icz/+auWkycB0m9nz7sFJmEKNgQ96+wiTVoMq713,++r5XCRb/6cYf+PEtyYPdOeVQVbrraLjUvf9P6SCU1SKwMme5Q5e2wAKfTGYlTWE7y8gHwe93g7TROnzJmIx+w==,l+530TFK1rlBxxxf9bWswgHHthfVxIsFZoHezF1afNc=,dTeg3NDJeVaMBj+zGd1Ytk4ycK6Pq7fZITIMFoV6P8c=,MDFDoTqjWxpWhAuWfTm+PM76audm7vIK/iYARIt3/5tsANGjr6f7ByceF0YxO+5BbNflDF5JKS25jQValdabpg==,dTeg3NDJeVaMBj+zGd1Ytk4ycK6Pq7fZITIMFoV6P8c=,TjPeXsdXGiMP3l0sPvQQux7aNGkkp+gn7cGffHKnTUU=,mvxQ9qSAmY38asKjFCcmG86wavToQIiY1LSiMA0o2dl2YM4nG7nPKHdEv6Ruv0ZggBkAFVrgx9LBsGfbiPY+EQ==,XnZq2n9sfRF5spkZfUX109NaHheYRBQBV3irk0ZiuDQ=,tznMqpp3e1oucszW+OT1FDNPTtlPzUpm/V6rcPHn+ExgCq9HxkYcYarLehwEsOwPwaG9GQF7qQCePWpzlmLmNY2XzC2mdvneEtiNTxZcSs4=
reporter-api.8c9339eb.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/reporter-api.8c9339eb.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d5e26abe8d831a5137c34643dc42cae32bb4a132f1bc50a9b048d0db6898f9c1

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
voTvKQNjIBAksyX1ES2kYCJ7Ucm9jUAg
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sat, 17 Feb 2024 12:10:22 GMT
age
174983
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7497
x-wix-request-id
1708171822.06035809886931110171
last-modified
Sat, 17 Feb 2024 04:57:37 GMT
server
Pepyaka/1.19.10
etag
W/"1c3125201639ec3e66310ce7dce3d0ca"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
476839816
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm
group_0.decc4f86.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		889 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_0.decc4f86.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
6a40d0d63af73c673c86ef9eeefa5f2475358d483cbc093a7b6019c729912f20

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
8gOqWOWhJdUFegZhuu_fdGW9VthToN4k
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:14 GMT
age
709531
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
413
x-wix-request-id
1707637274.1272893867965145676
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"f04ea08709e703cc62efe75f2cf9810a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1040140438 946083817
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt.manifest.min.json
static.parastorage.com/services/editor-elements/1.11770.0/ 		39 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements/1.11770.0/rb_wixui.thunderbolt.manifest.min.json
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
a242d91e5b47d220738f58e011fb96c4f6b4b15c74dec9e53bf09c6b2c3ab2c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
QkMN7IG_ZJla.TeKqxywFOrdF_tUpgC4
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 18 Feb 2024 09:53:53 GMT
age
96772
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9986
x-wix-request-id
1708250033.117368041438435676
last-modified
Sun, 18 Feb 2024 09:37:12 GMT
server
Pepyaka/1.19.10
etag
W/"f3bbc5af97a75e0b158478a058b43fa4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
199993269 197895674
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
rb_dsgnsys.thunderbolt.manifest.min.json
static.parastorage.com/services/editor-elements/1.11770.0/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements/1.11770.0/rb_dsgnsys.thunderbolt.manifest.min.json
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
81a52b42d113e37b869e2fe98e0d9d8c1723aee9206e6c55e9dc9602f8374eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
R6pRrejtPHlWMztFUZNSlqp2MG8w24eN
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 18 Feb 2024 09:53:53 GMT
age
96772
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1300
x-wix-request-id
1708250033.11636651504161822356
last-modified
Sun, 18 Feb 2024 09:37:12 GMT
server
Pepyaka/1.19.10
etag
W/"0803a68385dc16d3484392f39672e203"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
390242718 389067486
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt_bootstrap.00efd771.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap.00efd771.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
101d30a452d4e0e32e708626c40774b812542330232c8a9a568a3aa4c0c6d1e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
1G2iI4JpWjHkPOAfEWOjg0HuN.oan_3s
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Wed, 14 Feb 2024 09:02:38 GMT
age
445447
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14064
x-wix-request-id
1707901358.1513205982841175676
last-modified
Mon, 12 Feb 2024 14:19:52 GMT
server
Pepyaka/1.19.10
etag
W/"ae81555c531c4369bd879cd5c3b083e8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
454892780 222677994
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt_bootstrap-classic.bfe6609a.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-classic.bfe6609a.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
f185b914e5661fa018cc164babd227c9527d35144a2d68eb9008b457f5313801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
ORlT8OfA8KJQsF7a9Zf8KN6M6MK0SYWU
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 18 Feb 2024 15:20:03 GMT
age
77202
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12603
x-wix-request-id
1708269603.0163715421840195676
last-modified
Sun, 18 Feb 2024 13:37:12 GMT
server
Pepyaka/1.19.10
etag
W/"a05b2f183c74ccb7b2d530854aad5c55"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
409760718 408647141
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt_bootstrap-responsive.4b961fe0.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-responsive.4b961fe0.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
174984fd5a84a046a0293aff5b72fc285d64c7cc5255f7007f0452c82a02d325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
rrdMnYhMjK9CzaQFUTZwe_O2unOQ5hBr
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 01 Feb 2024 20:54:34 GMT
age
1525931
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6553
x-wix-request-id
1706820874.30120919533841222482
last-modified
Tue, 30 Jan 2024 15:16:20 GMT
server
Pepyaka/1.19.10
etag
W/"64360e613a80e5a77f11480913078e63"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
527521004 380740198
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
SD4GZYKvHSFVfpmrQnbkYaAZtIPEo2fx
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 01 Feb 2024 20:54:32 GMT
age
1525933
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1228
x-wix-request-id
1706820872.16520788028701212533
last-modified
Wed, 31 Jan 2024 14:22:06 GMT
server
Pepyaka/1.19.10
etag
W/"62bf38eeb5f26768463d6a50d5235f11"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
527810953 379010895
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[ClassicSection].f50546d7.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[ClassicSection].f50546d7.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.01bdd2cc.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
c439d15366002627225943c623e885ac62f68be8cb11062f31af1d7e30762560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
hf5rlvnH.7C8thu1FkCb.1MA_q03u89P
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Tue, 13 Feb 2024 08:35:51 GMT
age
533454
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4864
x-wix-request-id
1707813351.47430800207754122356
last-modified
Sun, 11 Feb 2024 10:45:45 GMT
server
Pepyaka/1.19.10
etag
W/"472344e20b3613916482e1cfbfd42e01"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
372529856 1073417623
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
group_27.629e3661.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		823 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_27.629e3661.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
820b1783992d8c408809d92b3db44bd892e31da622d2f34b6e72eab621a251cf

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
yFQ0MvZLltcnhU3DonPtTl7Snv2jG5l2
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Tue, 13 Feb 2024 08:44:59 GMT
age
532906
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
482
x-wix-request-id
1707813899.7243082143204102144
last-modified
Mon, 12 Feb 2024 10:44:29 GMT
server
Pepyaka/1.19.10
etag
W/"b55383d4bdccf01cbe371b2e5bd5b5a0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
374490161 166323660
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
group_14.0461f066.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_14.0461f066.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
43554141a6282a51a157ffac521ab994e5e7449c64f69ed49403dea6902f4851

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
ZmmkHwBPyNO.CGfX1PWB_eLtZFKLiUrJ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:14 GMT
age
709531
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1486
x-wix-request-id
1707637274.13028875427391010172
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"2c1f77a21ceabc76c4147d9959082bfc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
271028033 229934264
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
9764.fd6182af.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/9764.fd6182af.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
8e97e81e666eaa6f933aa8b427c92c2d7c8ba4b1944f513e5afb3f07a15f5767

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
ZSX9GAPpU_imS3eilu.Gk7zuuoH_vAdZ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:14 GMT
age
709531
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3805
x-wix-request-id
1707637274.13128764107972722356
last-modified
Sat, 10 Feb 2024 10:50:24 GMT
server
Pepyaka/1.19.10
etag
W/"2741bd982d2cbb03349ff79027f01a80"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1040140440 946447270
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
group_23.186aac85.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_23.186aac85.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
e64ae8c32045730a28e50c59d0b20c10e228e9014e1f053bbba63b174b51a9fa

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
ruRJOlOSGMF7hnppJH_1VGiS8eLCIA7p
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:14 GMT
age
709531
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2199
x-wix-request-id
1707637274.12928764221801622356
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"ff0125972750c55a0db81f4aa092c6c3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
273063076 229770408
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
group_28.d58bd156.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		722 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_28.d58bd156.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
adafa0d857fccaef98aad8766078b68833acc5b764144173959755769180afb2

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
9GJKvpWPUFldK8Jsw0enO15I4Ws88Dm7
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:42:23 GMT
age
709462
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
447
x-wix-request-id
1707637343.14228876087271010171
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"2aadc6b73a0c159db3121a328db0225c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
269496731 199275590
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
group_24.acc07343.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_24.acc07343.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d95cec2d9ee6ed71700aa2d9820fd37828c92df05008f0586963eb965488e510

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
V3YlC_uiDthZI0RRBkgzxGyY6SjejfnO
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:41:14 GMT
age
709531
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1170
x-wix-request-id
1707637274.1322876454213322356
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"3b329b69fffc1be170220766fcb35612"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
273063078 227518077
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
group_10.6a00a1bb.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		884 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_10.6a00a1bb.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
1da20d57b8b824d7bf1003ca15d4e728b9efad70f7765de941fdff2504cc1663

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
gy5N2PqpRtgZnVv6BHbQwul1H3Gv.v5R
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Tue, 13 Feb 2024 08:46:09 GMT
age
532836
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
529
x-wix-request-id
1707813969.667308220679372144
last-modified
Mon, 12 Feb 2024 10:59:19 GMT
server
Pepyaka/1.19.10
etag
W/"6f0e6786e67e0dcaa155c6a2b23bb4d1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
70677810 8814859
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
requirejs.min.js
static.parastorage.com/unpkg/requirejs-bolt@2.3.6/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-commons.587aa77c.bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:18:13 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
age
962912
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6191
x-wix-request-id
1707383893.07126540289893129856
last-modified
Thu, 24 Jan 2019 14:24:53 GMT
server
Pepyaka/1.19.10
etag
W/"18823f6a6d208ee1e361bb266ab794d5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1003420914 863257595
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
PostViewerWidgetNoCss.bundle.min.js
static.parastorage.com/services/communities-blog-ooi/1.1468.0/ 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/PostViewerWidgetNoCss.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
a49caaaf8c637e892a24a92fc2a1d4ca331ec874afd9afc40166970d3043ed0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
AWUZyj0iDrWeoNx.XOW9FWaFjY_sE9YC
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 11:53:24 GMT
age
348801
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292089
x-wix-request-id
1707998004.0753341111159822356
last-modified
Thu, 15 Feb 2024 08:52:11 GMT
server
Pepyaka/1.19.10
etag
W/"f8bfc72d6545af1d825341064e4ba8af"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
333289734 289394671
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
AS2.png
static.wixstatic.com/media/52db83_dd3dab7bcbdf45609df5faa9c62d9a54~mv2.png/v1/fill/w_48,h_34,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/52db83_dd3dab7bcbdf45609df5faa9c62d9a54~mv2.png/v1/fill/w_48,h_34,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/AS2.png
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:4a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
c4946a0aede12e3a6acf29da8c3bf44f25703cc14c79afa5187506f8297edb68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 10:48:03 GMT
via
1.1 google, 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
age
525522
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2394
wix-tracer
2cJESoK40VjXookobFJlLnH43iZ
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
XUQAviD450KD2lOKSkr9_MpqV30oo5fv5Xr5McXZueMtUaTVabG1dA==
x-seen-by
image-manipulator-7f98d79f5c-4qp4f
site.js
a.mailmunch.co/app/v1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/site.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.827.0/siteTags.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 18:39:32 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
65234
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8416
last-modified
Thu, 15 Feb 2024 13:22:46 GMT
server
AmazonS3
etag
"cc71207c9df9c9f0ee0441c7d254a8ac"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
yiZ_z1cz60vp_pl7cG1UH9pRF9oCjGGxCbciBM72dpQQAhRtredOqw==
pulse
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/pulse
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.alteredsecurity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:45 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bpm
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.alteredsecurity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:45 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 11:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 11:41:35 GMT
styles.css
a.mailmunch.co/app/v1/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/styles.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 02:22:12 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
123874
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Thu, 15 Feb 2024 13:22:52 GMT
server
AmazonS3
etag
"792c3c0b85ad58e3d8eecd6c05ef87bd"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
afL4P9p_tpgha7Ad-_xW6od1m0yZ6SfbUJCQjoX_-TtmRXlkvwi6AQ==
1028656
forms.mailmunch.co/sites/ 		130 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.mailmunch.co/sites/1028656
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.36.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-36-100.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
7d1275a5efe4967b0f293f59c50bf07770f93684092e389bd33f5bf540cfd8aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 12:46:46 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
X-Powered-By
Express
Etag
W/"82-gjGl/kjJBlKsru1FjVIv0yR/juA"
Vary
Accept-Encoding
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708346806&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=ca%2BwtUn%2B25rXj0x%2BkB2P1O1ExWV7W3Js7EUr10ns7c8%3D"}]}
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length
130
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1708346806&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=ca%2BwtUn%2B25rXj0x%2BkB2P1O1ExWV7W3Js7EUr10ns7c8%3D
settings-1708328377.json
a.mailmunch.co/forms-cache/1028656/ 		76 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/1028656/settings-1708328377.json
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9f96daa4216a7d9fa7e5b71e76f08799144ccac449e849ca2544cc02d2cb965

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 07:40:35 GMT
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
18372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
76
last-modified
Mon, 19 Feb 2024 07:39:47 GMT
server
AmazonS3
etag
"3cb429add38b2d3baec27a90b00409a7"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
accept-ranges
bytes
x-amz-cf-id
ZVOHjFaDoW1mFd8Eaty03A_y3CNAxDwK-EFlFiKoFuMW5qQXEnGLNA==
1696.dcf7a86e.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/1696.dcf7a86e.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
f081fbc73d7478c83c0d354d12d5496d87eafdf3d488a3c94fcbbed0bbfee748

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
SGK5S6QY1cfPbmRkj12m9wJ_4R1Lkl9E
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:44:01 GMT
age
709365
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12935
x-wix-request-id
1707637441.950287997630272144
last-modified
Sat, 10 Feb 2024 10:50:24 GMT
server
Pepyaka/1.19.10
etag
W/"9c7df2981d21fbb610c43aec2338b0f2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
400453363 235502622
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
seo-api.cc1e77c6.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/seo-api.cc1e77c6.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
0bac74aa5b8aac9b244a8258e11e830d2bed451731f016ae84f3bbea287c8a81

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
Z8lC5K_xwaRsZFlQYTQgagEFNLk6IGfC
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:44:01 GMT
age
709365
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10995
x-wix-request-id
1707637441.95028876744951110171
last-modified
Sat, 10 Feb 2024 10:50:26 GMT
server
Pepyaka/1.19.10
etag
W/"b6f528553ee125480fdd5ff30b39dde9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
409960018 330023278
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
static-page-v2-index.6421aedc.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/static-page-v2-index.6421aedc.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
a0d7c1ec8637c5de766768474dc6ca95f5aa5697e148df44a2d7d15a42ab74e7

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
L80QPD75PZ21IaudVRbOVW7_Pc_8PeVx
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:44:16 GMT
age
709350
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1005
x-wix-request-id
1707637456.09528765864911122356
last-modified
Sat, 10 Feb 2024 10:50:27 GMT
server
Pepyaka/1.19.10
etag
W/"75564371c76d9d6a50f22a75832dc64e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
410732979 330276218
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
blog-post-index.f4bbc6af.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/blog-post-index.f4bbc6af.chunk.min.js
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
da23285bdbbde3949073af5949788b0882b5d9c64bee8847e23c18f969b16870

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
Dus2jHH1vr93J8xDrC_on0g89rgObwEa
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Sun, 11 Feb 2024 07:46:08 GMT
age
709238
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3042
x-wix-request-id
1707637568.716289410522655676
last-modified
Sat, 10 Feb 2024 12:18:04 GMT
server
Pepyaka/1.19.10
etag
W/"f3671922904abf672c939f47e604b3f3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
1040657676 976083011
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
6748.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/147ea0a35a6b8ea6badd96d89d19674afd6a9d824aa9c70747b1ab03/client-viewer/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/147ea0a35a6b8ea6badd96d89d19674afd6a9d824aa9c70747b1ab03/client-viewer/6748.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1468.0/PostViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.106.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
200.106.96.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
dde9043382c6b12aabeb4658e224701c4f398bb286cf6354791ed28fb1971bb5

Request headers

Referer
https://www.alteredsecurity.com/
Origin
https://www.alteredsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
.uZc_axYzJXPg.PsA6ONuXUOu.TTS95B
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 google
date
Thu, 15 Feb 2024 10:51:36 GMT
age
352510
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9493
x-wix-request-id
1707994296.64333323085463622357
last-modified
Thu, 15 Feb 2024 08:31:21 GMT
server
Pepyaka/1.19.10
etag
W/"aebfe60ab2ad720db0b10fb0ce4fee30"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
928084321 913057011
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
bt
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_hit&dc=84&microPop=fastly_g&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&pid=tvmm2&pn=1&sar=1600x1200&sessionId=9c7ff12a-04c9-47c3-89f8-d819d5456b2f&siterev=2748-__siteCacheRevision__&sr=1600x1200&st=2&ts=1801&tts=1925&url=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&v=1.13603.0&vid=aadeb69c-4886-495f-8c44-45f5abebbe27&bsi=bb75cb69-18a4-49b1-8adf-6d1a2248e7e8|1&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&wor=1600x1200&wr=1600x1200&_brandId=wix
Requested by
Host: www.alteredsecurity.com
URL: https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
pa
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/pa?_msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&_av=thunderbolt-1.13603.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=1933&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=aadeb69c-4886-495f-8c44-45f5abebbe27&_siteMemberId=undefined&bsi=bb75cb69-18a4-49b1-8adf-6d1a2248e7e8%7C1&src=76&evid=1109&pid=tvmm2&pn=1&viewer=TB&pt=TPA&pa=14bcded7-0066-7c35-14d7-466cb3f09103&pti=post&uuid=9596c688-8ded-4c8d-8963-50365d46bf5e&url=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&ref=&bot=true&bl=en-US&pl=en-US%2Cen&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17083468069811
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
rich-editor
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/rich-editor?container=Blog&container_id=14bcded7-0066-7c35-14d7-466cb3f09103&container_platform=Livesite&container_usage=Post&post_id=a68687a9-33c4-4559-acd2-a883b19df7bc&rce_session_id=0444e279-e2be-44e9-8a63-17a7e323f9e9&msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&wixRicosVersion=2.1460.0&_brandId=wix&_siteBranchId=undefined&_ms=1935&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&src=116&evid=15&preview=false&postURL=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&version=9.17.4&content_id=ff2204e1-e394-48e8-9e81-bbc88ff257ae&pluginsCount=%7B%22header-three%22%3A6%2C%22wix-draft-plugin-image%22%3A21%2C%22header-four%22%3A5%2C%22header-six%22%3A6%2C%22code-block%22%3A5%2C%22LINK%22%3A32%2C%22wix-draft-plugin-emoji%22%3A2%7D&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17083468069840
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/147ea0a35a6b8ea6badd96d89d19674afd6a9d824aa9c70747b1ab03/client-viewer/6748.chunk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
pulse
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/pulse
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.alteredsecurity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bpm
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.alteredsecurity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bpm
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm?_msid=17d55ce8-425c-4842-8aad-a18ee5d889fb&vsi=fc483ba2-4129-4d98-a8dc-31b4567134e8&_av=thunderbolt-1.13603.0&isb=true&isbr=plugins-extra&ts=3811&tsn=3935&dc=84&microPop=fastly_g&caching=hit%2Chit_hit&session_id=9c7ff12a-04c9-47c3-89f8-d819d5456b2f&st=2&url=https%3A%2F%2Fwww.alteredsecurity.com%2Fpost%2Fa-primer-on-dcsync-attack-and-detection&ish=true&pn=1&isFirstNavigation=true&pv=true&pageId=tvmm2&isServerSide=false&isSuccessfulSSR=true&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.13603.0&_brandId=wix&_siteBranchId=undefined&_ms=3935&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_mt_instance=wOgoEYCRppdqFa7OKcKoFt4yhXxlq9qkoH2ownt4SZc.eyJpbnN0YW5jZUlkIjoiMTdkNTVjZTgtNDI1Yy00ODQyLThhYWQtYTE4ZWU1ZDg4OWZiIiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiMTdkNTVjZTgtNDI1Yy00ODQyLThhYWQtYTE4ZWU1ZDg4OWZiIiwic2lnbkRhdGUiOiIyMDI0LTAyLTE5VDEyOjQ2OjQ1LjIxN1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImFhZGViNjljLTQ4ODYtNDk1Zi04YzQ0LTQ1ZjVhYmViYmUyNyIsInNpdGVPd25lcklkIjoiOTU5NmM2ODgtOGRlZC00YzhkLTg5NjMtNTAzNjVkNDZiZjVlIn0&_visitorId=undefined&_siteMemberId=undefined&src=72&evid=502&_=17083468089832&tti=1890&tbt=174&iframes=0&screens=16&entryType=loaded&lcp=319&lcpSize=277885&closestId=viewer-dec2v&lcpTag=P&lcpInLightbox=false&countScripts=61&startTimeScripts=151&durationScripts=1640&mttfbScripts=21&attfbScripts=14&cssResourcesScripts=&tbdScripts=891324&countImages=28&startTimeImages=206&durationImages=493&mttfbImages=31&attfbImages=30&cssResourcesImages=&tbdImages=118100&countFonts=8&startTimeFonts=220&durationFonts=67&mttfbFonts=14&attfbFonts=13&cssResourcesFonts=&tbdFonts=167132&duration=361&ttlb=122&dcl=332&transferSize=190486&decodedBodySize=1132301&pageCaching=maybe%20CDN&isSsr=true&isWelcome=false&btype=plugins-extra&bsi=bb75cb69-18a4-49b1-8adf-6d1a2248e7e8%7C1&ssrDuration=2123&ssrTimestamp=1708325036394&isRollout=false&isPlatformLoaded=false&maybeBot=true&cls=139&countCls=2&clsOld=139&clsId=content-wrapper&clsTag=DIV&clientType=ugc&analytics=true&_isca=1&_iscf=1&_ispd=0&_ise=1
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.alteredsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:49 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bpm
frog.wix.com/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.317a27be.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.209.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-209-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.alteredsecurity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.alteredsecurity.com
date
Mon, 19 Feb 2024 12:46:49 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| initialTimestamps string| thunderboltTag string| thunderboltVersion object| fedops function| e function| r object| viewerModel function| fetchDynamicModel object| dynamicModelPromise object| commonConfig boolean| bodyCacheable object| exclusionReason object| ssrInfo object| webpackJsonp__wix_thunderbolt_app object| fastdom object| customElementNamespace object| wixCustomElements object| __imageClientApi__ object| Sentry function| resolveExternalsRegistryPromise function| resolveExternalsRegistryModule object| externalsRegistry object| ReactDOM object| reactDOMReference object| React object| reactReference object| reactAndReactDOMLoaded function| _addWindowMessageHandler boolean| clientSideRender object| bi string| firstPageId object| webpackJsonp__wix_communities_blog_ooi object| wixPerformanceMeasurements object| wix-perf-measure function| _ object| longTasksPerformanceApi object| consentPolicyManager object| wixEmbedsAPI object| wixTagManager object| wixDevelopersAnalytics object| rb_wixui.thunderbolt_bootstrap object| rb_wixui.thunderbolt_bootstrap-classic object| rb_wixui.thunderbolt_bootstrap-responsive object| rb_wixui.thunderbolt[SkipToContentButton] object| rb_wixui.thunderbolt[ClassicSection] object| gsapVersions function| requirejs function| require function| define object| Prism function| _classCallCheck function| mailmunchGetMethodChain function| mailmunchGetOrCreateMethodChain function| MailMunchBaseForm function| _createClass object| _mailmunchInstances function| MailmunchMethodChain function| MailmunchUrlChangeTracker object| MailMunchDeviceDetect object| MailMunchAjax object| MailMunchHelpers object| _mmunch object| mailmunch object| MailMunchWidgets undefined| $ undefined| jQuery function| _mJquery object| jQuery111303584218174553033

5 Cookies

Domain/Path Name / Value
www.alteredsecurity.com/post Name: ssr-caching
Value: cache#desc=hit#varnish=hit_hit#dc#desc=fastly_g
.www.alteredsecurity.com/ Name: hs
Value: -159317064
.www.alteredsecurity.com/ Name: svSession
Value: ca25c8493d37a0c0657d448629fdd47ba7f770ab07af32b4b297ee7adad6d38ad1aa19b12d23ce11c8df0e2b24f1cc971e60994d53964e647acf431e4f798bcd7508618c68f2e143805b89885cc42df7b5f99c5d4613f03586b415a436bfe306bf84205e11ed4f4ad3c8b631a96d9d5685089c08a889c2eda684b1839b3067092afeeaebd578d80827d42e5e57b5bf8e
.www.alteredsecurity.com/ Name: XSRF-TOKEN
Value: 1708346805|M1eL8IvHEHQ-
.www.alteredsecurity.com/ Name: bSession
Value: bb75cb69-18a4-49b1-8adf-6d1a2248e7e8|1

2 Console Messages

Source Level URL
Text
worker info URL: https://static.parastorage.com/services/wix-thunderbolt/dist/feature-telemetry-wix-code-sdk.1a37c24f.chunk.min.js
Message:
Running the code for the site. To debug this code in your browser's dev tools, open masterPage.js.
worker info URL: https://static.parastorage.com/services/wix-thunderbolt/dist/feature-telemetry-wix-code-sdk.1a37c24f.chunk.min.js
Message:
Running the code for the Post page. To debug this code in your browser's dev tools, open tvmm2.js.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mailmunch.co
ajax.googleapis.com
forms.mailmunch.co
frog.wix.com
lh3.googleusercontent.com
siteassets.parastorage.com
static.parastorage.com
static.wixstatic.com
www.alteredsecurity.com
18.205.36.100
2600:9000:2057:4a00:1e:5c56:d400:93a1
2600:9000:225e:9a00:4:c961:9640:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:82a::2001
34.149.87.45
34.96.106.200
44.214.209.158
011429ba3abdfdb73288b998da7a2f2338a9a5a0256e3fa8b183ea1a9aeaf274
033843a981a66f4608cf451831c0c99c1a3e3b4152a0058d1aae3f6e4a0d5a70
03f37a69486257716ec8e9877d92ccdf12d96699e20d0b22f59f87d718b9aca6
06894ec39381458aeaefa4279683276effa1c1bc6ac75fd9cd88e823569bd05f
076d8d8aec79e9117a80be872ddc7f8763c80ce0fe863fa5d0f051397af8b4cb
091c0e2fe196a438759d5014383ed0f659a13e1b557eb6fa776f4f27a82ed12f
0bac74aa5b8aac9b244a8258e11e830d2bed451731f016ae84f3bbea287c8a81
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3
0f4a52d744f7ff520ff78cf89a90efcb7265c802cc82be14be98dbf6a9bf03cd
101d30a452d4e0e32e708626c40774b812542330232c8a9a568a3aa4c0c6d1e0
10e84acb1b806bb195c926ddd3fc1ed095231c229728b6ee11b07e25c1bc0114
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64
16558e404589538717c2b06a0d3ab02862a1a89b82fd09fc1720d5563cae28ef
174984fd5a84a046a0293aff5b72fc285d64c7cc5255f7007f0452c82a02d325
17acf069d037a23a815c0494a8ba763382c3c6c5d2095bdb0f18885ffc013e4b
1bc31f4c224bcefad58dfd10d68b222eefec7185ac9a76280f6edde381c0e947
1bdb30e7ed4828a327b3c14c8ca0dc729b6d4c4b68be3bbda7758cac2b4e30df
1c1ec673002d33d2fa2f9aa01f861cb2be1be8f777009bf8a710e5d8a9f2be3e
1da20d57b8b824d7bf1003ca15d4e728b9efad70f7765de941fdff2504cc1663
1db8756ea682d4ffab6326da075c769dde88183a52253a108488a5855463acfc
2b29118b324cc7264f9627c719416f0116067618ded742e2c07fefa4838c1044
30a8ea8c141074e4638383fd74adde79dc29b98d46471417b1ff3e7493717602
38fee7a7262d0e30cad23048ea0e80ee4a6c7494e9b2bd31cc74f16808e27dcc
3a46bbf3f5bcf74dfc20c79fe7446c072976db4d9c7bfdda645be3f3a0606baf
422ce54f30bd1b6cf67e5d198c8e97b0b0aaa954c4e15bcd1ccb0a27e8776e25
43554141a6282a51a157ffac521ab994e5e7449c64f69ed49403dea6902f4851
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
4382d1f5ca3f056c38249879bab9c4aa0f2c9ce0445ac859c7ad678c1488c574
443c894d3780f5b7513455a54a1cb12d9b3a784ac48fd4695f2639a51b356050
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4dac472598c69fdaa8f3d658386aeb9bed8cab6221af8a4a7eaea296c28b338f
569057a73fb81e4a8d5b48c985ba6defc215ad6be0d40295fa3a8108507e7fad
581cc6dc537f3ae479077588bfd1ae2aad1f4e771f86230d76494a4a4d8abf07
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5d35f10548eff877c675516232a4e880618d0ac116e5fa32d64bf6d22e0386e9
5d66a66737f512434bce7959caf1972ee0cf767b57eb49bdeeaae815d786d4d8
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f
67b9aa1069046042a0e4f67be64782e4a01b05388c426821555c7ffb233dcc20
6a40d0d63af73c673c86ef9eeefa5f2475358d483cbc093a7b6019c729912f20
6ccb79531ed19681c72462d4663c55ecc2793bf97328fff74310c72fc5f26013
6f82ef128d5560ccba2b98a4eca3bf4d5a7d20abf424784ce9e5272d21e79111
7642c901398b5c33f0609a92f0111a143a70c195dc68d333ff5bc41a4282d76a
7d1275a5efe4967b0f293f59c50bf07770f93684092e389bd33f5bf540cfd8aa
7d2ed3eb35d19cffa3732293ee3d0547b5cb6f1520d7a221c164839911e0b13c
7d48a83e037d64345822ee00d1cb44f65db12c542af4155af48b2227d484b70f
7dee103a9b010862fad14d3ca17d43045e34c33aa956b879c016bcf01855526b
81a38fc96a80af06594264f09c76f3755fe296a865e694b4a62d3d6d00916602
81a52b42d113e37b869e2fe98e0d9d8c1723aee9206e6c55e9dc9602f8374eda
820b1783992d8c408809d92b3db44bd892e31da622d2f34b6e72eab621a251cf
831a7fc701a46f1f9afa8cbf7c2350da8cd2b92d122e5b99c974241c11d971bd
8687d0473d31c7e44bfd371475cdd402e60c57426331d48ec0667305f660aad8
86e9b3587c8419756abe19dac3aa42a054d28b11f56d27912acfb2053781df82
8a42e017be9da30f9de14a20e0a3dc8f179786f3dd639fa7e93ef1c9ea3a7e3f
8af2e31261db4fdcc96145fb43b243d60ae8fc1303551874e01027afcae45076
8cd7c13537144c9397a8238bd0422c05e46ab79d2cbdd6a0d2d4c8a93212b59f
8dd116f8119f900a7f25a963ef7dbb9b78ab06a8abe9de2c5326fd66d02c73b7
8e97e81e666eaa6f933aa8b427c92c2d7c8ba4b1944f513e5afb3f07a15f5767
942df77a523b862efe94e46df5848f10d0e8ce4cd0322b82430ff6fb055df013
9443022a2ee238c7f73c8737951f224b770d292d16ed0ee5c2657a72f4583e1c
980cad68d51ad49cf44dfe4634caac37fd9f81ed34fa614dc5c497ec43ce5b0c
9a558d221537357fb9551abb67dfa984cbdef93486681ac7a41a8c9bb3dd0b84
9c9224b0743c9ae4c456fdb5a45303c1110253b1a88f6d143cedf2b4acb9032e
a069b833f01dec640b150c810c23602c30b28e1e105a24a7898ce2e82d4daed1
a0d7c1ec8637c5de766768474dc6ca95f5aa5697e148df44a2d7d15a42ab74e7
a242d91e5b47d220738f58e011fb96c4f6b4b15c74dec9e53bf09c6b2c3ab2c1
a49caaaf8c637e892a24a92fc2a1d4ca331ec874afd9afc40166970d3043ed0e
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
a9a18a11661e42a038470d210bc303bb250d3735feb18409121f1cb6cc41cd80
aac87ff578c694a3b88b49b53abb3fe8131ebc21a1d69fd69d00b8176fbad404
ac984f05f021f2c6d90b5a9e2170f14271420a7d63b1f38cf718a4f7c6600908
adafa0d857fccaef98aad8766078b68833acc5b764144173959755769180afb2
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af08c408155dd6d67cef14cd7ff1a9b54f197bd3b229bcc78c259d78aff0ba1e
afe3659b113b5aa33fa20bb48eae43ac8dcaa1bbd7838aeff171b2c82976fede
b5e1d4d1da3696c5b231b69e2a897e941e37d9f67c574da6f9bd535b0efb9a3b
b5f453fdd7b6005979edc60de0444c8253f434d28045d329ac3e558d22e3bbfe
b7bc663726f5314c0308ab59039d0346c930869e335eb8352ef792a6bec1159a
b7e25239d326c22d1791622e6766efe171323091bebc8763f16d8906bb1d832d
c439d15366002627225943c623e885ac62f68be8cb11062f31af1d7e30762560
c4946a0aede12e3a6acf29da8c3bf44f25703cc14c79afa5187506f8297edb68
ce79ff909d52dce29155d9ac9c8bf33b6b2aa4ea7238e7d19653f32ae21a1450
ced388662a70d86ba66d24edd01a066ebc63676cb8d0c0b0252e3b0a64a61110
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78
d16a76e6bc25fbb3d06cb905e8e291d01266bf0a1ad1c295dd13db312f1e0ad9
d219937f9e52446b2a1d0effb5b405079fa0f726ecb269c6e559e640391ff4b6
d2daaa7dbe6e1cea2c841aceef88d3f638cd3ef17bd9d0db25d654e991f14b91
d5e26abe8d831a5137c34643dc42cae32bb4a132f1bc50a9b048d0db6898f9c1
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8
d8e022ee89fd0a9d94feadb8fb32f322654e935780116e61576ed5b1df07bcfa
d95cec2d9ee6ed71700aa2d9820fd37828c92df05008f0586963eb965488e510
da23285bdbbde3949073af5949788b0882b5d9c64bee8847e23c18f969b16870
db62221e21d98e7088d14aebb8313ecc4119a0da294de96d53449171b3b31d70
dc45c440be48cb8fb60c0aea4ceb7b42227c525812eba5d38a19243315de7b29
dcb698305f87582f6329d73ed4773f225970ac9d8dcd054285cfb4debe9d87cc
dde9043382c6b12aabeb4658e224701c4f398bb286cf6354791ed28fb1971bb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406993e0cce3e17d0cb3b882c179ce5cf4e724db064895c3a258cf5bba036ff
e4c2622810530874b9cd86eb2f9ba47ca40fb57e9aaf2308f7a9a7460f974e38
e5d22e269960aa637fe0bfcab860fca3b3767c61e23c0ea234eb5d2f7858265b
e64ae8c32045730a28e50c59d0b20c10e228e9014e1f053bbba63b174b51a9fa
e8337a41cc582660c80ddb65cb0bb1f40df4d051e04a03d95550a1764d0f9cc4
ec4d78969b4b9138cb5168fa6b6aef9d8eca32a12004e1897da3544f1a3e5b2e
ee07c21eb9e3ba7afbc5de14064428393a171ca74cd500c98b072aae2eca5ff6
f081fbc73d7478c83c0d354d12d5496d87eafdf3d488a3c94fcbbed0bbfee748
f185b914e5661fa018cc164babd227c9527d35144a2d68eb9008b457f5313801
f494cbfac95eee04dd6cd6cc4117be81a17b34165dbf462423fb3450822efead
f5c683138349220e034022cbb3735e5fb2a97b51a99622b366453221e3fbe318
f8df9bf365698c5a9906a2b145290bd9feb808d88e138496bbe2f61fd4077af0
f9f96daa4216a7d9fa7e5b71e76f08799144ccac449e849ca2544cc02d2cb965
fe743dd3c450b9c6addb369e576cbe851f2939106088a9102a4bc48dd90cd3fa
fee88ba6fbff556e8725803954fafc90ffd2b0017bd82109159488bdf91ecaa2