posts.specterops.io Open in urlscan Pro
52.6.46.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4
Effective URL:
https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
Submission: On July 25 via api (July 25th 2019, 4:43:33 pm UTC) from US

Summary HTTP 64 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 64 HTTP transactions. The main IP is 52.6.46.142, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 2nd 2019. Valid for: a year.

This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	52.6.46.142 52.6.46.142	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	2606:4700::68... 2606:4700::6810:7a7f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
32	2606:4700::68... 2606:4700::6810:7691	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2606:4700::68... 2606:4700::6810:7991	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.32.158.111 13.32.158.111	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	23.23.71.11 23.23.71.11	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2600:9000:200... 2600:9000:200d:1e00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2600:9000:200... 2600:9000:200d:d400:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
64	10

4 52.6.46.142 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-6-46-142.compute-1.amazonaws.com

posts.specterops.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7a7f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6810:7691 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7991 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.111 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-111.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.23.71.11 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-71-11.compute-1.amazonaws.com

collector-medium.lightstep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:1e00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:200d:d400:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	639 KB
8	lightstep.com collector-medium.lightstep.com	2 KB
4	branch.io cdn.branch.io api2.branch.io	23 KB
4	specterops.io 1 redirects posts.specterops.io	34 KB
3	google-analytics.com www.google-analytics.com	18 KB
1	app.link app.link	728 B
0	cloudfront.net Failed d1z2jf7jlzjs58.cloudfront.net Failed
0	github.com Failed gist.github.com Failed
64	8

	Domain	Requested by
21	miro.medium.com	posts.specterops.io www.google-analytics.com
10	cdn-client.medium.com	posts.specterops.io cdn-client.medium.com
8	collector-medium.lightstep.com	cdn-client.medium.com posts.specterops.io
5	glyph.medium.com	posts.specterops.io
4	posts.specterops.io	1 redirects posts.specterops.io cdn-client.medium.com
3	api2.branch.io	cdn-client.medium.com
3	www.google-analytics.com	posts.specterops.io
1	app.link	cdn.branch.io
1	cdn.branch.io	posts.specterops.io
1	medium.com	1 redirects
0	d1z2jf7jlzjs58.cloudfront.net Failed	cdn-client.medium.com
0	gist.github.com Failed	posts.specterops.io
64	12

This site contains links to these domains. Also see Links.

Domain
medium.com
www.specterops.io
docs.microsoft.com
undocumented.ntinternals.net
www.microsoft.com
github.com
adilevin.wordpress.com

Subject Issuer	Validity	Valid
posts.specterops.io Sectigo RSA Domain Validation Secure Server CA	`2019-04-02` - `2020-04-01`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2018-07-31` - `2020-09-09`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.lightstep.com Let's Encrypt Authority X3	`2019-04-30` - `2019-07-29`	3 months	crt.sh
appipv4.link Amazon	`2018-09-17` - `2019-10-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
Frame ID: B067D319E8431B15E9ECCAEDC048A3F0
Requests: 62 HTTP requests in this frame

Frame: https://posts.specterops.io/media/e8d6cc97946f5898abf095d987e121b2
Frame ID: 4EC794003733B2BB9C681E780130D2D4
Requests: 2 HTTP requests in this frame

Frame: https://posts.specterops.io/media/76b782ff1a5487ac6a8302b04d70f206
Frame ID: 20F9EF43BBDA9D06A6E82DFF4344B5B3
Requests: 2 HTTP requests in this frame

Frame: https://posts.specterops.io/media/e8d6cc97946f5898abf095d987e121b2
Frame ID: 694E190E4025676FBF7FD56732AAC8BF
Requests: 1 HTTP requests in this frame

Frame: https://posts.specterops.io/media/76b782ff1a5487ac6a8302b04d70f206
Frame ID: 15C83A24B7795A21DDC9735D9C7EA93D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4 HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fthe-curiou... HTTP 302
https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

64
Requests

86 %
HTTPS

70 %
IPv6

8
Domains

12
Subdomains

10
IPs

2
Countries

743 kB
Transfer

2085 kB
Size

0
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page---------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb&source=post_page--------------------------nav_reg-
Title: Sign in

Search URL Search Domain Scan URL

URL: https://www.specterops.io/?source=post_page---------------------------
Title: specterops.io

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/desktop/api/synchapi/nf-synchapi-sleepex?source=post_page---------------------------
Title: SleepEx

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/desktop/api/winbase/nf-winbase-signalobjectandwait?source=post_page---------------------------
Title: SignalObjectAndWait

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/desktop/api/synchapi/nf-synchapi-waitforsingleobjectex?source=post_page---------------------------
Title: WaitForSingleObjectEx

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/desktop/api/synchapi/nf-synchapi-waitformultipleobjectsex?source=post_page---------------------------
Title: WaitForMultipleObjectsEx

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/desktop/api/winuser/nf-winuser-msgwaitformultipleobjectsex?source=post_page---------------------------
Title: MsgWaitForMultipleObjectsEx

Search URL Search Domain Scan URL

URL: https://undocumented.ntinternals.net/index.html?page=UserMode%2FUndocumented%20Functions%2FAPC%2FNtTestAlert.html&source=post_page---------------------------
Title: NtTestAlert

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/desktop/fileio/alertable-i-o?source=post_page---------------------------
Title: alertable state

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/desktop/api/processthreadsapi/nf-processthreadsapi-queueuserapc?source=post_page---------------------------
Title: QueueUserAPC

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/windbg-preview/9pgjgd53tn86?source=post_page---------------------------#activetab=pivot:overviewtab
Title: WinDbg

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/dotnet/framework/tools/sos-dll-sos-debugging-extension?source=post_page---------------------------
Title: SOS Debugging

Search URL Search Domain Scan URL

URL: https://github.com/dotnet/coreclr?source=post_page---------------------------
Title: coreclr project

Search URL Search Domain Scan URL

URL: https://github.com/dotnet/coreclr/blob/b62e7765e7f4171461b2597fe3174c211957f3ee/src/vm/ceemain.cpp?source=post_page---------------------------#L69
Title: interesting comment

Search URL Search Domain Scan URL

URL: https://adilevin.wordpress.com/2009/06/13/asynchronous-procedure-call/?source=post_page---------------------------
Title: Asynchronous Procedure CallThere are two ways to invoke a function on a different thread - the first is by calling CreateThread. The disadvantage…adilevin.wordpress.com

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb&source=post_sidebar-----3f62e966d2cb---------------------clap_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb&source=post_actions_footer-----3f62e966d2cb---------------------clap_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/p/3f62e966d2cb/share/twitter?source=follow_footer--------------------------follow_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/p/3f62e966d2cb/share/facebook?source=follow_footer--------------------------follow_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb&source=post_actions_footer--------------------------bookmark_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/p/3f62e966d2cb/responses/show?source=follow_footer--------------------------follow_footer-
Title: Write the first response

Search URL Search Domain Scan URL

URL: https://medium.com/policy/f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4 HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb%3Fsource%3Drss----f05f8696e3cc---4 HTTP 302
https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request the-curious-case-of-queueuserapc-3f62e966d2cb Show response
posts.specterops.io/
Redirect Chain

https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb%3Fsource%3Drss----f05f8696e3cc---4
https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

159 KB
30 KB

799ms
799ms

Document
text/html

52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-46-142.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8765983945a9d5b44d449e388e67793b7664be5e4fb06080ba48a2b7dc61d1ef

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
server: nginx
date: Thu, 25 Jul 2019 16:43:03 GMT
content-type: text/html; charset=utf-8
set-cookie: uid=lo_pVSb4hvtpaxh; path=/; expires=Fri, 24 Jul 2020 16:43:02 GMT; secure; httponly sid=1:C2oF+r1oGGD6XDP1kAo+TrTxgyH7OQolkbALR/3Br05wPv62fbbtN5wTNkEfVDN+; path=/; expires=Fri, 24 Jul 2020 16:43:02 GMT; secure; httponly
sepia-upstream: production
x-frame-options: allow-from medium.com
medium-fulfilled-by: lite/master-20190724-221232-3f9dd67542, rito/master-20190723-182653-4cc647ebf5, tutu/38164-722e794
etag: W/"27c94-xaYNKD7Lo8VMaPEQgpQe0mNsycA"
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 656

Redirect headers

status: 302
date: Thu, 25 Jul 2019 16:43:02 GMT
content-type: application/octet-stream
set-cookie: __cfduid=dd8d185d84023285ade6ed9c9c7b1d2bd1564072982; expires=Fri, 24-Jul-20 16:43:02 GMT; path=/; domain=.medium.com; HttpOnly uid=lo_pVSb4hvtpaxh; Expires=Fri, 24-Jul-20 16:43:02 GMT; Domain=.medium.com; Path=/; Secure; HttpOnly sid=1:tLwXmHhgg+MMIgMY6IqJPvu2QfwalfOgfVgpnAGJ7vN+jW16RkI3jiWjiMIcDts0; path=/; expires=Fri, 24 Jul 2020 16:43:02 GMT; domain=.medium.com; secure; httponly __cfruid=40555bf2edd9ac00665f45b10ce8c7ff67a29006-1564072982; path=/; domain=.medium.com; HttpOnly
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
x-powered-by: Medium
x-obvious-tid: 1564072982304:49920e04bbca
x-obvious-info: 38172-734a1e3,734a1e3265a
link: <https://medium.com/humans.txt>; rel="humans"
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
pragma: no-cache
tk: T
location: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
strict-transport-security: max-age=15552000; includeSubDomains; preload
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4fbf972aecffc2d1-FRA

GET
H2 200 m2.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 44 KB
29 KB 135ms
91ms Stylesheet
text/css 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3310
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 4fbf97314be32754-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 25 Jul 2019 20:43:03 GMT

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/304/ 7 KB
7 KB 122ms
88ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/304/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1118189
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 6883
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf97313bda2754-FRA
expires: Sat, 24 Aug 2019 16:43:03 GMT

GET
H2 200 1*s94MfUCftCS8EVlSfK8GMg.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
5 KB 203ms
169ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*s94MfUCftCS8EVlSfK8GMg.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

3299fdd08128227acdd2ac2a6f12f442c422d2a8b3d084b64c8083a41685fe8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 4463
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf97313bdb2754-FRA
expires: Sat, 24 Aug 2019 16:43:03 GMT

GET
H2 200 1*UQnlJHP9-QgnArS18eVHBQ.png
miro.medium.com/max/60/ 2 KB
3 KB 138ms
137ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*UQnlJHP9-QgnArS18eVHBQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

7b974c3bb58ea5ad82b73e4f032fd13b87b3aa4bb88df366ec96da2123bda771

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 2496
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec452754-FRA
expires: Sat, 24 Aug 2019 16:43:03 GMT

GET
H2 200 1*vGk0YI-E73xd1F3TX37WHw.png
miro.medium.com/max/60/ 1 KB
1 KB 115ms
114ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*vGk0YI-E73xd1F3TX37WHw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

83eacaeca7f18a9c03f3a1b70bc5f9db040e54fb7455543d1f18f24d918d4673

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 1279
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec462754-FRA
expires: Sat, 24 Aug 2019 16:43:03 GMT

GET
H2 200 1*Can2D5yBT7DDgqwqr4BFmA.png
miro.medium.com/max/60/ 3 KB
3 KB 131ms
130ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*Can2D5yBT7DDgqwqr4BFmA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

874015e586d93c437a4d3d89344dcd253b380c22a7988d7a563c36d5306cfddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 2707
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec472754-FRA
expires: Sat, 24 Aug 2019 16:43:03 GMT

GET
H2 200 1*s94MfUCftCS8EVlSfK8GMg.jpeg
miro.medium.com/fit/c/160/160/ 9 KB
9 KB 126ms
125ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*s94MfUCftCS8EVlSfK8GMg.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

ac5c63b56bdc79976b394a6e78626fe9f386f61671d703b3fb0df8c4ef86b3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 9188
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec482754-FRA
expires: Sat, 24 Aug 2019 16:43:03 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/160/160/ 6 KB
6 KB 72ms
71ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30984
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 6539
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec492754-FRA
expires: Sat, 24 Aug 2019 16:43:03 GMT

GET
H2 200 manifest.56e04f3c.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 43ms
35ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.56e04f3c.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa45b50ea425f76a1b388ae5dcd29499fac297cb3c4deaae50ad189652d53a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66834
status: 200
vary: Accept-Encoding
x-amz-request-id: 62801C841C76CD39
x-amz-id-2: 3M43oHYMgwCti0Nh7gCWiUn8+fKO2iOfioxSBOFqOBj7NcqOjM5aF5pdalvx2Gs1LEqr2LaW52E=
last-modified: Wed, 24 Jul 2019 22:06:05 GMT
server: cloudflare
etag: W/"9368a867abf6e9130e65acd86689b748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: fAFN2IKZyBsv.mhF_4qOKCq6egOfNMBU
cf-ray: 4fbf9731dc312754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 vendors~main.85c53847.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 808 KB
209 KB 36ms
35ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8274ce77cdc03012fda59439c2d63c664a7d17eabdfde63ba91722f7f3ee87ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 690061
status: 200
vary: Accept-Encoding
x-amz-request-id: EC788A8BDA5AB95A
x-amz-id-2: c+VsgcGgxl0iYFWyeGPovTvF1IvWcNirrlK0EkYoH5MUtPnFAftWm+p4km0lRqInCsB+llyD6MI=
last-modified: Wed, 17 Jul 2019 16:46:30 GMT
server: cloudflare
etag: W/"6da4af495f6191346724f13cedf8e16b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: 1VYQGn69pk3FZIO5H7G_V4M3xkERsug3
cf-ray: 4fbf9731ec402754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 main.11d95914.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 325 KB
79 KB 28ms
26ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.11d95914.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

feb9631447b5581f601397a3ba9775304983a26418a423906cbaf89867601cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66124
status: 200
vary: Accept-Encoding
x-amz-request-id: 757AB0C9553DB9D5
x-amz-id-2: 3Cijr9T2YCHYFs3wSle3kLVm0n0zBxRLaURGlCGObFG+Zn3kMaCO6W6yrjL7saGbJjJCIa4piNA=
last-modified: Wed, 24 Jul 2019 22:17:53 GMT
server: cloudflare
etag: W/"d0eccb65b4792d61cd915318407eb966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: L0cocEDfvAi8NrUrk70v2Jj16UurJAnC
cf-ray: 4fbf9731ec412754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 vendors~screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~~b319665e.f2be28a6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 34 KB
15 KB 21ms
20ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~~b319665e.f2be28a6.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

81ab67a50a01c52c9cffc2a0fd8579dd4cbdcd41bb6fe4a7754d2bac02cfad65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 690061
status: 200
vary: Accept-Encoding
x-amz-request-id: 66729C246ADAF873
x-amz-id-2: QR20wLfdrPvkotdvTeClYzQKVF2SuikIFSvcm/wOtabQ8bmRszh8HTJ/HIarSDjHTu3oztGeX60=
last-modified: Wed, 17 Jul 2019 16:46:30 GMT
server: cloudflare
etag: W/"23e34e999de903dca6d0f87ef9d52146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: tpvIBvcLxTFWEWeNwKS73HBJUi32agUY
cf-ray: 4fbf9731ec422754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.9b061456.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 50 KB
15 KB 34ms
33ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.9b061456.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df12addb716b8c1fdf51f7ecb5c07fec9f665f77dc5363bc04cb644206a62c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71321
status: 200
vary: Accept-Encoding
x-amz-request-id: 3820C0EF53CAFB4D
x-amz-id-2: 5LUv/RnRsOW0V6faEgg7aa+lGZxv8S+UISzF3HIwLVfQlXp7lzH8FFJq+uh/PMWUaNJAL7X7wng=
last-modified: Wed, 24 Jul 2019 20:51:30 GMT
server: cloudflare
etag: W/"304d4075e502ff51d070186a8c3b7b2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: .jUnuSldSzvqje.93X.fjOimsTB4nzVD
cf-ray: 4fbf9731ec432754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~screen.s~5e114ebe.69db5a80.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 105 KB
28 KB 23ms
22ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~screen.s~5e114ebe.69db5a80.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14b927292a4b76238d7db0e8acf7db43f604c46eefe51aed8c7a5d59c90edb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66834
status: 200
vary: Accept-Encoding
x-amz-request-id: 4C20D54DC61C33A3
x-amz-id-2: SmAMNxOYVcXGMJ3KCR8VsuP75C9ujV+2lWj3imFpT1Aub3iMKF/gLejc19QT5zFv4AbX/7/XKjM=
last-modified: Wed, 24 Jul 2019 22:06:07 GMT
server: cloudflare
etag: W/"4845909c6fa940cf8a6bfab3725515e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: jY_HuopWZcca2auWF9yTrAHGziXmkFpS
cf-ray: 4fbf9731ec442754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 screen.post~screen.post.amp~screen.sequence.post.9d72208f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 102 KB
25 KB 19ms
19ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post~screen.post.amp~screen.sequence.post.9d72208f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

09d661a6b89cfec7f33f98b8e7e60e6cce3be66127de13a86e8fcd9541671276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66834
status: 200
vary: Accept-Encoding
x-amz-request-id: 46D6C17D107610C8
x-amz-id-2: DFalUHI6KiTf/1Thh5LHb6+l8K5XjYCoIFa/dvmmbuVAHhe6XYh/EUaaspRqk6lgf7usu5fS5Ds=
last-modified: Wed, 24 Jul 2019 22:06:09 GMT
server: cloudflare
etag: W/"8f393ec3e0f711c18ff6be4d82b77b23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: Dbp8QcPqJgmsfTgveY5cd.W4VjAZqkmD
cf-ray: 4fbf97320c5f2754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 screen.post.fbe8c836.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 42 KB
13 KB 30ms
30ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post.fbe8c836.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f7cb42f556775fb3c0f97c9be7bc6e53452ec29f2175e1c4b10183f7722dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66834
status: 200
vary: Accept-Encoding
x-amz-request-id: 84DE72FC0ADEAE3B
x-amz-id-2: ONooFzQ/kpbi995D4gDrC/G7QFQPXmqofa30nTfvXm+h+KcPL7Vfv5XSMzgDlBdQ9LZUX0Yw1UE=
last-modified: Wed, 24 Jul 2019 22:06:08 GMT
server: cloudflare
etag: W/"ca897e9e856752599161ceb99a53b3b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: .jVxIYCeSo8F_OCaDKJRpEHv7gYQFrbn
cf-ray: 4fbf97320c652754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 6955
date: Thu, 25 Jul 2019 14:47:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Thu, 25 Jul 2019 16:47:08 GMT

GET
H2 200 e8d6cc97946f5898abf095d987e121b2 Show response
posts.specterops.io/media/ Frame 4EC7 2 KB
2 KB 235ms
235ms Document
text/html 52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/media/e8d6cc97946f5898abf095d987e121b2

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-46-142.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

73a263cd64fc2024ad58d3bb01a437115ee427773e5676e3f2dfdab62ddb9c4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://getpocket.com https://posts.specterops.io https://.posts.specterops.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://.branch.io https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /media/e8d6cc97946f5898abf095d987e121b2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
accept-encoding: gzip, deflate, br
cookie: uid=lo_pVSb4hvtpaxh; sid=1:C2oF+r1oGGD6XDP1kAo+TrTxgyH7OQolkbALR/3Br05wPv62fbbtN5wTNkEfVDN+
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Response headers

status: 200
server: nginx
date: Thu, 25 Jul 2019 16:43:03 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://posts.specterops.io https://*.posts.specterops.io https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
x-powered-by: Medium
x-obvious-tid: 1564072983431:dab9da147581
x-obvious-info: 38172-734a1e3,734a1e3265a
link: <https://medium.com/humans.txt>; rel="humans"
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
pragma: no-cache
tk: T
content-encoding: gzip

GET
H2 200 76b782ff1a5487ac6a8302b04d70f206 Show response
posts.specterops.io/media/ Frame 20F9 2 KB
2 KB 162ms
162ms Document
text/html 52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/media/76b782ff1a5487ac6a8302b04d70f206

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-46-142.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

732a89b17e717d41c53b75d09df8226625d4108bc02b4ad016296d695c43c900

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://getpocket.com https://posts.specterops.io https://.posts.specterops.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://.branch.io https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /media/76b782ff1a5487ac6a8302b04d70f206
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
accept-encoding: gzip, deflate, br
cookie: uid=lo_pVSb4hvtpaxh; sid=1:C2oF+r1oGGD6XDP1kAo+TrTxgyH7OQolkbALR/3Br05wPv62fbbtN5wTNkEfVDN+
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Response headers

status: 200
server: nginx
date: Thu, 25 Jul 2019 16:43:03 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://posts.specterops.io https://*.posts.specterops.io https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
x-powered-by: Medium
x-obvious-tid: 1564072983387:a6918bb45eff
x-obvious-info: 38172-734a1e3,734a1e3265a
link: <https://medium.com/humans.txt>; rel="humans"
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
pragma: no-cache
tk: T
content-encoding: gzip

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0*MGiQMAe-MCshaA7y
miro.medium.com/max/320/ 853 B
942 B 226ms
226ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*MGiQMAe-MCshaA7y

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

ad6e2952113bebbc59aca4f0ba6c1a6d7cef66e0de952872c0776b06d0fa0c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
content-length: 853
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec502754-FRA
expires: Sat, 24 Aug 2019 16:43:03 UTC

GET
H2 200 0*dwRjC0IPTsOp_lT5
miro.medium.com/max/320/ 11 KB
11 KB 176ms
176ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*dwRjC0IPTsOp_lT5

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

712b81e7b0b3bd40b253d8d61884f567d1da30dc59768b1daf2c28038a7c038c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
content-length: 11543
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec512754-FRA
expires: Sat, 24 Aug 2019 16:43:03 UTC

GET
H2 200 0*VEyszBe_UgIbt2RG
miro.medium.com/max/320/ 17 KB
17 KB 572ms
571ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*VEyszBe_UgIbt2RG

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

f50bd1fb366b232e969f3c3e870a879209b67b7552014acfd2b470afb3ee174e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
content-length: 17522
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9731ec542754-FRA
expires: Sat, 24 Aug 2019 16:43:03 UTC

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
14 KB 62ms
29ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 547195
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 4fbf97322c1096ce-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 74ms
40ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252614
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 4fbf97322c1296ce-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 marat-sans-300-italic.woff
glyph.medium.com/font/24e0824/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 61ms
28ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/24e0824/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/marat-sans-300-italic.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84a548a3f01f6d92045be9ae44e89520ed11505928139d831749385a36aee74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3312084
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 4fbf97322c1196ce-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 marat-sans-400-normal.woff
glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 14 KB
15 KB 49ms
25ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1158556
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 4fbf97322c1396ce-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
102 B 13ms
13ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=405534069&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb%3Fsource%3Drss----f05f8696e3cc---4%26gi%3D6e00c734ff41&ul=en-us&de=UTF-8&dt=The%20Curious%20Case%20of%20QueueUserAPC%20-%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1541646816&gjid=2127699065&cid=467425540.1564072983&tid=UA-24232453-2&_gid=961874987.1564072983&_r=1&z=598387945

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2019 16:43:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 0a876cd83abaab6bb956b7a48178b1eb.js
gist.github.com/djhohnstein/ Frame 20F9 0
0

GET c843e9856f6da58f1604d03394806c4e.js
gist.github.com/djhohnstein/ Frame 4EC7 0
0

POST client-ready
posts.specterops.io/_/lite/performance/ 0
0

GET
H2 200 vendors~tracing.db265f32.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 18ms
18ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~tracing.db265f32.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.56e04f3c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

968d8608b6da81156d86a1aa91922eeb2f2070e24aa12deacb63cb20ac5174b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 690059
status: 200
vary: Accept-Encoding
x-amz-request-id: 9A51987A3C839A9C
x-amz-id-2: YEjJX+2oWg78sX5DNV+GDrOB7EW39uDIG9xPYQkbf9libzDk8gF7qR0D4poGgCcDhZ8hPZTxXro=
last-modified: Wed, 17 Jul 2019 16:46:30 GMT
server: cloudflare
etag: W/"8b85f5ba7a5018eed99d8f85cc363647"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: 91naIfAQoDoaiCCH8C1sUh64Gpl7S8sZ
cf-ray: 4fbf97340da22754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET
H2 200 tracing.48bfc3d4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/tracing.48bfc3d4.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.56e04f3c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cfd68660fc0feefb7bdf21f1f1506ce12772ba6a59eb925c35c30071351d15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32118
status: 200
vary: Accept-Encoding
x-amz-request-id: 4B313C322DB800AB
x-amz-id-2: 1TY5Awze7YueRrGN19SmCC32sijgH6MulK2QQer0V23VTIDX581L14LY1eS/ZoDRwY1cynPevFg=
last-modified: Wed, 17 Jul 2019 16:46:29 GMT
server: cloudflare
etag: W/"bd75cb7dcbb3f62113bd379fc8617cc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-version-id: u4vvfBiKdIorS_7DQmdz0q2sg.rNDrWD
cf-ray: 4fbf97341da32754-FRA
expires: Fri, 24 Jul 2020 16:43:03 GMT

GET p.js
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 0
0

GET e8d6cc97946f5898abf095d987e121b2
posts.specterops.io/media/ Frame 694E 0
0

GET 76b782ff1a5487ac6a8302b04d70f206
posts.specterops.io/media/ Frame 15C8 0
0

POST graphql
posts.specterops.io/_/ 0
0

GET
H2 200 0*MGiQMAe-MCshaA7y
miro.medium.com/max/160/ 596 B
684 B 132ms
131ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/160/0*MGiQMAe-MCshaA7y

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

21aa72036eda2b8ae31705fe64915eb15857f1fc63392458b45eb04b6acaa79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
content-length: 596
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf97359e702754-FRA
expires: Sat, 24 Aug 2019 16:43:04 UTC

GET
H2 200 0*dwRjC0IPTsOp_lT5
miro.medium.com/max/160/ 6 KB
6 KB 173ms
172ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/160/0*dwRjC0IPTsOp_lT5

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

98cab0b271403023d7523b2b8e761dfdcbd1845d141c1f51b2280cb3fb5436dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
content-length: 5994
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf97359e742754-FRA
expires: Sat, 24 Aug 2019 16:43:04 UTC

GET
H2 200 0*VEyszBe_UgIbt2RG
miro.medium.com/max/160/ 8 KB
8 KB 227ms
227ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/160/0*VEyszBe_UgIbt2RG

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

836932ca9919fd581620df92310abdf9042b04724ea17a62767474ae9a150999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
content-length: 8150
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf97359e762754-FRA
expires: Sat, 24 Aug 2019 16:43:04 UTC

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/152/ 3 KB
3 KB 57ms
57ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/152/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

a57e16ea62acdc89a8b4e6defed5ac7097955913d59f667b8a0b6dc2866588c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107753
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 3171
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9735feac2754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

GET
H2 200 1*s94MfUCftCS8EVlSfK8GMg.jpeg
miro.medium.com/fit/c/48/48/ 2 KB
2 KB 119ms
118ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/48/48/1*s94MfUCftCS8EVlSfK8GMg.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

bed35d59eb5b3d32892f02035bd26479534f231fca1dbb0965131ae962c8231f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 1773
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9735feae2754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

GET
H2 200 1*UQnlJHP9-QgnArS18eVHBQ.png
miro.medium.com/max/30/ 1 KB
1 KB 137ms
136ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*UQnlJHP9-QgnArS18eVHBQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

fff98f7d9292e9fb08e5601ddc5c7408ef958b3d94d3a77a5c76d4c8f5f5fcf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 1178
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9735feaf2754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

GET
H2 200 1*vGk0YI-E73xd1F3TX37WHw.png
miro.medium.com/max/30/ 482 B
550 B 120ms
120ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*vGk0YI-E73xd1F3TX37WHw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

1c9ad29823b7828402475a266017105983d25062995c9d90c61d17515bda4f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 482
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9735feb12754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

GET
H2 200 1*Can2D5yBT7DDgqwqr4BFmA.png
miro.medium.com/max/30/ 1 KB
1 KB 124ms
124ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*Can2D5yBT7DDgqwqr4BFmA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

64eb95acef09fbfc5d9449e331460b35b59703c65c716f40d02431d9678aec4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 1153
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9735feb22754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

GET
H2 200 1*s94MfUCftCS8EVlSfK8GMg.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 253ms
252ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*s94MfUCftCS8EVlSfK8GMg.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

6cd61b65bdd5e43f9cb46c840f6da04e29a2187f261a34cb51b7fef9142e0489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 3376
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9735feb32754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 21ms
21ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107752
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 2735
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf9735feb42754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
270 B 24ms
13ms Image
image/gif 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=405534069&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fthe-curious-case-of-queueuserapc-3f62e966d2cb&ul=en-us&de=UTF-8&dt=The%20Curious%20Case%20of%20QueueUserAPC%20-%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEDAAEAB~&jid=572117586&gjid=1682809192&cid=467425540.1564072983&tid=UA-102239211-2&_gid=961874987.1564072983&_r=1&z=499570602

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 71 KB
22 KB 1302ms
9ms Script
text/javascript 13.32.158.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb?source=rss----f05f8696e3cc---4&gi=6e00c734ff41
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.111 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eacb0667ab0b3b2bf3709448351d1cf4abf76aaa0febd955cafa892408cfc421

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: niwfoqhU_AnqkvtSMs5r0ZFpRVGmQSMv
Content-Encoding: gzip
Last-Modified: Tue, 09 Jul 2019 22:22:17 GMT
Server: AmazonS3
Age: 24
ETag: "4f18667a379e69fb939087b1fe6d8a31"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Thu, 25 Jul 2019 16:42:47 GMT
X-Amz-Cf-Pop: FRA56
Connection: keep-alive
Content-Length: 21695
X-Amz-Cf-Id: Z8o3BfVhDd4qSSWpFk_2wz59eFG9MYt0-MpzIm46l994g39xizdnew==

GET
H2 200 1*UQnlJHP9-QgnArS18eVHBQ.png
miro.medium.com/max/700/ 63 KB
63 KB 113ms
113ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*UQnlJHP9-QgnArS18eVHBQ.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

4faafbeca62e2a0690db591051b76b2145a7841d5f6114fe19302861bf566cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 16:43:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
vary: Accept-Encoding
content-length: 64189
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fbf97360eb72754-FRA
expires: Sat, 24 Aug 2019 16:43:04 GMT

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
175 B 1603ms
120ms XHR
text/plain 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Thu, 25 Jul 2019 16:43:06 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
728 B 183ms
156ms Script
text/javascript 2600:9000:200d:1e00:19:9934:6a80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.50.2&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:200d:1e00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

341089615e7efdf1d3017f57515156671dbcb7981e27d935d8a48b2f31434d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Thu, 25 Jul 2019 16:43:05 GMT
Via: 1.1 aac86dd0bb06b97ef178f97d0c65ee5f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA50
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-KpVfaw5cO10ABONsYnnvjVJdyO0"
X-Amz-Cf-Id: UUYlBRPm8PimegWMf3HdpYMej3sq457uXGzYUoVLUfD2ZSLyt0wBaw==

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
597 B 637ms
623ms XHR
application/json 2600:9000:200d:d400:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:d400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: e4201d783aa1341b47a2c33ebe52ca61d7fce9b1280b50a2f252f3ed21e05922

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jul 2019 16:43:06 GMT
via: 1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA50
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 312
x-amz-cf-id: LDB1g-D9WKzDpT6RVDwumJfeF7GcEwhyV3rbiLuPe8diSgnIBjbhvQ==

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
312 B 111ms
110ms XHR
application/json 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: 2685f0863936254d069a89f3125189deadb41e7ced4d395cc0a80c1f9dc502eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Thu, 25 Jul 2019 16:43:06 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
360 B 605ms
604ms XHR
application/json 2600:9000:200d:d400:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:d400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jul 2019 16:43:06 GMT
via: 1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA50
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: QXx9Q5-6yHYmKbBn119K8_TTIaYQXS9KH8fht_IqRqimDPMUP6CSYA==

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
175 B 106ms
105ms XHR
text/plain 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Thu, 25 Jul 2019 16:43:06 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
312 B 104ms
104ms XHR
application/json 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: 6f7b2bfce1370da2a9964409421a53cfa3d7e0208a8966847c7c0bedaeb6dcbd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Thu, 25 Jul 2019 16:43:06 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
356 B 231ms
231ms XHR
application/json 2600:9000:200d:d400:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:d400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jul 2019 16:43:06 GMT
via: 1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA50
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: 63xaq_eLUii5Ku32eca3aV0DYgoSR75CvNa-2d5p60evm_l8t1WoYQ==

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
175 B 96ms
95ms XHR
text/plain 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Thu, 25 Jul 2019 16:43:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
312 B 96ms
96ms XHR
application/json 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: 73f4f9b59b2277c66c518265767adfdfc1c8617cb7a36f482f0c577c95835b77

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Thu, 25 Jul 2019 16:43:07 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
175 B 100ms
100ms XHR
text/plain 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.85c53847.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Thu, 25 Jul 2019 16:43:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
312 B 100ms
100ms XHR
application/json 23.23.71.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.71.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-71-11.compute-1.amazonaws.com
Software: /
Resource Hash: 6236eb408ab95709c32008c9eaa29ba202db3afb02de57d83e154b3767e7c211

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://posts.specterops.io/the-curious-case-of-queueuserapc-3f62e966d2cb
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Thu, 25 Jul 2019 16:43:07 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST batch
posts.specterops.io/_/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gist.github.com
URL: https://gist.github.com/djhohnstein/0a876cd83abaab6bb956b7a48178b1eb.js

Domain: gist.github.com
URL: https://gist.github.com/djhohnstein/c843e9856f6da58f1604d03394806c4e.js

Domain: posts.specterops.io
URL: https://posts.specterops.io/_/lite/performance/client-ready

Domain: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js

Domain: posts.specterops.io
URL: https://posts.specterops.io/media/e8d6cc97946f5898abf095d987e121b2

Domain: posts.specterops.io
URL: https://posts.specterops.io/media/76b782ff1a5487ac6a8302b04d70f206

Domain: posts.specterops.io
URL: https://posts.specterops.io/_/graphql

Domain: posts.specterops.io
URL: https://posts.specterops.io/_/graphql

Domain: posts.specterops.io
URL: https://posts.specterops.io/_/batch

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.11d95914.chunk.js(Line 1) Message: -+++++= .+++++= .+@@@@@+ #@@@@: .@@@@@= @@@@@ @+@@@@- =#@@@@@ @ +@@@@: :% @@@@@ @ @@@@-%: @@@@@ @ @@@@- @@@@@ -@- #@@+ :@@@@@: -#@@@#- ## =@@@@@@@= ....... .........
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.11d95914.chunk.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	allow-from medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
collector-medium.lightstep.com
d1z2jf7jlzjs58.cloudfront.net
gist.github.com
glyph.medium.com
medium.com
miro.medium.com
posts.specterops.io
www.google-analytics.com
d1z2jf7jlzjs58.cloudfront.net
gist.github.com
posts.specterops.io
13.32.158.111
23.23.71.11
2600:9000:200d:1e00:19:9934:6a80:93a1
2600:9000:200d:d400:11:f728:3040:93a1
2606:4700::6810:7691
2606:4700::6810:7991
2606:4700::6810:7a7f
2a00:1450:4001:809::200e
2a00:1450:4001:825::200e
52.6.46.142
087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6
09d661a6b89cfec7f33f98b8e7e60e6cce3be66127de13a86e8fcd9541671276
12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192
14b927292a4b76238d7db0e8acf7db43f604c46eefe51aed8c7a5d59c90edb71
1c9ad29823b7828402475a266017105983d25062995c9d90c61d17515bda4f47
21aa72036eda2b8ae31705fe64915eb15857f1fc63392458b45eb04b6acaa79e
2685f0863936254d069a89f3125189deadb41e7ced4d395cc0a80c1f9dc502eb
3299fdd08128227acdd2ac2a6f12f442c422d2a8b3d084b64c8083a41685fe8f
341089615e7efdf1d3017f57515156671dbcb7981e27d935d8a48b2f31434d43
386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572
3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51
3cfd68660fc0feefb7bdf21f1f1506ce12772ba6a59eb925c35c30071351d15e
4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173
4faafbeca62e2a0690db591051b76b2145a7841d5f6114fe19302861bf566cce
6236eb408ab95709c32008c9eaa29ba202db3afb02de57d83e154b3767e7c211
64eb95acef09fbfc5d9449e331460b35b59703c65c716f40d02431d9678aec4a
6cd61b65bdd5e43f9cb46c840f6da04e29a2187f261a34cb51b7fef9142e0489
6f7b2bfce1370da2a9964409421a53cfa3d7e0208a8966847c7c0bedaeb6dcbd
712b81e7b0b3bd40b253d8d61884f567d1da30dc59768b1daf2c28038a7c038c
732a89b17e717d41c53b75d09df8226625d4108bc02b4ad016296d695c43c900
73a263cd64fc2024ad58d3bb01a437115ee427773e5676e3f2dfdab62ddb9c4f
73f4f9b59b2277c66c518265767adfdfc1c8617cb7a36f482f0c577c95835b77
7b974c3bb58ea5ad82b73e4f032fd13b87b3aa4bb88df366ec96da2123bda771
81ab67a50a01c52c9cffc2a0fd8579dd4cbdcd41bb6fe4a7754d2bac02cfad65
8274ce77cdc03012fda59439c2d63c664a7d17eabdfde63ba91722f7f3ee87ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836932ca9919fd581620df92310abdf9042b04724ea17a62767474ae9a150999
83eacaeca7f18a9c03f3a1b70bc5f9db040e54fb7455543d1f18f24d918d4673
84a548a3f01f6d92045be9ae44e89520ed11505928139d831749385a36aee74c
874015e586d93c437a4d3d89344dcd253b380c22a7988d7a563c36d5306cfddf
8765983945a9d5b44d449e388e67793b7664be5e4fb06080ba48a2b7dc61d1ef
968d8608b6da81156d86a1aa91922eeb2f2070e24aa12deacb63cb20ac5174b8
98cab0b271403023d7523b2b8e761dfdcbd1845d141c1f51b2280cb3fb5436dd
99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a57e16ea62acdc89a8b4e6defed5ac7097955913d59f667b8a0b6dc2866588c2
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ac5c63b56bdc79976b394a6e78626fe9f386f61671d703b3fb0df8c4ef86b3ea
ad6e2952113bebbc59aca4f0ba6c1a6d7cef66e0de952872c0776b06d0fa0c34
bed35d59eb5b3d32892f02035bd26479534f231fca1dbb0965131ae962c8231f
c1f7cb42f556775fb3c0f97c9be7bc6e53452ec29f2175e1c4b10183f7722dc4
df12addb716b8c1fdf51f7ecb5c07fec9f665f77dc5363bc04cb644206a62c84
df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4201d783aa1341b47a2c33ebe52ca61d7fce9b1280b50a2f252f3ed21e05922
eacb0667ab0b3b2bf3709448351d1cf4abf76aaa0febd955cafa892408cfc421
ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f50bd1fb366b232e969f3c3e870a879209b67b7552014acfd2b470afb3ee174e
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
fa45b50ea425f76a1b388ae5dcd29499fac297cb3c4deaae50ad189652d53a4f
feb9631447b5581f601397a3ba9775304983a26418a423906cbaf89867601cbe
fff98f7d9292e9fb08e5601ddc5c7408ef958b3d94d3a77a5c76d4c8f5f5fcf6

posts.specterops.io Open in urlscan Pro 52.6.46.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

86 %HTTPS

70 %IPv6

8 Domains

12 Subdomains

10 IPs

2 Countries

743 kBTransfer

2085 kBSize

0 Cookies

24 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

posts.specterops.io Open in urlscan Pro
52.6.46.142 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

86 %
HTTPS

70 %
IPv6

8
Domains

12
Subdomains

10
IPs

2
Countries

743 kB
Transfer

2085 kB
Size

0
Cookies

64 HTTP transactions
4 data transactions