infosecwriteups.com Open in urlscan Pro
162.159.152.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
Effective URL:
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
Submission: On November 22 via api (November 22nd 2022, 12:45:14 pm UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 89 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 105 HTTP transactions. The main IP is 162.159.152.4, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is infosecwriteups.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 16th 2022. Valid for: a year.

This is the only time infosecwriteups.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 23	162.159.152.4 162.159.152.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 77	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	108.138.17.45 108.138.17.45	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:cc00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:ec00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
105	7

23 162.159.152.4 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

infosecwriteups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 2606:4700:7::a29f:9804 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-45.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:cc00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:ec00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	medium.com 2 redirects medium.com — Cisco Umbrella Rank: 9411 glyph.medium.com — Cisco Umbrella Rank: 20335 miro.medium.com — Cisco Umbrella Rank: 13320 cdn-client.medium.com — Cisco Umbrella Rank: 20917	1 MB
23	infosecwriteups.com 2 redirects infosecwriteups.com	64 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 962 api2.branch.io — Cisco Umbrella Rank: 619	24 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	app.link app.link — Cisco Umbrella Rank: 1714	579 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1039	6 KB
105	6

	Domain	Requested by
43	cdn-client.medium.com	infosecwriteups.com cdn-client.medium.com
23	infosecwriteups.com	2 redirects cdn-client.medium.com
19	miro.medium.com	infosecwriteups.com cdn-client.medium.com
13	glyph.medium.com	infosecwriteups.com glyph.medium.com
4	api2.branch.io	cdn-client.medium.com
2	www.google-analytics.com	infosecwriteups.com cdn-client.medium.com
2	medium.com	2 redirects
1	app.link	cdn.branch.io
1	cdn.branch.io	infosecwriteups.com
1	static.cloudflareinsights.com	infosecwriteups.com
105	10

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
tryhackme.com
www.rapid7.com
attackerkb.com
nmap.org
www.openssh.com
www.webmin.com
metasploit.com
galton.org
scottlocklin.wordpress.com
towardsdatascience.com
arxiv.org
doi.org
github.com
www.oreilly.com
apps.dtic.mil
www.researchgate.net
weekly.infosecwriteups.com
creativecommons.org
policy.medium.com
0xm3h51n.medium.com
help.medium.com
itunes.apple.com
play.google.com
blog.grahamzemel.com
systemweakness.com
medium.statuspage.io
about.medium.com
blog.medium.com
speechify.com

Subject Issuer	Validity	Valid
infosecwriteups.com Cloudflare Inc ECC CA-3	`2022-01-16` - `2023-01-16`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.branch.io Amazon	`2022-10-11` - `2023-11-09`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
Frame ID: CF7A214FC653B9A99484E83D8EE5DDF2
Requests: 105 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TryHackMe writeup: AttackerKB. This article discusses the AttackerKB… | by Aleksey | Nov, 2022 | InfoSec Write-ups

Page URL History Show full URLs

https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-... HTTP 302
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=cf3459c1eef HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-... HTTP 302
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

105
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

10
Subdomains

7
IPs

2
Countries

1545 kB
Transfer

3736 kB
Size

10
Cookies

89 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=---three_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F48cef82cfefa&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderCollection&%7Estage=mobileNavBar&source=---three_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&source=post_page---three_column_layout_nav-----------------------three_column_layout_nav-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&source=post_page---three_column_layout_nav-----------------------three_column_layout_nav-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fnotifications&source=---three_column_layout_nav-----------------------notifications_sidenav-----------
Title: Notifications

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Flists&source=---three_column_layout_nav-----------------------lists_sidenav-----------
Title: Lists

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fstories%2Fdrafts&source=---three_column_layout_nav-----------------------stories_sidenav-----------
Title: Stories

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---three_column_layout_nav-----------------------new_post_sidenav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&source=-----48cef82cfefa---------------------smart_meter-----------
Title: Sign up for Medium and get an extra one

Search URL Search Domain Scan URL

URL: https://medium.com/@EpsilonCalculus?source=post_page-----48cef82cfefa--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F77f9fadd00da&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&user=Aleksey&userId=77f9fadd00da&source=post_page-77f9fadd00da----48cef82cfefa---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F48cef82cfefa&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&source=--------------------------bookmark_header-----------

Search URL Search Domain Scan URL

URL: https://tryhackme.com/room/attackerkb
Title: “DarkStar7471” 2020

Search URL Search Domain Scan URL

URL: https://www.rapid7.com/
Title: Rapid7 (n.d.)

Search URL Search Domain Scan URL

URL: https://attackerkb.com/about
Title: AttackerKB (n.d.)

Search URL Search Domain Scan URL

URL: https://nmap.org/
Title: nmap (n.d.)

Search URL Search Domain Scan URL

URL: https://www.openssh.com/txt/release-7.6
Title: OpenSSH (v. 7.6p1)

Search URL Search Domain Scan URL

URL: https://www.webmin.com/
Title: Webmin (n.d.)

Search URL Search Domain Scan URL

URL: https://attackerkb.com/topics/hxx3zmiCkR/webmin-password-change-cgi-command-injection
Title: AttackerKB, n.d.-b

Search URL Search Domain Scan URL

URL: https://attackerkb.com/assessments/4601b37d-1e68-494e-be8b-c45be7ad424c
Title: “wvu-r7” (2019)

Search URL Search Domain Scan URL

URL: https://metasploit.com/
Title: Metasploit (n.d.)

Search URL Search Domain Scan URL

URL: https://www.webmin.com/exploit.html
Title: Webmin (n.d.-b)

Search URL Search Domain Scan URL

URL: https://galton.org/essays/1900-1911/galton-1907-vox-populi.pdf
Title: Galton (1907)

Search URL Search Domain Scan URL

URL: https://scottlocklin.wordpress.com/2016/11/09/my-favorite-photo-of-this-wacky-election/
Title: Locklin 2016

Search URL Search Domain Scan URL

URL: https://towardsdatascience.com/why-you-should-care-about-the-nate-silver-vs-nassim-taleb-twitter-war-a581dce1f5fc
Title: Faber 2018

Search URL Search Domain Scan URL

URL: https://arxiv.org/abs/2007.16096
Title: Taleb et al. (2020)

Search URL Search Domain Scan URL

URL: https://doi.org/10.1111/j.1540-6261.1978.tb02051.x
Title: Snyder (1978)

Search URL Search Domain Scan URL

URL: https://tryhackme.com/p/Horshark
Title: Horshark (n.d.)

Search URL Search Domain Scan URL

URL: https://github.com/horshark/akb-explorer
Title: GitHub - horshark/akb-explorer: A command line tool to search AttackerKB.A command line tool to search AttackerKB. Not much to do, you just have to clone the repo and install the required…github.com

Search URL Search Domain Scan URL

URL: https://medium.com/membership/@EpsilonCalculus
Title: https://medium.com/membership/@EpsilonCalculus

Search URL Search Domain Scan URL

URL: https://medium.com/@EpsilonCalculus/list/technical-writeups-63f8cfbee59c?source=post_page-----48cef82cfefa--------------------------------
Title: View list

Search URL Search Domain Scan URL

URL: https://www.oreilly.com/library/view/linux-security-cookbook/0596003919/
Title: Barrett et al. (2003, pp. 72–101)

Search URL Search Domain Scan URL

URL: https://apps.dtic.mil/sti/citations/ADA610495
Title: Miller (2013

Search URL Search Domain Scan URL

URL: https://www.researchgate.net/publication/336838659_Exploit_pricing_-_analysis_of_the_market_in_digital_weapons
Title: Ruef (2016)

Search URL Search Domain Scan URL

URL: https://doi.org/10.48550/ARXIV.2007.16096
Title: https://doi.org/10.48550/ARXIV.2007.16096

Search URL Search Domain Scan URL

URL: https://weekly.infosecwriteups.com/
Title: Join our weekly newsletter

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by/4.0/
Title: Some rights reserved

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fbugbountywriteup%2F48cef82cfefa&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&user=Aleksey&userId=77f9fadd00da&source=-----48cef82cfefa---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/bugbountywriteup/newsletters/infosec-writeups?source=newsletter_v3_promo--------------------------newsletter_v3_promo-----------
Title: Take a look.

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=newsletter_v3_promo--------------------------newsletter_v3_promo----------41c32b933ede-
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2F41c32b933ede&operation=register&redirect=https%3A%2F%2Fmedium.com%2Fbugbountywriteup%2Fnewsletters%2Finfosec-writeups&collection=InfoSec+Write-ups&collectionId=7b722bfd1b8d&newsletterV3=Infosec+Writeups&newsletterV3Id=41c32b933ede&user=Anangsha+Alammyan&userId=6e2475a6e38a&source=--------------------------newsletter_v3_promo----------41c32b933ede-
Title: Get this newsletter

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fbugbountywriteup%2F48cef82cfefa&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&collection=InfoSec+Write-ups&collectionId=7b722bfd1b8d&source=post_page-----48cef82cfefa---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@infosecwriteups?source=post_page-----48cef82cfefa----0----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F5d6cd7507ac4&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fiw-weekly-34-attacking-saml-2-0-5d6cd7507ac4&source=-----48cef82cfefa----0-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page_footer_cta_write-------------------------------------
Title: Write on Medium

Search URL Search Domain Scan URL

URL: https://0xm3h51n.medium.com/?source=post_page-----48cef82cfefa----1----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/malware-analysis?source=post_page-----48cef82cfefa---------------malware_analysis-----------------
Title: Malware Analysis

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fabd7803fcab&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fmalware-analysis-5-eternity-project-eternity-worm-abd7803fcab&source=-----48cef82cfefa----1-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@frank.leitner?source=post_page-----48cef82cfefa----2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----48cef82cfefa---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc45e7e53c775&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fwrite-up-reflected-xss-into-html-context-with-nothing-encoded-portswigger-academy-c45e7e53c775&source=-----48cef82cfefa----2-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@anmol.sh?source=post_page-----48cef82cfefa----3----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/hacking?source=post_page-----48cef82cfefa---------------hacking-----------------
Title: Hacking

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa5110a9c65e7&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fdeep-dive-into-hidden-web-a5110a9c65e7&source=-----48cef82cfefa----3-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@infosecwriteups?source=post_page-----48cef82cfefa----4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/infosec?source=post_page-----48cef82cfefa---------------infosec-----------------
Title: Infosec

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F2a5bae0bbe5a&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2F4-videos-to-help-you-at-the-start-of-your-infosec-hacking-career-2a5bae0bbe5a&source=-----48cef82cfefa----4-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----48cef82cfefa--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----48cef82cfefa--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----48cef82cfefa--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----48cef82cfefa--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----48cef82cfefa--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----48cef82cfefa--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----48cef82cfefa--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&source=post_page---three_column_layout_sidebar-----------------------three_column_layout_nav-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&source=post_page---three_column_layout_sidebar-----------------------three_column_layout_nav-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/@EpsilonCalculus?source=---three_column_layout_sidebar----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F77f9fadd00da&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&user=Aleksey&userId=77f9fadd00da&source=post_page-77f9fadd00da--three_column_layout_sidebar-----------------------follow_profile-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2F7d3cd3c64074&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&newsletterV3=77f9fadd00da&newsletterV3Id=7d3cd3c64074&user=Aleksey&userId=77f9fadd00da&source=---three_column_layout_sidebar-----------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://blog.grahamzemel.com/?source=read_next_recirc---three_column_layout_sidebar------0---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------

Search URL Search Domain Scan URL

URL: https://medium.com/the-gray-area?source=read_next_recirc---three_column_layout_sidebar------0---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------
Title: The Gray Area

Search URL Search Domain Scan URL

URL: https://medium.com/the-gray-area/hacking-a-locked-windows-10-computer-with-kali-linux-82298bc28974?source=read_next_recirc---three_column_layout_sidebar------0---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------
Title: Hacking a Locked Windows 10 Computer With Kali Linux

Search URL Search Domain Scan URL

URL: https://medium.com/@EpsilonCalculus?source=read_next_recirc---three_column_layout_sidebar------1---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@dw3113r?source=read_next_recirc---three_column_layout_sidebar------2---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------

Search URL Search Domain Scan URL

URL: https://systemweakness.com/?source=read_next_recirc---three_column_layout_sidebar------2---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------
Title: System Weakness

Search URL Search Domain Scan URL

URL: https://systemweakness.com/basic-pentesting-cheat-sheet-c43e1647c753?source=read_next_recirc---three_column_layout_sidebar------2---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------
Title: Basic Pentesting Cheat Sheet

Search URL Search Domain Scan URL

URL: https://medium.com/@foxyhacks?source=read_next_recirc---three_column_layout_sidebar------3---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@foxyhacks/hack-the-box-walkthrough-metatwo-19a0a199a32?source=read_next_recirc---three_column_layout_sidebar------3---------------------234abc4d_fb83_4927_a659_9d247f157e6a-------
Title: Hack The Box [HTB] Walkthrough: MetaTwo

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=---three_column_layout_sidebar----------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=---three_column_layout_sidebar----------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=---three_column_layout_sidebar----------------------------------
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=---three_column_layout_sidebar----------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=---three_column_layout_sidebar----------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=---three_column_layout_sidebar----------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=---three_column_layout_sidebar----------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=---three_column_layout_sidebar----------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://speechify.com/medium?source=---three_column_layout_sidebar----------------------------------
Title: Text to speech

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa HTTP 302
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=cf3459c1eef HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa HTTP 302
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request tryhackme-writeup-attackerkb-48cef82cfefa Show response
infosecwriteups.com/
Redirect Chain

https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=cf3459c1eef
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa
https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

218 KB
48 KB

1108ms
1106ms

Document
text/html

162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a76f4f097b02247221fd1e61654fbcae1f19b748d42d090a8ee6fc03f468ae7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76e1c2a43c119060-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Tue, 22 Nov 2022 12:45:07 GMT
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, lite/main-20221122-002045-a25d6400b6, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
medium-missing-time: 305
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 914
x-request-received-at: 1669121106704

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76e1c2a2bf049031-FRA
content-length: 0
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/plain;charset=UTF-8
date: Tue, 22 Nov 2022 12:45:06 GMT
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 0
x-content-type-options: nosniff
x-envoy-upstream-service-time: 48
x-frame-options: sameorigin
x-obvious-info: 20221122-0857-root,095a2202
x-obvious-tid: 1669121106466:122485c8809a
x-opentracing: {"ot-tracer-spanid":"3f5612697d8d2b22","ot-tracer-traceid":"438616e8eb67aec7","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 unbound.css
glyph.medium.com/css/ 18 KB
1 KB 113ms
102ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 282
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ab3b9a9177-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 22 Nov 2022 14:45:07 GMT

GET
H2 200 1*MZZ3mE4V15WMzCz80juevQ.png
miro.medium.com/max/720/ 184 KB
185 KB 85ms
69ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*MZZ3mE4V15WMzCz80juevQ.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dfc9a2ee55f23ce9d186df2930e546ef15dd08f05154d83e7b2463351c0e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77763
x-envoy-upstream-service-time: 267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188707
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221118-171949-4cd2abe4aa
accept-ranges: bytes
cf-ray: 76e1c2ab7c279177-FRA
expires: Thu, 22 Dec 2022 12:45:07 GMT

GET
H2 200 manifest.2aa413d1.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 96ms
81ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.2aa413d1.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f664741b9a09d85abb3a88e128d955477d7e8e4d9b625b3b8f32af49faeacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: RU7siZf_EEthymSJPL8COdhBF5DeLFKu
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2RS19RDC7G9Q4R6E
age: 43803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qpMYdKkvvvcHWKp3tWrJ2iAYVnbbhdQ6SjKkPG7mhEmz7lx4lx1Zp8Ht/Cto0aBd1h6KnUQysR0=
last-modified: Mon, 21 Nov 2022 23:28:43 GMT
server: cloudflare
etag: W/"7e4be47706722108eaca7f9c46bd9278"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2abbcb89177-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H2 200 3034.5bf7db30.js Show response
cdn-client.medium.com/lite/static/js/ 698 KB
216 KB 98ms
82ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

955c47ee44b0feca62780cf5cb5aaba68e9fe3a04677da7795a333c19bc572e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: y1rYgVhPualMEnaz6jRgLipmQEO8IsWZ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TKBCH6NBJQ8Z13X0
age: 1137980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: AUsXzcuegx1uEV4qBtmPsXVrs9yGeDzF0mujF+pDrFUlTnEkugR8EYgN7dmyhbNbmJISlX4v/7s=
last-modified: Wed, 26 Oct 2022 07:23:02 GMT
server: cloudflare
etag: W/"7110b0720ae180303abf08a9f0824e88"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2abbcbe9177-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H2 200 main.0ccc29bc.js Show response
cdn-client.medium.com/lite/static/js/ 783 KB
194 KB 96ms
81ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.0ccc29bc.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c670d76000cdea87d941b06c284daa5d27948741beeb0f72c3d6e57319a34b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: 0PJhcVWimotYdfFNoZJ5dCaWKj_p5JFS
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3YKS7TF6CX7CZRJZ
age: 61316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pavnhHcBJIJ08iweQJGW1QmhZFOkNjSqY/q21SlMByhNMkHVWXvw5O8w6ybtEtdeyQuIoXcUQ/A=
last-modified: Mon, 21 Nov 2022 19:37:08 GMT
server: cloudflare
etag: W/"d2c1bb52389325c753f64aa1609bb085"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2abbcbc9177-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H2 200 instrumentation.c71f0248.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 97ms
82ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: 5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DN80NP6MC45XWT2W
age: 329420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XL/2Jb9u14qm8cCj//wgdYe0Ggn1t1G4gX21uBRkpd82xhiecCSbOyioU4BrWRYiv2q6edekGpo=
last-modified: Wed, 07 Sep 2022 22:21:02 GMT
server: cloudflare
etag: W/"1c4019035217766e8fa41b4d396c90c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2abbcbb9177-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H2 200 8732.9d4e0df2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 65 KB
19 KB 96ms
82ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8732.9d4e0df2.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008b735b5e27e2ddea50ac42eeaef63fae74d969ff15e3144c7b9f7c927baffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: NxzGjDoZXtQ2GwkHKvwxxgw5Nexyfnov
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VKC99QTCBK1JJRSK
age: 1105550
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: q5KO0l+kDDFVGCiz9TdU1XKQr813wXW0hWzBb+kJKHGPuS2cbr/qlFqjRQD4lviAyLSsWb0H0qU=
last-modified: Tue, 28 Jun 2022 21:50:52 GMT
server: cloudflare
etag: W/"6282534288238b33d8aa9c488837d8c9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2abbcb99177-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H2 200 3447.cd943c14.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 94ms
80ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3447.cd943c14.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de01b5fb6969fb2f6f0d7adfb92efa823702c9e79e32a3b1df88f054bf5d2a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: 3vkJ5U9x41hZTKHTbDyQm9B0T44vAPTB
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: EVT9A5H5M3Z2CWGK
age: 502713
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UuYqhcpMHsrHsQJ9vMwzLhlE9X7wzU4ShGYD9cQDdaqKtCAypyZyii9ecDPnblIB1YPNkPvdTRQ=
last-modified: Wed, 19 Oct 2022 16:46:43 GMT
server: cloudflare
etag: W/"66dcb6304903bc61b4001d3e5a27f304"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2abbcb59177-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 AppLayout.1bb144ce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 114 KB
22 KB 75ms
73ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AppLayout.1bb144ce.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

781d4f9fcc104660e0eed26d06c5e63b83713ae6c465ab0c5cb2c31da6b2e784

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: HdjSFVfwf5C3L2.TlSTep.Zur2LzDYBa
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2RS5S39KVVWWW96T
age: 42813
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cxjuEiePwH/5ebF5AeKrHiKuy+Y3u/7IZzbVU3sRnXZhAqDiPGWF/zTtBk6wfG4TgSSHbXht2ys=
last-modified: Mon, 21 Nov 2022 23:28:05 GMT
server: cloudflare
etag: W/"a3f3b9b6748431a7ba99a170c67acabb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d8a9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 reporting.bbdcaa9d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 121ms
119ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2R4YTKBCDDS6HF3J
age: 663771
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified: Fri, 01 Jul 2022 00:11:40 GMT
server: cloudflare
etag: W/"72bc359fe3377069bd162b3be6ed3d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d8d9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 9658.17030d28.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
1 KB 122ms
120ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9658.17030d28.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

601f0395312c80eca646294da8644382a9187a1ba327cd2e61afeaebf72d404c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: LU4sW2n.29KPKm37dv0UiACV943hIOiN
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W2PN8GSGWHAHQJ9Z
age: 309158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zcUAQn0HWwZuYfxpPxJrwGEaUadYpYRbalVguqAYCRPp4TaHIYxWesViclQc9OGHGbVwAGwOaRg=
last-modified: Fri, 04 Nov 2022 21:15:59 GMT
server: cloudflare
etag: W/"980d4d6173178591ee5013487f00755c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d909031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
11 KB 123ms
120ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KZ14F4DJ39Z3KD31
age: 615775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified: Tue, 25 May 2021 18:36:29 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d929031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 1961.72b183c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 124ms
121ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1961.72b183c8.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

020cd8f8d0924d2122db07b848a8bd3217502a2cac01ab2349d71d6b8efce2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: 2UFNHQ528nazPWxJLXg3xgI4xct9fQKg
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Q560EA8RWSJNZ228
age: 69143
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5nJF/5DbOofSrJm286aWs7mzJkI6QEw1wqXGxYOJ3CaAegeeOkDjXIHWD5G3HflQDdr5fkFLhk8=
last-modified: Mon, 24 Oct 2022 03:04:44 GMT
server: cloudflare
etag: W/"3f014355f94dd90a298dfaea41b43523"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d959031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 5472.a7dd22a2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 124ms
122ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5472.a7dd22a2.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: gSXxPhc0hcRrksmL2PGhPrVOkWw4VC83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TYK0PEA01R37Z2AF
age: 313776
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /HTy1mXHJwPGew/xYMqQ7tFbF5Jg3lNbiP2FCK1QESRXm8fU5OQ78/pj2bTQ3xJ5WF5PwhIz13s=
last-modified: Fri, 21 Oct 2022 21:04:08 GMT
server: cloudflare
etag: W/"bfe1dd364c3e6da6632a1d6c3b6fb9a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d969031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 1566.249d6842.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 125ms
122ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1566.249d6842.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

850aaadf9940e3bc3a6c6610a04d7a6d4f4914640f8eca6ea2f6846617e24891

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: _ByhOuxK6knmAERkLcDYE0rgOLT4uoCy
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: WSV17MFMSD92GBTV
age: 571809
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: SX3UqXfq4qNfJZP27MGJ1OaJAkSiHWUSfcRTpxsFtRGj1EnhDK42zu5E4QntojAfzhKzlwAtdZs=
last-modified: Tue, 01 Nov 2022 19:49:17 GMT
server: cloudflare
etag: W/"ef84589050e1681de4badd92e27f9092"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d979031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 2981.3c13b705.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 125ms
122ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2981.3c13b705.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2cfff7f9e5ae872a94184b0fc2a35af5c0c1687ba0099349708d02972ba0e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: flgBQ3ITusZieO73Mu0xsSFY2vYmHZMO
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VP9RBAQK0GXSF95J
age: 683137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Tg8vtbqTsgAOFtd/8IGSjt/HyZ6t+xQ8455LuQ09mi0EU7RrMx2snMBTF70/Bl3Fj8gqMwap+f4=
last-modified: Mon, 17 Oct 2022 13:57:10 GMT
server: cloudflare
etag: W/"5f0c27fb992a26bd3f0d8b1937fc0595"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d999031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 1627.d634427d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
1 KB 125ms
123ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1627.d634427d.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

722118b3904fc84b418dcf0b58f71df9a023d4f0dba573d37b7f239128139669

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: m3SQPLqlgB1mHe127U3_aSSPWHiytLy5
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: SX3EQBD2A741PNT9
age: 354440
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZmPE4cOaSSiPvBquvmWRKurOApsRs7ncv9BXOrVQKnLDYl1BMgeA+dj+2g3SbSmuHPjboAhm2Cs=
last-modified: Thu, 03 Nov 2022 11:11:04 GMT
server: cloudflare
etag: W/"7d7fcce1e43aa009b88c45f2e77a22d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d9e9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 3115.e2c29797.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 132 KB
38 KB 126ms
123ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3115.e2c29797.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7684af0eaf8bb3c4caf740ad39e27a0020f2c196d63ccc2eabc9848e210f4703

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: aOViubQ9YEAu1QOF4aQW9wVuZZ8c08df
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0DKF3KBMV3G986E0
age: 57166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XHWxS00ic/iMR24V4dem1hoADoXUeM0B/M5AA4PatWO6MUjPrNiIJgNRl9DQPXZ9dP+ZGw766Qc=
last-modified: Mon, 21 Nov 2022 20:28:58 GMT
server: cloudflare
etag: W/"b0f6acf3d2ed9e729ffa505e4e1ec350"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3d9f9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 4869.b295fc9d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 160ms
157ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4869.b295fc9d.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e791eab5353305b0759468002527abbd57394578f316c23fbe6e4d328eb4cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: VJmBoRwUC4qOME3KibvLQxdYvUiDdG0q
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: WHACM2PKH7JR7FED
age: 1171262
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KPDAe4pTHwtTc/7oi0/i+/hVT3wntTqkxT/8sBRovcE9kRIznitPzBt07uTq809Z+3Sa8uE2E4o=
last-modified: Thu, 27 Oct 2022 18:06:00 GMT
server: cloudflare
etag: W/"a0f5d01998daff7f114343030c119e8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3da19031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 6336.6353f868.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
4 KB 161ms
158ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6336.6353f868.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8208ed3f5800f2f02cc71aaf1aa172cc36366ac6b668675b5b37fe7181db33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: P20dW67vNiBWSsMUWJtPZu36oImbtXva
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N0WAXP6JA0DP8PKJ
age: 1208898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VNPZdrlNPvedE9gwqgaXlSm7bomV/wLmf2ob6yjJJvFh4jfTm0pQT1Glcol7Qyykqen2wMyEmU4=
last-modified: Mon, 07 Nov 2022 20:08:10 GMT
server: cloudflare
etag: W/"b9826131f30281b3ca262505fed0d243"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3da39031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 5530.62d482b5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 161ms
158ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5530.62d482b5.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6918d67d2cf1cfb21b1e587eb88aa22abe1a18731b9c450bc0371716f31dd4ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: DjDvwhqG2qZKWW1N0v.RgKi0qPX1F9MY
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B7VWN9PB5F5PCVTC
age: 309402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uarjRMO2KkVEZ09GbgQPNlXK4bl47orre1k28gHPKvXslk9H5amak2BfqLcAAGadAdjRfMoK8eQlFM8+gFrEJA==
last-modified: Fri, 04 Nov 2022 21:15:54 GMT
server: cloudflare
etag: W/"7bb878a1f93b51df06224da400b13c45"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3da59031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 5067.a8ee57d4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 161ms
158ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5067.a8ee57d4.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

918503ebbe8177e0fed395cc32b4f36689e33305bcee15bdf5573441a3c1cb07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: DK5MgDv6JkPDSKy2o.B2Ioxr.OiXr46R
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: P0FJ3DN9Q2TG3XT6
age: 486818
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ejTALg3DG6rFEnZ4JkAv1WUe74YgZqAgW0KoiEOXZUxNyOYT6vtPgKnjEPMF8c2QgaIF/rmtalI=
last-modified: Wed, 16 Nov 2022 17:36:33 GMT
server: cloudflare
etag: W/"bf14256ecf50ec1714e1b09c84f1da5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3da99031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 5429.66526483.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
6 KB 162ms
159ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5429.66526483.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726d058aea44f24469de003137d8d5e1c54ac2b2f3ab7dcc52f39dece2d2ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: mg7VQjWGtyu6ewEthW6n7JT5l8aeQymN
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: K1AX0DHHCZJMBF3B
age: 76672
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zr5s83VMlVQjaG4Tgvy0g4dWqA7UenFQkesapZfzEZZAc/DO0iEndq1S/JoOZd10wo5KVbaRnCJBf1KYiu8QkA==
last-modified: Mon, 07 Nov 2022 15:03:32 GMT
server: cloudflare
etag: W/"11387a3ebfa4e7095da955bf2b3155f3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3daa9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 7070.9daf5359.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 16 KB
5 KB 164ms
161ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7070.9daf5359.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89716be7d15a49a6a138a59d2870795274f7308291864a3bd32a57871c89aadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: r_KhEvkO3Nh_6kx1eOr.aNhQngcGCtM1
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N0WE3TB8V59S2KY9
age: 1208898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: apSLpY0NqrkC5YVxl8MOe0V8+yeQv5dDYa4+5Nl2dKJLao2/DnbvvTCpQfJteIQEd03hyYb5Ra4=
last-modified: Mon, 07 Nov 2022 20:08:11 GMT
server: cloudflare
etag: W/"048c955a3bb9bd72394beee57c5d3fa3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dab9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 1462.0f88af6f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
6 KB 165ms
162ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1462.0f88af6f.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

821d90fc9ae6cc1796468c1f16a94b21f246827b06e003a42288346f499f3227

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: m9BqEqZKch.mwEAZf7fkQ1fwnFsjE5oC
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B7VPZS8JATD11F3K
age: 309402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /teLbd/gA+jmhiQTiMxce3HCDMxgGfyHkO2AkJnD941mQRYhafnceyzYnNPjmZKqNvy10wY7Di4=
last-modified: Fri, 04 Nov 2022 21:15:48 GMT
server: cloudflare
etag: W/"00b063d37ee63d79395f703b6f28dddc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dae9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 6804.b85aab69.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 32 KB
11 KB 177ms
174ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6804.b85aab69.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ea0c6d12d6715d8a6fbee9173eff895ac2e0c92190afa970cd76793caff9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: .3QoTc4thYsvAmc6.F0EDMO3pSJaZJN1
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B7VMBP3S4FY8CWKT
age: 309402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vAd9Zs1TZtmwej2HHlT3IPV4NaftmqGSgkgFCgSOhGfb24OajDKytU+B+NMp8emEnT58r4DvZqo=
last-modified: Fri, 04 Nov 2022 21:15:55 GMT
server: cloudflare
etag: W/"f12dc3b030f2ebb3cc39b19c3b824853"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3db09031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 864.caaeb92a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
4 KB 197ms
193ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/864.caaeb92a.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9baef641401ba65d7ebe761277b0ce688c0af5b92b29dad9c7e5835fbf0383c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: gtOIsfbBFfiHmhig4YrpbANB2Jk9DZhG
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B7VP9Q6ZF2WK0MMV
age: 309402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZBRx1jfTjGTK/h/b7Yj1eWmmxjhcYVja4hMybK5avi0Q49q2IBzRhIIsj0Xz7qTLdyArz6sxJ2E=
last-modified: Fri, 04 Nov 2022 21:15:57 GMT
server: cloudflare
etag: W/"db7b9d03cc0674255040b82e5300a0aa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3db29031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 7589.609641bd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
4 KB 197ms
194ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7589.609641bd.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6acdc99f435d425b7bba029bd16b215b4a3c2913cefe77332992d0970874475b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: rppO3pdfMrol3z6UXJA.ucS_7ivnxdlo
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F5CYXZS3G58BDBNM
age: 1030553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mXRxOZGF2fd3NMCj4Snjoe7YGZLLSKVgDy83WNEXrTmKh6Q55V+jXX24+MbJ8/6r1sPSSg/mf7c=
last-modified: Thu, 10 Nov 2022 14:19:42 GMT
server: cloudflare
etag: W/"e9b52d8f8e92c22819d0ce937ca1a939"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3db49031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 2519.cd863424.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 210ms
206ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2519.cd863424.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55aa91a5859a6f9f80c383e57195f5dfb4c59a211527776306bf971e7775e512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
x-amz-version-id: q0PLN0KwgJtxst.lDwVBoneYFxrwD1fk
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TMFMBSQFP07ZSYKB
age: 893873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /QE5sh0xFTbtRhc35nLct766GqnR48hopNG94z557wrjPTe+EyMtXgyCAlppc+jzVuJl6+Ys8JY=
last-modified: Tue, 25 Oct 2022 13:46:44 GMT
server: cloudflare
etag: W/"ac923f9af503514aa0727a52b7f3bef6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3db79031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 5722.1a858fbd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
7 KB 198ms
194ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5722.1a858fbd.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6c893a073552f4a84990ac61c4b1402f292eea1fd93082c79fff8a18d5161b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: zRUqmBt0cBArS9wvhitDSGgH6YopREcP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: M0ERTJV4W2DCNVY2
age: 1030553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DkVzQ/xrywAvt93w51iUx5o/nDzzXmGqiyqNZizuSQ/+DUsNK/1DnyE8n0UJVCxI450mw3EmgAI=
last-modified: Tue, 08 Nov 2022 21:48:30 GMT
server: cloudflare
etag: W/"f51b22fb71249490f758ce3213112737"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3db89031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 4897.9582ba06.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 198ms
194ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4897.9582ba06.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bbe50ac7cc6cac42792dca94f357c04f3639a85114c6210c3266f9322f7d350

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: sKAUDU_hPJTlDRxn_ylKer2mW1.XlLRB
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TZPKP4GG1P9PEXAS
age: 904233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ilT3yuhvwqCMFmgcyBcpRpn3Mb5Z8lCrnCldVF6A+OClgeCIxIoQn5giYEee+bbkgwoNEqxzKss=
last-modified: Tue, 25 Oct 2022 13:46:48 GMT
server: cloudflare
etag: W/"ee10ac9c3480a5f37e6e78215ec30e82"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dbc9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 6912.32116829.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
2 KB 199ms
195ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6912.32116829.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bccaab228d8683e2292c683c73b54ab145855b33f5bce0884b4b15c5fe1fcb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: bvWKJjmv3APLMBo6vryDjaLiZ.5lUghI
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: SX3108JYQ1CAD2MQ
age: 354442
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uAwbJjWcjalNZob6iozAPdYa+bA/LYT0OdK9KMUNxFT+97ZyH0w/Mi91CdbEjCMZDnRKyn6GBas=
last-modified: Thu, 03 Nov 2022 11:11:11 GMT
server: cloudflare
etag: W/"8a542445b415876feab2407b21f58d20"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dbd9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 8051.a24cf86b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 59 KB
14 KB 199ms
195ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8051.a24cf86b.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bea4fdb2d41823fab9900e584dea8475f583c4d2a9a5076e19f390d7e3aad75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: Is6s61vjYEap_JRC6QEsHsyX3cilUQ21
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5G2FV0V58WG3X9V7
age: 1092974
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XVmil7yQV8rnh3dtL3Zm9nZKVyPH3wbio3OEpIqDJP7BapryfV3vteG1v+864ZYuQDMzWxnWrYWWLoX2eufGog==
last-modified: Wed, 09 Nov 2022 20:02:58 GMT
server: cloudflare
etag: W/"23a2f39f401f238f9d7ff8bdb01c990f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dbf9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 8501.f175441a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 40 KB
11 KB 199ms
195ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8501.f175441a.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

809ba9226007941b97a6cfbec74ce39c57e7ac06d6e107a677f8acd1f4752bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: t_hAWmdStzEYFbrmqHJKq_py0UuoWyaI
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B7VMNCPJEC2E5Q1R
age: 309158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: z5xAY4qoqXV5QNfiFtaZDX8tkLdUFVXeQ2JzCUWe2vPbxW1eKwgJrpxnwgS2CNP6wyRzxhBSryY=
last-modified: Fri, 04 Nov 2022 21:15:57 GMT
server: cloudflare
etag: W/"28ccec4dad0d38d3ce44b650d1534f26"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dc69031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 3443.94fea087.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
6 KB 200ms
196ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3443.94fea087.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e801d341c9fb573d7b77c2875c624de568058db94d854cf42769480dd1c41e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: uADSQS7FWz68_0YdSKjfE3ctp_yiQRn9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: V1HG30RQ3STQN7C5
age: 1090563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5W5M9SkDUH9gUwcZXJY6tvhtgILUW9R1cxijU+btZp0wHILjtWPMxU//ScH6ye4a
last-modified: Wed, 09 Nov 2022 21:17:53 GMT
server: cloudflare
etag: W/"1f0d301eb3e0617292e38be4619aa7c2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dc99031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 7129.bfaa754e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
7 KB 200ms
196ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7129.bfaa754e.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4d35c7a9d627398567e75636b5a070fda249db29eac7b19bdd8077a43468887

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: JHV0H4.jbSO5KhhHY0ueuzW3oLpFmbF2
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: K92689KFZ5F3HNRB
age: 394269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ih0l4lwU8XjcVwi3SPLIHrwVh70ovDZhtxpb+s2PK2NRNMDnJQj3qVJEjArnC5ZAHRmSAtd5X0Q=
last-modified: Thu, 03 Nov 2022 21:15:48 GMT
server: cloudflare
etag: W/"0db7ee9db293738b618fa7bb5dcf7fd3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dcd9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 PostPage.MainContent.d2ea976f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 124 KB
31 KB 201ms
196ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.d2ea976f.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bce06057674aa788554a6668def4d408f3758c60aa97be8699f85055bfc4e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: 16wNnGRPWfRGfUDyu8InmNeMqKDynyED
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: K1AP329KWACN51D5
age: 76672
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: TG1+DcQS7gV/aaCX+p0D5QJ7td6ibmC300rqXARE7QH1O+fK/j0ymK6Y6UHfspRrOjAol2wWPxg=
last-modified: Mon, 07 Nov 2022 15:03:52 GMT
server: cloudflare
etag: W/"abd262a3fa3463dfcc4f9f69d7a62828"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dd09031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 8261.71f0be0b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 203ms
198ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8261.71f0be0b.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec9b61d189ad62f5a110d705b276d7103317bd81cd98cab2e0a31c32bd4d8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: OmJw3pYjMHPHWEnTSxFCjxbSRjs8z4il
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: SAJZGEH09YVE5CRM
age: 1200978
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Tt30++uTqdqGcPLmrwmHBsR3NATGHWY9xoeYM8aq3XwPy5M8/qhg6TIDKYgVBC95XUw0rA107ukxi/AzZ1m9GA==
last-modified: Tue, 08 Nov 2022 11:17:41 GMT
server: cloudflare
etag: W/"bc3a0dfca926858ea161e403971d66f4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dd49031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 5180.78a0b411.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 37 KB
3 KB 211ms
206ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5180.78a0b411.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2fe2932db605a8129795c1d290e396208478d8dbc9f09f0ba94961d8c1122ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: Dz9DfoRVlmvR1TMkmoxvqM2AbaWzqH2r
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: SX35CPXJBGQZQM18
age: 354441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3LhVNmi3U8/YH9SvZ2B7sllen0k6MCFSl4fqOAzx0u1E7nsIJeTa5iA+WZzEzRH3/Gy6qlpotZE=
last-modified: Fri, 04 Nov 2022 09:48:41 GMT
server: cloudflare
etag: W/"e72ce2c037670e26dfab84f5be150be3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dd69031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 7994.7da603bb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 27 KB
8 KB 223ms
219ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7994.7da603bb.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36079b9214c8ee44d674bb2ae001a236a65af99c9479ca7ef6a64fcd66aa2db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
x-amz-version-id: GuftPtnA_GUXCfWsYSat4fvEqT0uY7d1
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MQXBMCH36EASEET7
age: 1102685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: U83UNs5fJq8f46qbOJ1JRss2eEt8fBHGVEm6CadcqPU5I7RARfTylwy+HQlUvEHNwGxcWTYX4gY=
last-modified: Wed, 09 Nov 2022 00:29:25 GMT
server: cloudflare
etag: W/"8fe088dde9254c9c6ba7a47dd288c308"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3dda9031-FRA
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 PostPage.RightColumnContent.7583ad6a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 33 KB
9 KB 379ms
374ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.7583ad6a.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c55ff45ed7801af8e89a44254e6c4304308d3bb0730377a99fc95958d08d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
x-amz-version-id: 2AoTTzCwDbGeZIkL3YxwL7Z3uTfAE9m6
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B7VQ72HXW3Q0WHNV
age: 309159
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iBOh4H5RwbMUYLXvYel7uLCiFe6MtlLmZSkQLabW4A9/MnoLN7tBqllrQtERrNDToc8MhbhebGk=
last-modified: Fri, 04 Nov 2022 21:16:15 GMT
server: cloudflare
etag: W/"8a9b60e696f090b6ea2579223105ee6d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2ac3de69031-FRA
expires: Wed, 22 Nov 2023 12:45:08 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 215ms
128ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 76e1c2ac2971925f-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 225ms
176ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 24722754
x-envoy-upstream-service-time: 32
server-timing: cf-q-config;dur=8.000002708286e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3ae66903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 1*AYD5ja6D0tjSzJ4RjetQtQ.png
miro.medium.com/fit/c/64/64/ 2 KB
2 KB 187ms
187ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/64/64/1*AYD5ja6D0tjSzJ4RjetQtQ.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bdc2d62e97c3bc273f6aa7322ca0281b5d116defa077ff7d920f65aff6c19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 438174
x-envoy-upstream-service-time: 74
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1953
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 76e1c2abfd0d9031-FRA
expires: Thu, 22 Dec 2022 12:45:07 GMT

GET
H3 200 0*aKOKveaJLnFnYhyp
miro.medium.com/max/320/ 18 KB
18 KB 71ms
70ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*aKOKveaJLnFnYhyp

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7485284d7766e7eedcb08faed322d416a2f3ecc035c56b1e1895a1d10b4fb778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6124
x-envoy-upstream-service-time: 131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18016
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221118-171949-4cd2abe4aa
accept-ranges: bytes
cf-ray: 76e1c2ac0d2f9031-FRA
expires: Thu, 22 Dec 2022 12:45:07 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 97ms
65ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 23078464
x-envoy-upstream-service-time: 31
server-timing: cf-q-config;dur=8.999999408843e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3ae26903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 150ms
118ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 23371108
x-envoy-upstream-service-time: 16
server-timing: cf-q-config;dur=9.0000030468218e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3ae46903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 209ms
177ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7113618
x-envoy-upstream-service-time: 62
server-timing: cf-q-config;dur=1.3999997463543e-05
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3aeb6903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 134ms
102ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7833045
x-envoy-upstream-service-time: 32
server-timing: cf-q-config;dur=7.0000023697503e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3aee6903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 174ms
143ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 6558063
x-envoy-upstream-service-time: 1475
server-timing: cf-q-config;dur=9.0000030468218e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3aef6903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 209ms
177ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1077578
x-envoy-upstream-service-time: 583
server-timing: cf-q-config;dur=6.9999987317715e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3af26903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-code-pro-700-normal.woff
glyph.medium.com/font/a9cd261/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 7 KB
7 KB 211ms
179ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/a9cd261/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-code-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef7faaa5b327458046c615680cb9bd1f3c2cea627f2567365b8a0cb8feb8b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1077578
x-envoy-upstream-service-time: 1330
server-timing: cf-q-config;dur=8.000002708286e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3af46903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-code-pro-700-normal.woff
glyph.medium.com/font/a9cd261/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 78ms
62ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/a9cd261/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee9c955374d5d86d091dae6e36d5388cd821013351ef5878cab82f694f52395

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1077578
x-envoy-upstream-service-time: 736
server-timing: cf-q-config;dur=6.9999987317715e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3af56903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 57 KB
57 KB 190ms
180ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8c5141a45860f1cf10629c45600c1c98754d05e3254d586950d9ec0f060b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7833044
x-envoy-upstream-service-time: 39
server-timing: cf-q-config;dur=0.0010269999984303
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3af66903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 55 KB
55 KB 214ms
214ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2dcb49178e613d7c504bf451d47354109e9dbd3cf5ad3c9e87896005398878

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7833045
x-envoy-upstream-service-time: 47
server-timing: cf-q-config;dur=5.9999983932357e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2ac3af86903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:07 GMT

GET
H3 200 1*QCw3Unyn7vnntVR7WHXImA.png
miro.medium.com/fit/c/96/96/ 14 KB
14 KB 225ms
225ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*QCw3Unyn7vnntVR7WHXImA.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f382cd57b6f051035116127277ebe38da57f04fb58eb10f0bf3698dd2c827f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51365
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14215
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 76e1c2ac3dea9031-FRA
expires: Thu, 22 Dec 2022 12:45:07 GMT

GET
H3 200 1*j8de9xVf25DjbJUm3ZTsOg.png
miro.medium.com/max/720/ 114 KB
115 KB 226ms
225ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*j8de9xVf25DjbJUm3ZTsOg.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e70c3ce8267add0105d8c72f402ca883926d0e88b3b2253a181b626e9f15678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 390
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117006
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221118-171949-4cd2abe4aa
accept-ranges: bytes
cf-ray: 76e1c2ac3dec9031-FRA
expires: Thu, 22 Dec 2022 12:45:08 GMT

GET
H3 200 1*sOIi6rohNnY7r7D2oknuww.png
miro.medium.com/max/720/ 20 KB
21 KB 230ms
230ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*sOIi6rohNnY7r7D2oknuww.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be476041a384b8e1414caebd1391b13ccb1727331f1ca2b45296f741ce0eb06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20757
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221118-171949-4cd2abe4aa
accept-ranges: bytes
cf-ray: 76e1c2ac3def9031-FRA
expires: Thu, 22 Dec 2022 12:45:08 GMT

GET
H3 200 1*QCw3Unyn7vnntVR7WHXImA.png
miro.medium.com/fit/c/176/176/ 38 KB
39 KB 240ms
240ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/176/176/1*QCw3Unyn7vnntVR7WHXImA.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e465671d7b2fd5cf8ac6b815227d9b401df48001ff5d57aa6c8b645d67027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51366
x-envoy-upstream-service-time: 85
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39256
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221110-181626-278b03a8be
accept-ranges: bytes
cf-ray: 76e1c2ac3df09031-FRA
expires: Thu, 22 Dec 2022 12:45:08 GMT

GET
H3 200 2230.571ed6c4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 56ms
55ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2230.571ed6c4.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2aa413d1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
x-amz-version-id: jyYM.ZgM9PE2gJOEnsek2uD4i4PcWdTK
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5B1CYTHMK2616DY7
age: 69024
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Otu4Bzadtbnet2y7EcEb8o/GGiEGQboxNDtYyXCV5GM+59Q94+pwvBgKKEOrg9xRHn4Y4uwRjlE=
last-modified: Mon, 24 Oct 2022 03:04:44 GMT
server: cloudflare
etag: W/"80138a2fe8e56b8f784a37863eea34c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2b1de199031-FRA
expires: Wed, 22 Nov 2023 12:45:08 GMT

GET
H3 200 0*aKOKveaJLnFnYhyp
miro.medium.com/max/160/ 6 KB
6 KB 144ms
144ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/160/0*aKOKveaJLnFnYhyp

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72b49b8e2856aae39040f1948e884e1fb856113a14853357e94a5eef6400b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6235
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221118-171949-4cd2abe4aa
accept-ranges: bytes
cf-ray: 76e1c2b1de1c9031-FRA
expires: Thu, 22 Dec 2022 12:45:08 GMT

GET
H3 200 PostGiveTipOnExternalPlatform.00ea0cc1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 100ms
99ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.00ea0cc1.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2aa413d1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b8c750933df03e0beb11e1e362c1fd918eca7536d5480fb1dc74e58a93a19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
x-amz-version-id: hc4z7sYPnnI95L7G2Lv8B8ITjxs6sci6
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6GZHVJXD4BP93ZM2
age: 309158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 87jdKStWmhZhCCn0awZYmomLWe8TnUtSLUwj0FBrxq/P9pKAT4uO2pTYeeR57mhmntoXgIM2pqg=
last-modified: Fri, 04 Nov 2022 21:16:14 GMT
server: cloudflare
etag: W/"3aaaaf7df87a1de9c96c2f8e94669f30"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2b2af699031-FRA
expires: Wed, 22 Nov 2023 12:45:08 GMT

GET
H3 200 1*AYD5ja6D0tjSzJ4RjetQtQ.png
miro.medium.com/fit/c/32/32/ 925 B
1 KB 73ms
72ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/1*AYD5ja6D0tjSzJ4RjetQtQ.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26934161f6266bcac7d1fe648678b69d5f5bf5585760d7f70b01ef800d70210

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 265971
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 925
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 76e1c2b2dfab9031-FRA
expires: Thu, 22 Dec 2022 12:45:08 GMT

GET
H3 200 1*QCw3Unyn7vnntVR7WHXImA.png
miro.medium.com/fit/c/48/48/ 4 KB
5 KB 81ms
80ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/48/48/1*QCw3Unyn7vnntVR7WHXImA.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdbd3b371645a052dce7ca8dc6a53dc1a11afa27ca71f02553b9600b8ce08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 95640
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4373
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 76e1c2b2dfb09031-FRA
expires: Thu, 22 Dec 2022 12:45:08 GMT

GET
H3 200 1*QCw3Unyn7vnntVR7WHXImA.png
miro.medium.com/fit/c/88/88/ 12 KB
12 KB 72ms
71ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/88/88/1*QCw3Unyn7vnntVR7WHXImA.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8258d489bf1087879249a39ef066be2ef8f82589c5ce3e27fef7bb3429989404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 94523
x-envoy-upstream-service-time: 86
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12258
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 76e1c2b2dfb49031-FRA
expires: Thu, 22 Dec 2022 12:45:08 GMT

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 143 B
530 B 223ms
222ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b56bc46811983d7c44a2660c4d9606b3f9157375d9e6b35ee6cfc177eb44518

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"8f-9xk5zPJVtaVz6XnpCZlY5B/WuKA"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246
cf-ray: 76e1c2b3bdd59060-FRA
x-request-received-at: 1669121109188

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 1 KB
935 B 234ms
233ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4e4d8f58755985257a50873ce3c725f7835aeb2129748a939b80d3248aa386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 62
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"557-ZVI2HDsCwfNRaGlXd7mT/2yURUg"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bdda9060-FRA
x-request-received-at: 1669121109168

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 1 KB
1 KB 256ms
256ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea9022468913a07b31b93b01ce1395e905c1773926cdc55005a0a87f444995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: FloatingPostActionsQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 92
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"4e8-LaKs+GsxX0Qp9RylTaee0CQ1iok"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bddf9060-FRA
x-request-received-at: 1669121109166

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 210 B
578 B 233ms
233ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f29202f0507488f9718810457c73e0ce9aa241eaadf4856589da9e784b2455e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d2-twhIoCrWj7HV2hbO3XkZg7l4PSQ"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bde19060-FRA
x-request-received-at: 1669121109182

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 210 B
579 B 256ms
255ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9440cfa413c00d159068caad7821aa0b9a057356c662e54cbcd2080e800287f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 67
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d2-vd49+W7mCkM2Pm8esYPi7dZClL8"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bde79060-FRA
x-request-received-at: 1669121109187

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 122 B
553 B 253ms
252ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b110791b30866577decdf005924fe7fe67afeaa52e1b79d4babd690f471b94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: PostPageMeterQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 80
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"7a-Buzp6qxTA7CetqAXwFQO1LYnVPI"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bdea9060-FRA
x-request-received-at: 1669121109170

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 3 KB
2 KB 255ms
253ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8041cdc7201dd203e4ae30a4642800e9178256ab8d77d0b0b3512271ab14c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: PublisherFollowersDialogUserQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 73
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"c92-N8oEBE5m7MiJwRvPHrzlbguMW9k"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bded9060-FRA
x-request-received-at: 1669121109181

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 5 KB
2 KB 321ms
319ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b9fa43249d158fe1ef2c679a1dbdae3f0048f3de8bcf1aab11b6a3cbee2167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: RecircSidebarQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 150
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"12c6-zkHyorv6IU+YeNWMFIUUG+xhswg"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bdf99060-FRA
x-request-received-at: 1669121109171

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 96 B
530 B 237ms
233ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

601e0d51256af5055b5ff82f8d363bbab1c2abe53ca29436617b7bb6e1188ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"60-i3PQaoD1qabVwixSkp7TpoYg+Mo"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b3bdfd9060-FRA
x-request-received-at: 1669121109175

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 103 B
511 B 211ms
207ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd52d33117846dcc3720973c3de2da37465f3ab6322bbb344f405f47cfecb376

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"67-UYhtLE0wmxYcEM5gtVYbHZZbsT8"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246
cf-ray: 76e1c2b3ce0d9060-FRA
x-request-received-at: 1669121109178

POST
H3 204 rum Show response
infosecwriteups.com/cdn-cgi/ 0
142 B 59ms
59ms XHR
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://infosecwriteups.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 76e1c2b40ee09060-FRA

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 81 B
494 B 224ms
224ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6879c7e778500f304df25ee73947d1d79596f2901a10fe0d34c9eaae484eb9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"51-3LtfgnqPr7xgdtLtT7FEEb+s5yQ"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246
cf-ray: 76e1c2b42f1f9060-FRA
x-request-received-at: 1669121109259

POST
H3 200 /
infosecwriteups.com/_/clientele/reports/performance/ 0
0 176ms
176ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.0ccc29bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, clientele/main-20221122-003601-db8b653b35
x-envoy-upstream-service-time: 12
cf-ray: 76e1c2b60af29060-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
infosecwriteups.com/_/clientele/reports/performance/ 0
0 235ms
235ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.0ccc29bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, clientele/main-20221122-003601-db8b653b35
x-envoy-upstream-service-time: 15
cf-ray: 76e1c2b60af69060-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
infosecwriteups.com/_/clientele/reports/performance/ 0
0 176ms
175ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.0ccc29bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, clientele/main-20221122-003601-db8b653b35
x-envoy-upstream-service-time: 11
cf-ray: 76e1c2b61b0b9060-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
37ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Nov 2022 11:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4820
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 22 Nov 2022 13:24:49 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 136ms
44ms Script
text/javascript 108.138.17.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: infosecwriteups.com
URL: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa?gi=3de57a79448f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
date: Tue, 22 Nov 2022 12:43:31 GMT
last-modified: Thu, 17 Nov 2022 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 98
etag: "2a6320386437cc44ae1713f25f6ea30b"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22048
x-amz-cf-id: K4yNGNsSzYkaq74ZkkNioLRzsmjqj95y5CRzhdTA3k6GkpO1PD8bSQ==

GET
H3 200 1*QCw3Unyn7vnntVR7WHXImA.png
miro.medium.com/fit/c/20/20/ 1 KB
1 KB 56ms
55ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*QCw3Unyn7vnntVR7WHXImA.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb2f9d6da6db54afc6e7aaf694624dba1d1b56e76a381af2a8b47f9b90223e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3209
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1063
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 76e1c2b85f599031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

GET
H3 200 1*5lIX_vn4BppqL5KdAqQtGg.jpeg
miro.medium.com/fit/c/20/20/ 825 B
1 KB 70ms
69ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*5lIX_vn4BppqL5KdAqQtGg.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d239bb4e798d807f42ef1665ddfe9352ec22543a8fb6ede7b14a41ba7dea0ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45710
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 825
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221110-232540-7dbbb888f8
accept-ranges: bytes
cf-ray: 76e1c2b87f7f9031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

GET
H3 200 0*k8nnVZ07DR6Iw10K
miro.medium.com/focal/56/56/50/50/ 1 KB
2 KB 74ms
72ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*k8nnVZ07DR6Iw10K

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a711c2c0bcf08768cd8c3c011273c50b4c87337829e1a3c1422f0d99ed10ee27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 435701
x-envoy-upstream-service-time: 1597
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1421
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221110-002248-0f8074516d
accept-ranges: bytes
cf-ray: 76e1c2b87f819031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

GET
H3 200 0*2A8pzy_YD1bJzoDJ.png
miro.medium.com/focal/56/56/50/50/ 6 KB
6 KB 139ms
138ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*2A8pzy_YD1bJzoDJ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fed7a22ab46fd884c3f7df5f4d646db66966927804b6c9193f88f1c4494c106b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 50
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6087
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221101-223452-1a369f363a
accept-ranges: bytes
cf-ray: 76e1c2b87f829031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

GET
H3 200 1*-qMzPUB-UoVrfiEvJwyUNg.png
miro.medium.com/fit/c/20/20/ 1 KB
1 KB 64ms
63ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*-qMzPUB-UoVrfiEvJwyUNg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5138473ee4b6af39236ae3b48b67a216e93cbd82f1a523d15412c46df5d3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89077
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1044
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 76e1c2b87f839031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

GET
H3 200 1*EvSlFy8MQnr6Ty8uadCMSw.png
miro.medium.com/focal/56/56/50/50/ 6 KB
7 KB 57ms
55ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*EvSlFy8MQnr6Ty8uadCMSw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4591d62fcd1cda6ce8cdac411ec0f6ba5783eaac8a46f807cd72156c30e7b4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 517706
x-envoy-upstream-service-time: 70
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6359
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221101-223452-1a369f363a
accept-ranges: bytes
cf-ray: 76e1c2b87f889031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

GET
H3 200 1*XsldmWeNpztt86AxHOhKPw.png
miro.medium.com/fit/c/20/20/ 772 B
1 KB 79ms
77ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*XsldmWeNpztt86AxHOhKPw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f85411e575895c89aa205b38c5f12fc4a1fa05c142bcbd83019288e3cc4b5cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8673
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 772
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221122-003601-db8b653b35
accept-ranges: bytes
cf-ray: 76e1c2b87f919031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

GET
H3 200 1*MNyOGR1wYnBFlCk0hqVKfw.png
miro.medium.com/focal/56/56/50/50/ 4 KB
4 KB 70ms
69ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*MNyOGR1wYnBFlCk0hqVKfw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c236e0d090a580a21611837520e7e077007f08cbf2360532fe6f8099c0e5157

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8673
x-envoy-upstream-service-time: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3584
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221122-003601-db8b653b35
accept-ranges: bytes
cf-ray: 76e1c2b87f939031-FRA
expires: Thu, 22 Dec 2022 12:45:09 GMT

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 210 B
578 B 226ms
226ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f29202f0507488f9718810457c73e0ce9aa241eaadf4856589da9e784b2455e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d2-twhIoCrWj7HV2hbO3XkZg7l4PSQ"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b878419060-FRA
x-request-received-at: 1669121109919

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 119ms
44ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1405530743&t=pageview&_s=1&dl=https%3A%2F%2Finfosecwriteups.com%2Ftryhackme-writeup-attackerkb-48cef82cfefa&ul=en-us&de=UTF-8&dt=TryHackMe%20writeup%3A%20AttackerKB.%20This%20article%20discusses%20the%20AttackerKB%E2%80%A6%20%7C%20by%20Aleksey%20%7C%20Nov%2C%202022%20%7C%20InfoSec%20Write-ups&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=675701509&gjid=719616674&cid=311502734.1669121110&tid=UA-24232453-2&_gid=2101698059.1669121110&_r=1&_slc=1&z=908916998

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 12:45:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://infosecwriteups.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4560.81fb50a8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 45 KB
12 KB 58ms
58ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4560.81fb50a8.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2aa413d1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f5f086c6029021ac02b8b22a6065b376b8ac5621f7704576a072c4991894f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
x-amz-version-id: zEgGmB3PEgGy85TXcHE3wuUI2LZKZBaJ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: G9T39HZY64BKTGQQ
age: 1171262
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YwAEUaqwYoVwFnoh6lrOfzBv4B7VV6XedE3qMrAuKJrwhlqDPaJrUQ28l+R5l/3jFCbb+A0bLLM=
last-modified: Tue, 08 Nov 2022 23:17:11 GMT
server: cloudflare
etag: W/"82e546182f14457aa10f002252c61610"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2b88faf9031-FRA
expires: Wed, 22 Nov 2023 12:45:09 GMT

GET
H3 200 PostNextFiveStories.5ef18fff.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 100ms
99ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.5ef18fff.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2aa413d1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:09 GMT
x-amz-version-id: exTCuGBa1y2uney1YBpz5JAAyr6r7o7e
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6HYRPE56B03M9HZ0
age: 500421
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 371Blsw/iymLWs3ZYzse7ROVFRrRMZvvZssTOaA6DzeYUl9tNFU43LonSFAvaKjOz6oWJcdZTmk=
last-modified: Fri, 26 Aug 2022 22:24:21 GMT
server: cloudflare
etag: W/"5bc6ab68088c4531380f47520b82da55"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76e1c2b88fb29031-FRA
expires: Wed, 22 Nov 2023 12:45:09 GMT

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 82 B
498 B 207ms
206ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7da41a7711f877c92590c7d6a56ee4b7f0b9da550e61e3c7da6bb17414a17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"52-FGUDyF+f/pLjH5MeujH19oJxZD4"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246
cf-ray: 76e1c2b8988f9060-FRA
x-request-received-at: 1669121109943

GET
H2 200 _r Show response
app.link/ 91 B
579 B 310ms
220ms Script
text/javascript 2600:9000:2057:cc00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.71.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:cc00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

60022e01900f1a6b9097c9fea328af94e3e924b7d39d663d4ca708e2c30480ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-cKnH85JviiNQLZy8Gh2FuXvGxB0"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: Z37dkoNkoX4wrzLTw2CdMlHV7Jbtqm7a1KCeGS_ji8NhRBws1yBzUA==

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 27 KB
5 KB 390ms
387ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008f8b726bc1f4699919963eaa5e4eec13114b62d0aad06a76275ab9ac5c9834

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 51fb83eb528fffb1
medium-frontend-path: /tryhackme-writeup-attackerkb-48cef82cfefa
graphql-operation: PostNextFiveStoriesCollection
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
medium-frontend-app: lite/main-20221122-002045-a25d6400b6
apollographql-client-version: main-20221122-002045-a25d6400b6
ot-tracer-spanid: 2626204d1d5c2e1d

Response headers

date: Tue, 22 Nov 2022 12:45:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"6bf3-yw0ePPwUyxw18i9alLB90F3cLQ0"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35, rito/main-20221121-192856-133defd246, tutu/main-20221122-085619-095a22024d
cf-ray: 76e1c2b97aa29060-FRA
x-request-received-at: 1669121110111

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
677 B 290ms
200ms XHR
application/json 2600:9000:21f3:ec00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

58ffba925ef39bebd2249ab12ba8dbd4bd1418ae26201e122c9efd18d4f9266d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Nov 2022 12:45:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 0c533629039441338fc8d4450102142e-2022112212
content-length: 316
x-amz-cf-id: YXJnFc5Ogkk6FeMdjjCtJxRPG-WeWrA70x3jobjqCz43A4jpKHzV7Q==

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
29 KB 71ms
70ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://infosecwriteups.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:45:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 24601835
x-envoy-upstream-service-time: 81
server-timing: cf-q-config;dur=7.9999990703072e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76e1c2bcad2b6903-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 22 Nov 2023 12:45:10 GMT

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
612 B 203ms
202ms XHR
application/json 2600:9000:21f3:ec00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

86f024f244ce5dceee92f644b21160b82b0ab498688cc8e18c4bf019581a3f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Nov 2022 12:45:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"b7-log2r8pxG92qwRLukn/A2Onuujk"
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f4826439364e4caca37063885df6dea9-2022112212
content-length: 183
x-amz-cf-id: bT2Q9jiTuACRnEOMMeUyXrVUr5j9I-bmk6BPbUExO_8GHujfC_2xiw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
433 B 214ms
214ms XHR
application/json 2600:9000:21f3:ec00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Nov 2022 12:45:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: bba8eef49ab64fb2b2dba7cf66fd70f3-2022112212
content-length: 28
x-amz-cf-id: jcL4-tpCbVJYQafQlKR1DJ5kO8lJZFP5rS1BfvSuJojhwsh8xHniAg==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
434 B 205ms
205ms XHR
application/json 2600:9000:21f3:ec00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3034.5bf7db30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ec00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Nov 2022 12:45:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: c93ae99844ec4d8c863a00c9f82ea3c0-2022112212
content-length: 28
x-amz-cf-id: Bwyw_1Kr9yHLvMhPQEbshkt5YFu7AyNZljT0CRCLykLLf5snX81_wA==

POST
H3 200 oh-noes
infosecwriteups.com/_/ 101 B
0 218ms
217ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/oh-noes

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.0ccc29bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://infosecwriteups.com https://.infosecwriteups.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json

Response headers

date: Tue, 22 Nov 2022 12:45:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://infosecwriteups.com https://*.infosecwriteups.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-powered-by: Medium
x-obvious-info: 20221122-0857-root,095a2202
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1669121113872:371638a4a9e7
server: cloudflare
worker-missing-cookies: 0
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35
cf-ray: 76e1c2d11cda9060-FRA
link: <https://medium.com/humans.txt>; rel="humans"
x-opentracing: {"ot-tracer-spanid":"03825a3f350980d9","ot-tracer-traceid":"3977a39936389e0c","ot-tracer-sampled":"true"}
expires: Thu, 09 Sep 1999 09:09:09 GMT

POST
H3 200 batch Show response
infosecwriteups.com/_/ 17 B
295 B 578ms
578ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.0ccc29bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://infosecwriteups.com/tryhackme-writeup-attackerkb-48cef82cfefa
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json

Response headers

date: Tue, 22 Nov 2022 12:45:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json
medium-fulfilled-by: edgy/8.3.0, valencia/main-20221122-003601-db8b653b35
x-envoy-upstream-service-time: 156
cf-ray: 76e1c2d11ce99060-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.infosecwriteups.com/	1969-12-31 23:59:59	Name: __cfruid Value: 85bae4722866442071eb5997df4cb230b23cf961-1669121105
.medium.com/	1970-01-20 16:24:17	Name: sid Value: 1:JGM2LikAdq1wRk/9rxNgKjCbHFX4xcLH6WGvNGNl5dUz6OhgD424EW5ahJyEW4R/
.medium.com/	1970-01-20 16:24:17	Name: uid Value: lo_199224a87822
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: f2f3f3325e0046c4ce2342e792f1e10043f71f32-1669121106
infosecwriteups.com/	1970-01-20 16:24:17	Name: sid Value: 1:oB/3YJZ0bNEu61ZGyCv84I4bpiRBx/4M2e9HYzOiosMCjN9O5p4TA9moxD4FSoJH
infosecwriteups.com/	1970-01-20 16:24:17	Name: uid Value: lo_199224a87822
infosecwriteups.com/	1970-01-20 07:38:42	Name: _dd_s Value: rum=0&expire=1669122008779
.infosecwriteups.com/	1970-01-20 17:14:41	Name: _ga Value: GA1.2.311502734.1669121110
.infosecwriteups.com/	1970-01-20 07:40:07	Name: _gid Value: GA1.2.2101698059.1669121110
.infosecwriteups.com/	1970-01-20 07:38:41	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
infosecwriteups.com
medium.com
miro.medium.com
static.cloudflareinsights.com
www.google-analytics.com
108.138.17.45
162.159.152.4
2001:4860:4802:34::178
2600:9000:2057:cc00:19:9934:6a80:93a1
2600:9000:21f3:ec00:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700::6810:3965
008b735b5e27e2ddea50ac42eeaef63fae74d969ff15e3144c7b9f7c927baffd
008f8b726bc1f4699919963eaa5e4eec13114b62d0aad06a76275ab9ac5c9834
020cd8f8d0924d2122db07b848a8bd3217502a2cac01ab2349d71d6b8efce2eb
0e70c3ce8267add0105d8c72f402ca883926d0e88b3b2253a181b626e9f15678
0ea9022468913a07b31b93b01ce1395e905c1773926cdc55005a0a87f444995c
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1b56bc46811983d7c44a2660c4d9606b3f9157375d9e6b35ee6cfc177eb44518
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1ef7faaa5b327458046c615680cb9bd1f3c2cea627f2567365b8a0cb8feb8b5d
21f664741b9a09d85abb3a88e128d955477d7e8e4d9b625b3b8f32af49faeacd
293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174
2a8041cdc7201dd203e4ae30a4642800e9178256ab8d77d0b0b3512271ab14c4
2b110791b30866577decdf005924fe7fe67afeaa52e1b79d4babd690f471b94a
36079b9214c8ee44d674bb2ae001a236a65af99c9479ca7ef6a64fcd66aa2db5
3bbe50ac7cc6cac42792dca94f357c04f3639a85114c6210c3266f9322f7d350
3e791eab5353305b0759468002527abbd57394578f316c23fbe6e4d328eb4cc9
3ec9b61d189ad62f5a110d705b276d7103317bd81cd98cab2e0a31c32bd4d8db
41b8c750933df03e0beb11e1e362c1fd918eca7536d5480fb1dc74e58a93a19e
4591d62fcd1cda6ce8cdac411ec0f6ba5783eaac8a46f807cd72156c30e7b4e5
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
4e8c5141a45860f1cf10629c45600c1c98754d05e3254d586950d9ec0f060b14
55aa91a5859a6f9f80c383e57195f5dfb4c59a211527776306bf971e7775e512
56c55ff45ed7801af8e89a44254e6c4304308d3bb0730377a99fc95958d08d31
58ffba925ef39bebd2249ab12ba8dbd4bd1418ae26201e122c9efd18d4f9266d
59dfc9a2ee55f23ce9d186df2930e546ef15dd08f05154d83e7b2463351c0e73
5c236e0d090a580a21611837520e7e077007f08cbf2360532fe6f8099c0e5157
60022e01900f1a6b9097c9fea328af94e3e924b7d39d663d4ca708e2c30480ed
601e0d51256af5055b5ff82f8d363bbab1c2abe53ca29436617b7bb6e1188ded
601f0395312c80eca646294da8644382a9187a1ba327cd2e61afeaebf72d404c
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
6879c7e778500f304df25ee73947d1d79596f2901a10fe0d34c9eaae484eb9c5
6918d67d2cf1cfb21b1e587eb88aa22abe1a18731b9c450bc0371716f31dd4ed
6acdc99f435d425b7bba029bd16b215b4a3c2913cefe77332992d0970874475b
70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca
722118b3904fc84b418dcf0b58f71df9a023d4f0dba573d37b7f239128139669
7485284d7766e7eedcb08faed322d416a2f3ecc035c56b1e1895a1d10b4fb778
7684af0eaf8bb3c4caf740ad39e27a0020f2c196d63ccc2eabc9848e210f4703
781d4f9fcc104660e0eed26d06c5e63b83713ae6c465ab0c5cb2c31da6b2e784
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
7bce06057674aa788554a6668def4d408f3758c60aa97be8699f85055bfc4e8e
7c5138473ee4b6af39236ae3b48b67a216e93cbd82f1a523d15412c46df5d3e3
7f29202f0507488f9718810457c73e0ce9aa241eaadf4856589da9e784b2455e
809ba9226007941b97a6cfbec74ce39c57e7ac06d6e107a677f8acd1f4752bc2
80e465671d7b2fd5cf8ac6b815227d9b401df48001ff5d57aa6c8b645d67027d
821d90fc9ae6cc1796468c1f16a94b21f246827b06e003a42288346f499f3227
8258d489bf1087879249a39ef066be2ef8f82589c5ce3e27fef7bb3429989404
82b9fa43249d158fe1ef2c679a1dbdae3f0048f3de8bcf1aab11b6a3cbee2167
83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77
850aaadf9940e3bc3a6c6610a04d7a6d4f4914640f8eca6ea2f6846617e24891
86f024f244ce5dceee92f644b21160b82b0ab498688cc8e18c4bf019581a3f7e
89716be7d15a49a6a138a59d2870795274f7308291864a3bd32a57871c89aadc
918503ebbe8177e0fed395cc32b4f36689e33305bcee15bdf5573441a3c1cb07
9440cfa413c00d159068caad7821aa0b9a057356c662e54cbcd2080e800287f2
955c47ee44b0feca62780cf5cb5aaba68e9fe3a04677da7795a333c19bc572e8
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
9baef641401ba65d7ebe761277b0ce688c0af5b92b29dad9c7e5835fbf0383c8
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
9ee9c955374d5d86d091dae6e36d5388cd821013351ef5878cab82f694f52395
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0bb2f9d6da6db54afc6e7aaf694624dba1d1b56e76a381af2a8b47f9b90223e
a2cfff7f9e5ae872a94184b0fc2a35af5c0c1687ba0099349708d02972ba0e1e
a4d35c7a9d627398567e75636b5a070fda249db29eac7b19bdd8077a43468887
a711c2c0bcf08768cd8c3c011273c50b4c87337829e1a3c1422f0d99ed10ee27
a726d058aea44f24469de003137d8d5e1c54ac2b2f3ab7dcc52f39dece2d2ad6
a72b49b8e2856aae39040f1948e884e1fb856113a14853357e94a5eef6400b96
a76f4f097b02247221fd1e61654fbcae1f19b748d42d090a8ee6fc03f468ae7b
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aa2dcb49178e613d7c504bf451d47354109e9dbd3cf5ad3c9e87896005398878
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b2fe2932db605a8129795c1d290e396208478d8dbc9f09f0ba94961d8c1122ba
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7bdc2d62e97c3bc273f6aa7322ca0281b5d116defa077ff7d920f65aff6c19b
bc4e4d8f58755985257a50873ce3c725f7835aeb2129748a939b80d3248aa386
bccaab228d8683e2292c683c73b54ab145855b33f5bce0884b4b15c5fe1fcb14
bd52d33117846dcc3720973c3de2da37465f3ab6322bbb344f405f47cfecb376
bdbd3b371645a052dce7ca8dc6a53dc1a11afa27ca71f02553b9600b8ce08cf1
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
be476041a384b8e1414caebd1391b13ccb1727331f1ca2b45296f741ce0eb06f
bea4fdb2d41823fab9900e584dea8475f583c4d2a9a5076e19f390d7e3aad75a
c670d76000cdea87d941b06c284daa5d27948741beeb0f72c3d6e57319a34b4c
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
d239bb4e798d807f42ef1665ddfe9352ec22543a8fb6ede7b14a41ba7dea0ee2
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
d8ea0c6d12d6715d8a6fbee9173eff895ac2e0c92190afa970cd76793caff9bb
de01b5fb6969fb2f6f0d7adfb92efa823702c9e79e32a3b1df88f054bf5d2a0d
de9f5f086c6029021ac02b8b22a6065b376b8ac5621f7704576a072c4991894f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc
e801d341c9fb573d7b77c2875c624de568058db94d854cf42769480dd1c41e8c
eb7da41a7711f877c92590c7d6a56ee4b7f0b9da550e61e3c7da6bb17414a17a
ed6c893a073552f4a84990ac61c4b1402f292eea1fd93082c79fff8a18d5161b
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f26934161f6266bcac7d1fe648678b69d5f5bf5585760d7f70b01ef800d70210
f382cd57b6f051035116127277ebe38da57f04fb58eb10f0bf3698dd2c827f4e
f8208ed3f5800f2f02cc71aaf1aa172cc36366ac6b668675b5b37fe7181db33e
f85411e575895c89aa205b38c5f12fc4a1fa05c142bcbd83019288e3cc4b5cb2
fed7a22ab46fd884c3f7df5f4d646db66966927804b6c9193f88f1c4494c106b

infosecwriteups.com Open in urlscan Pro 162.159.152.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

71 %IPv6

6 Domains

10 Subdomains

7 IPs

2 Countries

1545 kBTransfer

3736 kBSize

10 Cookies

89 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

infosecwriteups.com Open in urlscan Pro
162.159.152.4 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

10
Subdomains

7
IPs

2
Countries

1545 kB
Transfer

3736 kB
Size

10
Cookies

105 HTTP transactions
0 data transactions