doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Effective URL:
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
Submission: On October 06 via api (October 6th 2022, 6:56:23 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 101 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 130 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is doublepulsar.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 31st 2021. Valid for: a year.

This is the only time doublepulsar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	52.1.119.170 52.1.119.170	14618 (AMAZON-AES) (AMAZON-AES)
1 54	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b902:6d57:676f:b91a:394d	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:1f18:24e... 2600:1f18:24e6:b901:43d1:1456:57d:23b8	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.78.38 13.225.78.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.113 108.138.17.113	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:1400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	3.93.235.75 3.93.235.75	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:21f... 2600:9000:21f3:4800:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
130	11

21 52.1.119.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-119-170.compute-1.amazonaws.com

doublepulsar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:6d57:676f:b91a:394d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:24e6:b901:43d1:1456:57d:23b8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-38.fra2.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-113.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.93.235.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-235-75.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:4800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 11974 glyph.medium.com — Cisco Umbrella Rank: 28183 miro.medium.com — Cisco Umbrella Rank: 18203 cdn-client.medium.com — Cisco Umbrella Rank: 29689	2 MB
21	doublepulsar.com 1 redirects doublepulsar.com	64 KB
7	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 21802 api.sprig.com — Cisco Umbrella Rank: 9749	70 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 826 api2.branch.io — Cisco Umbrella Rank: 482	25 KB
5	datadoghq.com browser-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6248 rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 7888	182 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	app.link app.link — Cisco Umbrella Rank: 2683	594 B
130	7

	Domain	Requested by
44	cdn-client.medium.com	doublepulsar.com cdn-client.medium.com
39	miro.medium.com	doublepulsar.com cdn-client.medium.com
21	doublepulsar.com	1 redirects cdn-client.medium.com
7	glyph.medium.com	doublepulsar.com glyph.medium.com
6	api.sprig.com	cdn-client.medium.com
4	api2.branch.io	cdn-client.medium.com
3	rum-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	www.google-analytics.com	doublepulsar.com cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	doublepulsar.com
1	cdn.sprig.com	doublepulsar.com
1	medium.com	1 redirects
130	13

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
www.gteltsc.vn
twitter.com
learn.microsoft.com
techcommunity.microsoft.com
github.com
msrc-blog.microsoft.com
web.archive.org
microsoft.github.io
support.microsoft.com
www.microsoft.com
viz.greynoise.io
greynoise.io
policy.medium.com
athenaalliance.medium.com
hydroperitoneum1906.medium.com
omidyarnetwork.medium.com
deeper-network.medium.com
socios.medium.com
katjah-smith.medium.com
help.medium.com
itunes.apple.com
play.google.com
socfortress.medium.com
shahjerry33.medium.com
medium.statuspage.io
about.medium.com
blog.medium.com
knowable.fyi

Subject Issuer	Validity	Valid
doublepulsar.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-31` - `2022-12-31`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-08-25` - `2022-11-23`	3 months	crt.sh
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
api.sprig.com Amazon	`2022-09-16` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
app.sprig.com Amazon	`2022-03-01` - `2023-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
Frame ID: BF12FE3533FB8669753267F48F4F737C
Requests: 126 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProxyNotShell— the story of the claimed zero days in Microsoft Exchange | by Kevin Beaumont | Sep, 2022 | DoublePulsar

Page URL History Show full URLs

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell... HTTP 302
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

130
Requests

100 %
HTTPS

64 %
IPv6

7
Domains

13
Subdomains

11
IPs

2
Countries

2642 kB
Transfer

4985 kB
Size

10
Cookies

101 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=---three_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F5c63d963a9e9&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderCollection&%7Estage=mobileNavBar&source=---three_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_nav-----------------------three_column_layout_nav-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_nav-----------------------three_column_layout_nav-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fnotifications&source=---three_column_layout_nav-----------------------notifications_sidenav-----------
Title: Notifications

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Flists&source=---three_column_layout_nav-----------------------lists_sidenav-----------
Title: Lists

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fstories%2Fdrafts&source=---three_column_layout_nav-----------------------stories_sidenav-----------
Title: Stories

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---three_column_layout_nav-----------------------new_post_sidenav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=-----5c63d963a9e9---------------------smart_meter-----------
Title: Sign up for Medium and get an extra one

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&user=Kevin+Beaumont&userId=7db6d2df42a6&source=post_page-7db6d2df42a6----5c63d963a9e9---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F5c63d963a9e9&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=--------------------------bookmark_header-----------

Search URL Search Domain Scan URL

URL: https://www.gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html
Title: Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server | Blog | GTSC — Cung cấp các dịch vụ bảo mật toàn diện (gteltsc.vn)

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1575909146897285120?s=20&t=LHtuyi8Fa5G5COsUO__eEQ
Title: you likely haven’t patched Exchange

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/exchange/exchange-hybrid
Title: Exchange hybrid

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/exchange-team-blog/why-exchange-server-updates-matter/ba-p/2280770

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/powershell/exchange/control-remote-powershell-access-to-exchange-servers?view=exchange-ps
Title: this guide

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-CVE-2021-34473-SSRF
Title: ThreatHunting/Exchange-CVE-2021–34473-SSRF at master · GossiTheDog/ThreatHunting · GitHub

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-Powershell-via-SSRF
Title: ThreatHunting/Exchange-Powershell-via-SSRF at master · GossiTheDog/ThreatHunting · GitHub

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AdvancedHuntingQueries/MSExchange-UnknownSubprocesses
Title: ThreatHunting/MSExchange-UnknownSubprocesses at master · GossiTheDog/ThreatHunting · GitHub

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Title: blog post

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20220930082659/https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Title: Archive link

Search URL Search Domain Scan URL

URL: https://microsoft.github.io/CSS-Exchange/Security/EOMTv2/
Title: EOMTv2 — Microsoft — CSS-Exchange

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/topic/update-for-universal-c-runtime-in-windows-c0514201-7fe6-95a3-b0a5-287930f3560c
Title: Update for Universal C Runtime in Windows (microsoft.com)

Search URL Search Domain Scan URL

URL: https://twitter.com/testanull/status/1576774007826718720?s=20&t=LaP_3oLPve_c7P6gdAspfg
Title: found by Jang

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/
Title: removed the suggestion

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-server-roadmap-update/ba-p/3421389
Title: Exchange on-prem doesn’t support Modern Authentication yet

Search URL Search Domain Scan URL

URL: https://viz.greynoise.io/tag/exchange-proxynotshell-vuln-check?days=10
Title: GreyNoise TrendsAt GreyNoise, we collect and analyze untargeted, widespread, and opportunistic scan and attack activity that reaches…viz.greynoise.io

Search URL Search Domain Scan URL

URL: https://twitter.com/wdormann/status/1577682359956168706/photo/1

Search URL Search Domain Scan URL

URL: https://greynoise.io/
Title: GreyNoise

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fdoublepulsar%2F5c63d963a9e9&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&user=Kevin+Beaumont&userId=7db6d2df42a6&source=-----5c63d963a9e9---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/doublepulsar/newsletters/cybersecurity-threat-context-and-response?source=newsletter_v3_promo--------------------------newsletter_v3_promo-----------
Title: Take a look.

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=newsletter_v3_promo--------------------------newsletter_v3_promo----------bf3adc545c1c-
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fbf3adc545c1c&operation=register&redirect=https%3A%2F%2Fmedium.com%2Fdoublepulsar%2Fnewsletters%2Fcybersecurity-threat-context-and-response&collection=DoublePulsar&collectionId=8343faddf0ec&newsletterV3=Cybersecurity+Threat+Context+and+Response&newsletterV3Id=bf3adc545c1c&user=Kevin+Beaumont&userId=7db6d2df42a6&source=--------------------------newsletter_v3_promo----------bf3adc545c1c-
Title: Get this newsletter

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fdoublepulsar%2F5c63d963a9e9&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&collection=DoublePulsar&collectionId=8343faddf0ec&source=post_page-----5c63d963a9e9---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----0----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/follina?source=post_page-----5c63d963a9e9---------------follina-----------------
Title: Follina

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F1a47fce5629e&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Ffollina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e&source=-----5c63d963a9e9----0-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page_footer_cta_write-------------------------------------
Title: Write on Medium

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----1----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/bpfdoor?source=post_page-----5c63d963a9e9---------------bpfdoor-----------------
Title: Bpfdoor

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F54b078f1a896&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fbpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896&source=-----5c63d963a9e9----1-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/proxyshell?source=post_page-----5c63d963a9e9---------------proxyshell-----------------
Title: Proxyshell

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=-----5c63d963a9e9----2-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----3----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----5c63d963a9e9---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F7a871c465fa5&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fhivenightmare-aka-serioussam-anybody-can-read-the-registry-in-windows-10-7a871c465fa5&source=-----5c63d963a9e9----3-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cyberattack?source=post_page-----5c63d963a9e9---------------cyberattack-----------------
Title: Cyberattack

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F76e4ec6ec64b&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fkaseya-supply-chain-attack-delivers-mass-ransomware-event-to-us-companies-76e4ec6ec64b&source=-----5c63d963a9e9----4-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://athenaalliance.medium.com/?source=post_internal_links---------0----------------------------

Search URL Search Domain Scan URL

URL: https://athenaalliance.medium.com/athena-member-vocera-director-fireeye-evp-alexa-kings-insights-on-cybersecurity-leadership-7d91e85a75e7?source=post_internal_links---------0----------------------------
Title: Athena member, Vocera Director, & FireEye EVP Alexa King’s insights on cybersecurity & leadership

Search URL Search Domain Scan URL

URL: https://hydroperitoneum1906.medium.com/?source=post_internal_links---------1----------------------------

Search URL Search Domain Scan URL

URL: https://hydroperitoneum1906.medium.com/update-fuego-y-agua-online-hack-free-resources-generator-56e9b8bc82c7?source=post_internal_links---------1----------------------------
Title: {UPDATE} Fuego y Agua Online Hack Free Resources Generator

Search URL Search Domain Scan URL

URL: https://omidyarnetwork.medium.com/?source=post_internal_links---------2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/omidyar-network?source=post_internal_links---------2----------------------------
Title: Omidyar Network

Search URL Search Domain Scan URL

URL: https://medium.com/omidyar-network/spotting-privacy-breaches-before-they-cause-harm-94b3a8127b02?source=post_internal_links---------2----------------------------
Title: Spotting Privacy Breaches Before They Cause Harm

Search URL Search Domain Scan URL

URL: https://deeper-network.medium.com/?source=post_internal_links---------3----------------------------

Search URL Search Domain Scan URL

URL: https://deeper-network.medium.com/deeper-network-genesis-node-mainnet-launch-setup-tutorial-1b1b50b4a8fe?source=post_internal_links---------3----------------------------
Title: Deeper Network Genesis Node Mainnet Launch Setup Tutorial

Search URL Search Domain Scan URL

URL: https://medium.com/@bobwcook?source=post_internal_links---------4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@bobwcook/cyber-security-for-the-rest-of-us-6083d61add91?source=post_internal_links---------4----------------------------
Title: Cyber Security for the rest of us.

Search URL Search Domain Scan URL

URL: https://socios.medium.com/?source=post_internal_links---------5----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/socios?source=post_internal_links---------5----------------------------
Title: Socios.com

Search URL Search Domain Scan URL

URL: https://medium.com/socios/fto-update-key-details-ahead-of-this-weeks-g%C3%B6ztepe-and-universidad-de-chile-launches-8b28f1547282?source=post_internal_links---------5----------------------------
Title: FTO® Update: Key Details Ahead Of This Week’s Göztepe And Universidad de Chile Launches

Search URL Search Domain Scan URL

URL: https://medium.com/@teamsecuricy?source=post_internal_links---------6----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@teamsecuricy/security-best-practices-for-your-windows-10-computer-4a5c3946ba4?source=post_internal_links---------6----------------------------
Title: Security Best Practices for Your Windows 10 Computer

Search URL Search Domain Scan URL

URL: https://katjah-smith.medium.com/?source=post_internal_links---------7----------------------------

Search URL Search Domain Scan URL

URL: https://katjah-smith.medium.com/nmap-scan-types-cheatsheet-b8ff9f3bfe3b?source=post_internal_links---------7----------------------------
Title: Nmap Scan Types CheatSheet

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----5c63d963a9e9--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----5c63d963a9e9--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----5c63d963a9e9--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----5c63d963a9e9--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_sidebar-----------------------three_column_layout_nav-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_sidebar-----------------------three_column_layout_nav-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=---three_column_layout_sidebar----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&user=Kevin+Beaumont&userId=7db6d2df42a6&source=post_page-7db6d2df42a6--three_column_layout_sidebar-----------------------follow_profile-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fb4bad6c46577&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&newsletterV3=7db6d2df42a6&newsletterV3Id=b4bad6c46577&user=Kevin+Beaumont&userId=7db6d2df42a6&source=---three_column_layout_sidebar-----------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@shellyshubh?source=read_next_recirc---three_column_layout_sidebar------0---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------

Search URL Search Domain Scan URL

URL: https://medium.com/@shellyshubh/how-i-made-200-in-5-minutes-by-email-injection-first-bug-bounty-b194ea6568b2?source=read_next_recirc---three_column_layout_sidebar------0---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------
Title: How I made 200$ in 5 minutes by email injection. First Bug Bounty

Search URL Search Domain Scan URL

URL: https://medium.com/@alfredeye?source=read_next_recirc---three_column_layout_sidebar------1---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------

Search URL Search Domain Scan URL

URL: https://medium.com/@alfredeye/i-spent-2000-hours-learning-how-to-learn-part-4-3dde9b37344a?source=read_next_recirc---three_column_layout_sidebar------1---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------
Title: I Spent 2000 Hours Learning How To Learn: Part 4

Search URL Search Domain Scan URL

URL: https://socfortress.medium.com/?source=read_next_recirc---three_column_layout_sidebar------2---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------

Search URL Search Domain Scan URL

URL: https://socfortress.medium.com/build-your-own-siem-stack-with-open-source-tools-series-39da0f2d412a?source=read_next_recirc---three_column_layout_sidebar------2---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------
Title: Build Your Own SIEM Stack with Open Source Tools Series

Search URL Search Domain Scan URL

URL: https://shahjerry33.medium.com/?source=read_next_recirc---three_column_layout_sidebar------3---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------

Search URL Search Domain Scan URL

URL: https://shahjerry33.medium.com/shodan-dorks-the-gods-eye-f224f9b3984f?source=read_next_recirc---three_column_layout_sidebar------3---------------------7d0d9c03_9bcb_45c8_8c27_34e68ece3265-------
Title: Shodan Dorks - The God’s Eye

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=---three_column_layout_sidebar----------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=---three_column_layout_sidebar----------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=---three_column_layout_sidebar----------------------------------
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=---three_column_layout_sidebar----------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=---three_column_layout_sidebar----------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=---three_column_layout_sidebar----------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=---three_column_layout_sidebar----------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=---three_column_layout_sidebar----------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://knowable.fyi/?source=---three_column_layout_sidebar----------------------------------
Title: Knowable

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 302
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 Show response
doublepulsar.com/
Redirect Chain

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

255 KB
50 KB

827ms
827ms

Document
text/html

52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4c4ffcc9444d10a660d22a349baecd56bd2c6538d247074a754580791fb574c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Thu, 06 Oct 2022 18:56:12 GMT
etag: W/"3fca0-DzeXaO5kVRTyMBGl1eoTlJKpjFg"
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, lite/main-20221006-153254-fdb603b8b4, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
medium-missing-time: 243
sepia-upstream: medium
server: nginx
vary: Accept-Encoding
x-envoy-upstream-service-time: 715
x-request-received-at: 1665082574485

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75609da83a88906c-FRA
content-length: 0
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/plain;charset=UTF-8
date: Thu, 06 Oct 2022 18:56:14 GMT
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220930-203142-057a4d4bc6
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 33
x-frame-options: sameorigin
x-obvious-info: 20221006-1716-root,b6f45502
x-obvious-tid: 1665082574217:f638ac578f97
x-opentracing: {"ot-tracer-spanid":"69a0b1cd34be1cf6","ot-tracer-traceid":"7827b1e2202eacf4","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 unbound.css
glyph.medium.com/css/ 15 KB
1 KB 70ms
54ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 9
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 75609dafd94e906c-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 06 Oct 2022 20:56:15 GMT

GET
H2 200 1*6Ay_Mt1ikoTKAHgHTJcfMQ.png
miro.medium.com/max/720/ 190 KB
190 KB 48ms
39ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*6Ay_Mt1ikoTKAHgHTJcfMQ.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25fa752260dab146cbb9bc0dc8a23fad476a7107a1d02f1c089c5f1612bba4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 556374
x-envoy-upstream-service-time: 393
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194173
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609dafc937906c-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H2 200 manifest.a9f0e41c.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 56ms
47ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.a9f0e41c.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5a3b546b67f6a0df513c2da7347cf669f58701a96d3f1d81f37e9d29996187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: wyZxu0naUvK7IsBb2Mk_DR_W9YdBSLNn
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8Z2SYB8D5NQEJ0QW
age: 11065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MNN3b2znO4A+fmXBm5AhDXFj01PF/0kK3h7n543SdRYQ3omD/SaOsJeSOvQZeA7eDOhB6ZOd604=
last-modified: Thu, 06 Oct 2022 15:41:58 GMT
server: cloudflare
etag: W/"dd1a2c834247e83bae74ef90584d5ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db019f2906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 221.eb6d4e84.js Show response
cdn-client.medium.com/lite/static/js/ 691 KB
213 KB 51ms
42ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: eFYPkrNVdSEA2cbFUgGI5AL5fmJ6xhM1
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J2TVWCT1EY9N2ACT
age: 711559
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: AdbnGoZITPw5AWsHgEIvXYgiPZgy5XVnPYvmDgCgX/9Y22m9b757aLHTZLskxG4TdBNklNLgyCM=
last-modified: Wed, 03 Aug 2022 13:07:29 GMT
server: cloudflare
etag: W/"8217b3c83342b21eef3049023dae74f7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db019ea906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 main.092b0731.js Show response
cdn-client.medium.com/lite/static/js/ 736 KB
177 KB 56ms
47ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.092b0731.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5c249d284060871ae4e4a74dba477ebb86b6bb7882e6eec7a6916fc1522d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: g7e.85C.ov0Gk8_87.qCur1vIvothACg
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8Z2TB116SYNXVS5J
age: 11065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: upYcn9VPfs8Nc3e9VO1c7FEYGlJTnoojUs4sQ2i53pfVWbLUc9H8Q0KJLgm5xkr4m6Aon+2FXF4=
last-modified: Thu, 06 Oct 2022 15:41:45 GMT
server: cloudflare
etag: W/"d096d4f9b5fb9b8fa952fa0f7739ae2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db019ef906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 instrumentation.c71f0248.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 54ms
46ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: 5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DN80NP6MC45XWT2W
age: 1129342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XL/2Jb9u14qm8cCj//wgdYe0Ggn1t1G4gX21uBRkpd82xhiecCSbOyioU4BrWRYiv2q6edekGpo=
last-modified: Wed, 07 Sep 2022 22:21:02 GMT
server: cloudflare
etag: W/"1c4019035217766e8fa41b4d396c90c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db019f3906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 4800.b97019a4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 66 KB
19 KB 76ms
68ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4800.b97019a4.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718c21c54c22368449ebeafd73dbc663738e4dc0f668ff581cf04a7049764e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: Pi1n8E4Ms1X56g03fobJVGJ0O7tggnc_
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNGBGFW7CCN1A9H8
age: 779955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RWop0tBEjn1hbwGKGeC8qHg0gQvQXBNFBXW1tGddjSJb8GJ6hVallTgDD7nFgJkweLk6zhJnO3A=
last-modified: Fri, 23 Sep 2022 22:08:57 GMT
server: cloudflare
etag: W/"2aa4d7c3babdc88eeabdd9cfa8a20aa2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db019f1906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 7371.4a3c1218.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
7 KB 81ms
73ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7371.4a3c1218.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1950c7280b74b029c73a0b0ed1f4e77b62b6f620ead144285a0bc83ea28c7153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: ZgNlieNTl7_oC7QUU6YmKWuVvR0u2dl7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S9WV5BEE8VQ35TFJ
age: 696302
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RUXaKinQylzW1iCX4Uuk4+aRNYqI03Ss1YCQxy3ZiM+wehKVDUWKO6LUNOErLlBRbLnEi/YOvqE=
last-modified: Tue, 27 Sep 2022 22:13:05 GMT
server: cloudflare
etag: W/"e903565a339cec66b6a32a9599611f55"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db019f0906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 9282.ec2603ec.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 61 KB
17 KB 62ms
56ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9282.ec2603ec.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39380fe01c2df546b384833f729e7c2265cb467cfca3c4bc5d2e85b123ae88ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: f9rHmSQaljoFAznKpwf9hYc4W9FXpDMA
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TCPH0MAD5T4HH6H6
age: 585471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qbcCa3qhcIAuJ4ELPBaz+p9ey8krGEZkwx6+/Ul5ZTtwY9Dd1MDUwKvy6Emlyegok0cgjobfZpY=
last-modified: Fri, 30 Sep 2022 00:10:27 GMT
server: cloudflare
etag: W/"cc663080b41f7a5677ede3486e8c0c5d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db06a9a906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 2837.7bf36ac5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 64ms
59ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2837.7bf36ac5.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: o1F2trFqCAwB_O69FIjcfeJyeffDoM30
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N5QPWAH5YESTA7PY
age: 855655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pTts5V3fZqIikiFPC6BW/A3MOD4OnXKycVPrg721/MSCwCHv+ASP/tp9DZr5HHGf9ZFA3VS70ac=
last-modified: Mon, 12 Sep 2022 21:07:06 GMT
server: cloudflare
etag: W/"874ff76ff89f6785bac7273c52caa1cf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db06a9d906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 AppLayout.f87a32ec.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 102 KB
20 KB 45ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AppLayout.f87a32ec.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce00af99742574f8a6cf3949839a910755595ef6e2af6f048917338f923251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: QT49PPI6gV6EBfMN17xuvbFOy1I_xdZB
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: SZ1AYTJEQ46TGV36
age: 117171
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pKegeod6YAHUTO/AfeKLptOIj2NCRWcFjFjdmyS648nki+LIyqWsjFy1r4SKjwdf1GOikqkP7Vo=
last-modified: Wed, 05 Oct 2022 09:33:20 GMT
server: cloudflare
etag: W/"7d13d3fbb893cc30d20d61ddef077d4f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07a9e906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 reporting.bbdcaa9d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
932 B 65ms
60ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2R4YTKBCDDS6HF3J
age: 254043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified: Fri, 01 Jul 2022 00:11:40 GMT
server: cloudflare
etag: W/"72bc359fe3377069bd162b3be6ed3d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aa1906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 4270.c0f5b685.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
1 KB 65ms
60ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4270.c0f5b685.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: KSkooLLVUmAEyr4Mvb9mqebbFmTOLR9I
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: C2ZN163S1S828YMM
age: 642047
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lN1VMVaeaxRA6JY7+jojWRuyaU3UMOhyF07ltDGS+YyWWVSyvqeb9ASTn/Hr82e9/OYyZQ+ZxgQ=
last-modified: Wed, 08 Jun 2022 01:57:01 GMT
server: cloudflare
etag: W/"ecb15ff3b96846c74bbdba0df72c6c69"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aa2906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
10 KB 50ms
45ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KZ14F4DJ39Z3KD31
age: 206049
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified: Tue, 25 May 2021 18:36:29 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aa4906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 7794.9590314e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 60ms
55ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: edEnQQoOPA8J97QSUBTjXG.e16leDLA5
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZZ2GZ8XPEV2XSK8Q
age: 516949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified: Tue, 25 May 2021 18:36:34 GMT
server: cloudflare
etag: W/"fdb51abd005c8009b18f0a8ff313072f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aa6906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 8316.18f2a6aa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 45ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8316.18f2a6aa.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: QUYK47Sx_vLYH.MHyrUF8Ib7srVpusAN
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CNHD5SFN5Y8TW45S
age: 644640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hFIjAklPE8uAiFD3F+iWoIjr1hZAL+bvgJNwZvAJEZUDnYTo6ZgZ84z2QdIcyEiccMTz7/tDkuo=
last-modified: Thu, 14 Apr 2022 09:06:33 GMT
server: cloudflare
etag: W/"9fa67454adaeb385a3a70077ff7b7df1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aa7906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 5472.5f6d4371.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
1 KB 63ms
58ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5472.5f6d4371.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: M9BL7xv54wPjdaXSST5ko_cL9x0mMNwi
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CNH8PTMK5AP330DM
age: 642077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xGpOOu8UZAzsu1YWUtNuDaspxj3NnwdsbLl4CFr6mQNnuC5VgdmPYNonihLFzHPh0iUQuVnGPss=
last-modified: Thu, 14 Apr 2022 09:06:30 GMT
server: cloudflare
etag: W/"6adb8844d763f7d58b6ed49ab89899c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aa8906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 4330.73510d98.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
7 KB 62ms
58ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4330.73510d98.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b1f4a654515e6718e96a6ef5ca1c2612c384ee76a9fffc113bf7936398b529

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: gaO9i4g_WJfSIkahOEBED62Hd2PF3jN.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG8M44J0DXWCZRY
age: 779955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: e3L2M0SK+KXTy9FmYbmAhbCaQggo8V2rrXfqKWckd+NFe4mmjA6dnZiHSkSLbZb5d54ypN6Q0Ho=
last-modified: Fri, 23 Sep 2022 22:08:56 GMT
server: cloudflare
etag: W/"9f468563337263a84a8e448effec8cfc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aaa906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 2981.c8b67800.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 51ms
46ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2981.c8b67800.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: TKbpTetPCYsKF3g5_IiCFHFhUDC2WY1y
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GAQFSEGQ7ZX9WVAM
age: 541030
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JZ3QGAr3YDxzfAuaIsASsvJvN+RTmdc03eLiHotXzIYN053sc/z1HPnQtDrlr+KdJljcubb5W7Y=
last-modified: Fri, 19 Aug 2022 10:43:45 GMT
server: cloudflare
etag: W/"ae90acd9390e2e8ae30aa02c7d1d058e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aab906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 3115.0ef60d0a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 126 KB
36 KB 65ms
60ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3115.0ef60d0a.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7a0082580538fe9271efed1ff0a00f5b059c677869f5dccaa56b280b73052e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: AA5AEntk8r7Woc9a95MMIA7neNkl_FuN
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AEN71E4152SRF6HG
age: 94126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KGG5T51qQVtehmAnb6D7Z+Q5n03TYCmc63uOAO11U5cN3s4hhfqczBLjzzLJIFgfqsP/yiftak8=
last-modified: Wed, 05 Oct 2022 12:48:28 GMT
server: cloudflare
etag: W/"5b94af8638a1582a9cdabf8675aaddf9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aac906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 5758.4d052c2f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
2 KB 47ms
42ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5758.4d052c2f.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9b076f650f3530b44d3f99c581cb806a86d51ec91fe55cb9cd85bc48b135d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: gt_SJcOubU_dOS.haXYGewc4icbw4Hyj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG51J9P0YEAZ77C
age: 779955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qkVrdfiZXNyapPBMXHd6fakFRBLi3L7foXwy6eMlpoooaUFOxNB9X/SKcM5jePUGZUPF1q+ni4M=
last-modified: Fri, 23 Sep 2022 22:08:58 GMT
server: cloudflare
etag: W/"d9935bdb71077ea91b9c9f793a918600"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aad906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 4869.c26b42a4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
4 KB 46ms
41ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4869.c26b42a4.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31aea01c54082d4366ed9c1a30b107ddd68add375f5a417cccfc3b0d3e049522

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: ybwSfhEjfd4KouqDqwcSrRsSgKNfh3Bj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8Z2WQJXZQTDA15B2
age: 11195
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UlUugSA9Se1yvCrBTx7HVa591BIt6DEKp+YytaSO5LWr3f9TkcD6cY4Q8PzUURz3Vv3YIotmEW4=
last-modified: Thu, 06 Oct 2022 13:41:29 GMT
server: cloudflare
etag: W/"565a1367e850d5ce60594528d43697c2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07aae906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 9401.492bc814.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 89ms
84ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9401.492bc814.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: o7qB8yuUJ2.ySHF37F8FxNhTjXdITIXy
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BVXT7BCCKH158FM3
age: 765074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fmyPMPKPQeWvDtiHrQgX5CGXZTku+5n0vOfhSaA2QdzDZmCmY1RbWsXR1l8WR2n7FzWl5DH3jRU=
last-modified: Tue, 21 Jun 2022 18:46:28 GMT
server: cloudflare
etag: W/"1ddc9c0c19f0fe0be7a7d8a22ff4b327"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07ab6906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 2307.b2a54ca4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 61ms
56ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2307.b2a54ca4.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: uC58zPGNf1Kmzb_z_oSfu.TRqdXHy86R
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4FNZA2AQ2HMAKR1P
age: 781028
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: v5fjgekWKQBKHUWXtS38VUfIdGtrSZeJZbo9JFk0TafKXhvG12gQFQHCSmKuVupC91S9KgZ1su8=
last-modified: Tue, 30 Aug 2022 17:41:16 GMT
server: cloudflare
etag: W/"452a684fb8b71960fde058398549b560"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db07ab9906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 7070.02e46a7e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
7 KB 80ms
75ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7070.02e46a7e.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc115cd1e5ef793ff04ed5df6e547e94d31951a693f26687e7111338dd54489d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: S3feEXFICkaXeiTXgXXS41qmfPbtZ4PP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 49QC6WK166F3TSZV
age: 190713
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EH2ijoC668jwCjgCnNEK/aEr9VQmI0mSrLii32/YrQYLeNsp8qnJpsed6tsVHvAqvwYpGXycf98=
last-modified: Mon, 03 Oct 2022 21:52:56 GMT
server: cloudflare
etag: W/"34922e53609faa89caae89d1121b3383"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09aec906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 9442.5291e270.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 67ms
62ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9442.5291e270.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: pCL2A.BoWSvPuskvdf9gJgCn0qWM.lXJ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8NAYDQE9MQK743Q9
age: 710166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Q+YMUo3f6jyml7SXk6SmWMrC+AY114aKXRjQlxqfefqQ7aN4c6PDcZ7B2XOvKqS3AdCjuSFaiK8=
last-modified: Wed, 06 Jul 2022 07:53:44 GMT
server: cloudflare
etag: W/"3edcd4d9e5942e997e7195e591b148c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09aed906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 4483.0a43a5ce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
6 KB 64ms
59ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4483.0a43a5ce.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: nXdB1pZcC2zXCHIpRf4DyB5qHFX0z_KH
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W3D8VPVQKPJHDC62
age: 179001
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ytI/ljuGLDtWZEwYKNhFOgDeD2WTPgxo05GxSQEDIon/zinlUDuR+/2Nyy0YzyZcgw8tUYCCnFU=
last-modified: Mon, 01 Aug 2022 21:57:50 GMT
server: cloudflare
etag: W/"bf55b6950792bc738fb0d12bda42e128"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09aef906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 210.1b33e4a9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 32 KB
11 KB 82ms
77ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/210.1b33e4a9.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: 6A1grWb2eI.v5FtaeGijF4bKOleB0EK_
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: R9K4CT5HZKR9XB80
age: 241133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bK9GrVt2RHKtpupDor4YEMRzj0iT9/K30lVIGBWPvzExxM1r7ZHTbRKVadGGdneEwMfPW+FNrAY=
last-modified: Mon, 22 Aug 2022 23:07:50 GMT
server: cloudflare
etag: W/"e21593b9b2665e2c028ec837b9b17a44"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09af1906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 864.dc58ca67.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
4 KB 73ms
68ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/864.dc58ca67.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1bbfbd6071831b2ff691ec6b9496a968663008078867fc284318644cef803d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: _13YWGk4m_2cdhVw9e_kaqVd2sou9n_x
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNGFVVEW7PGG9YEM
age: 779954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: f+b8sgM9JUrsTLOuhGjWrz8Sh97pk9INvjRwPRF8pSwootUBCTlBJvtZQWP3E3GIxU+6bpnWX8E=
last-modified: Fri, 23 Sep 2022 22:09:03 GMT
server: cloudflare
etag: W/"8132d360ea9d611d92078a70603dd23b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09af6906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 9841.1bb423da.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 67ms
63ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9841.1bb423da.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: 1xI7YK_MjEYp2K.Qr19IRQM3SL0GPfHl
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8NAXTKXVT5YRHG8C
age: 710166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6RKhOlsS35C1DjFeoOeZMOD90SHxxnChKIQkQecxgi1FNFcL9Jw/77BJ3rP6obK3+XmQcVD4AV8=
last-modified: Wed, 06 Jul 2022 07:53:45 GMT
server: cloudflare
etag: W/"a438d4b84fc984bedab39eff52de7d1b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09af8906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 3610.44f23015.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
6 KB 78ms
73ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3610.44f23015.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c53107115c2886b771e3b10186bef63a1b74e14f8a00b21ee1bf576f6b0750d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: cb7JoaS.ocW.SiNxBgiZ_b5Fz4MKrRLi
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 49Q9DN8K1EGASB82
age: 190713
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0MO93HayNYtoDFCaoMrhmAmI891aDbL5qfU7wroG57SUWC/s9tXN/cd0oFIsGYvdhy4VgjXzpg4=
last-modified: Mon, 03 Oct 2022 21:52:51 GMT
server: cloudflare
etag: W/"5857105e7322d0c454c1d54cc9f5e9c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09af9906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 1018.3d424dd7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
6 KB 77ms
73ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1018.3d424dd7.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54bdf228c7a517eb862d683fea710837b6134d9399826803104e8fb1709a2750

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: wsEivFZJ80.8q67Y.g4rlVOMV58uSqJ4
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: THHCJEXA160XVYBP
age: 192250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MFKO8CrU3InddHsLhYZPAGn9EzGKiSNY154vNB90PaLU9R72DyO3JRvdXHq2oCtgZ5yZ6v9GO50=
last-modified: Mon, 19 Sep 2022 15:53:23 GMT
server: cloudflare
etag: W/"886236e23480793d25fe6271214d1f15"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09afb906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 9304.78e04611.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
2 KB 84ms
79ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9304.78e04611.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66eb60a7fdc9831cf6ad759153bb6212616a33587085e5258f2b11b877609856

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: XDBaX6XKHnNFSwpvKayMa.sNOC1hcaLl
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG67HTECN3C6TXV
age: 779954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: aFise8ajUBpU7qgQd2gJgXPrvwjeGFn0z2ZLiO1h3bVNsp+BLgHIrYkUEfahVV3mhR8DUzrN1gc=
last-modified: Fri, 23 Sep 2022 22:09:03 GMT
server: cloudflare
etag: W/"4e6f30dbe08ace2ef331214677bc3aa1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09afd906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 763.3dd24340.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
2 KB 75ms
70ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/763.3dd24340.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: goZsfOIuyppoMc0Onuw5TwPKffEVGUNf
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8TGJ1XETE0NY1ZG4
age: 559556
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6iXFlhEzeicU7aJ8UbF6igParGUQqtaRkkp5G2WlBmS6AJF/WHGutadrfqBzSG8sE92+qrVVMAw=
last-modified: Thu, 01 Sep 2022 13:17:18 GMT
server: cloudflare
etag: W/"95c429bc01e6ab0aedece2277f3f41dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09aff906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 8051.c536c001.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 59 KB
14 KB 80ms
75ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8051.c536c001.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: 5HJouVNr7TaNTnESG04IiNLbaSQMTDfM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: R9KF81087VD844WE
age: 241121
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ASyihAp1nF+SMXGApQv3rEubcbtNjRG0JqkLTfOMyQEA7BqHyJCgSgU6R8jkZ2S7R5xv2Uvx110=
last-modified: Mon, 22 Aug 2022 23:07:58 GMT
server: cloudflare
etag: W/"47343252b22a02ee0822f03f0be391ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b01906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 9241.b09496de.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 41 KB
11 KB 82ms
78ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9241.b09496de.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14d7c67ad8ed851231c5e7dc067f72f775f00605e90fc8a7bf646ec85bb7705e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: l1nFvrntWCLaabzEa7gOmlhfkPLM_CCW
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QQ4HGX70TF43YVAQ
age: 244855
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XKhp6eOvJsrFGPTsU1GKQYAUGTxgfacC5+kV5ctlkFd1J1TYUpBSJ0EXWtf35CXfg4ZMWSoiC58=
last-modified: Mon, 03 Oct 2022 21:52:03 GMT
server: cloudflare
etag: W/"b019c09c693cfa7a8916ae4d53b06083"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b03906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 5887.70c709b9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
6 KB 71ms
67ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5887.70c709b9.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98603782d93de93b6ada4b84259aa2739d2cae8e2fb08dcd56a9eea445cc4d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: RXZZuKA8UCoYA5dJYXVX4Qg8V0rCuEvy
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QQ4TFR6BV51HN9GZ
age: 244855
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: N43Xx99oAOqu/+73b0Ql1yjNVehOtOkQXVL0KQoeReXgZS6X1grZfbb34EsYJC9UzWpoUZF/srI=
last-modified: Mon, 03 Oct 2022 21:51:58 GMT
server: cloudflare
etag: W/"2d873f21d4eac4bb680e7be6c13ec68c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b05906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 5754.6687b8d5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 87ms
82ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5754.6687b8d5.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: jm4XNl7ULcgGCxMyZPfaouJSQOG7cvnF
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BABNVAC1BSV2C8K2
age: 1126819
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JuAasHgUwNuFUAxgOmmPG+bBIkW5yXPNOZqk3r8KUPVeaUKAUHQjXw6QBt3GUwX6eWS+1+eA1Co=
last-modified: Fri, 20 May 2022 05:33:41 GMT
server: cloudflare
etag: W/"d8cccf81b0e959008ed590e4a91a1c61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b07906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 PostPage.MainContent.ad0db5bf.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 113 KB
27 KB 78ms
73ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.ad0db5bf.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5723ac756594424cca13672cbe38c7b3ec88c7d2f2b5490bac39e324507392c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: hzhBSkFadcJgfn9Wa91iT_g1Z.bj0pjA
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NYP57J155FEQXG3M
age: 72576
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: BZIfq+eJGvjFcwBTSft+bsFD7aOp+WMgwJLphp4VsSb5MMNVhbWGycNz4GPtGpFCpp/er/isizA=
last-modified: Wed, 05 Oct 2022 21:48:53 GMT
server: cloudflare
etag: W/"88083b80ce97cd0ed46d02dadc2dab4c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b08906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 1987.e87f9d80.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
3 KB 80ms
76ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1987.e87f9d80.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: cBz4yUOPeuq85PbanD5Gb9jI.f0cdUtK
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E9ECF7NHXNH0HYA8
age: 598979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tKLOWGSriv3Ultn4eLNFbNKM/gTHzGNs9zVwMjqNYCyLbYgGmDgqtuSG09J4Lq8R5AQQIImYNzM=
last-modified: Thu, 01 Sep 2022 18:26:19 GMT
server: cloudflare
etag: W/"5587b9535df6c9068c64661ba037ac8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b0b906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 8237.1eb3b71c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
3 KB 88ms
84ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8237.1eb3b71c.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4edc203436e639704759a0b22466343483791d9f0bff5ac587ef25f8c7202546

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: dxiPIalaMFBcJ6bndxlKAhUvQhDPAi29
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG2GE4SZ1K8S5J0
age: 779954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: r4d1cVQf8adJjJWwXVtv/SJVZPQxvcNoH3eHVrE+r8z1XMOmCpVFuVgiXL3rn7HYoFCR79W4XHo=
last-modified: Fri, 23 Sep 2022 22:09:02 GMT
server: cloudflare
etag: W/"ed71bc5d2a871a459349806dc92e2372"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b0c906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 7994.ade10b8f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
5 KB 86ms
82ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7994.ade10b8f.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

face323314afe36ef510c9fd57e043ce5ac3ee3d34324e375131415bd3505e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: yM7Ggx4GEv29sp48.8KJFhZQ0j02VxWj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VR79VQM3D6T52DFA
age: 92471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xcAaKugkAKru77shRH5O9l24Fc4YZBfqvi8Bcnd7iWeb/lex//XTEMIXlDCv3KYEd5yZoXxw2zs=
last-modified: Tue, 04 Oct 2022 23:18:19 GMT
server: cloudflare
etag: W/"a73f3f695615e27646107e8bc9bfffde"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b1e906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 PostPage.RightColumnContent.3109f2af.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 34 KB
9 KB 87ms
83ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.3109f2af.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84319657d51cc68ee7e2c1f4cfd81affeb0c799ac3e946ccd1a9a806eae4413f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
x-amz-version-id: OQTXekog0JbF0aksk4euUufBeOtY9G8.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: WVHGDEZ226X7JDXY
age: 244855
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: U1hZIYYCiR/LAAt0eywOlM605dSu6+fNbH4TtPKWOGFromU18XnrmcbmI7YvmTCQaYhHJt831rM=
last-modified: Mon, 03 Oct 2022 21:52:18 GMT
server: cloudflare
etag: W/"6c0fbf757031142d9381e8e8722dc8a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db09b22906c-FRA
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H2 200 0*pQiJps_7EGFCoO9V
miro.medium.com/max/320/ 13 KB
14 KB 77ms
77ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*pQiJps_7EGFCoO9V

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa4ea0a5b704ba20b740254f94697c354bc2508f41ad06f233db9b115825d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 205012
x-envoy-upstream-service-time: 2172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13788
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221003-220408-255912eb52
accept-ranges: bytes
cf-ray: 75609db09b24906c-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 123ms
98ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 20684222
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 75609db09cbe9a0f-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 73ms
48ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 19332576
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 75609db09cbb9a0f-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 144ms
119ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 19039932
x-envoy-upstream-service-time: 31
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 75609db09cc39a0f-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H3 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 130ms
107ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 19365526
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 75609db09cc19a0f-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 81ms
69ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 29711007
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 75609db09cb69a0f-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
29 KB 116ms
115ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 20563300
x-envoy-upstream-service-time: 81
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 75609db0acde9a0f-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 06 Oct 2023 18:56:15 GMT

GET
H3 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/64/64/ 2 KB
3 KB 65ms
63ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/64/64/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2aba4d59dbb00af771b35ea962de7f13f0099d894886b663cc453f891fca6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 597295
x-envoy-upstream-service-time: 57
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2534
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220303-000533-8c0cdff0ab
accept-ranges: bytes
cf-ray: 75609db0d85b9028-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 88ms
85ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32077
x-envoy-upstream-service-time: 57
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4168
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 75609db0d85d9028-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H3 200 0*1acKQsWchBvkk1nk
miro.medium.com/max/720/ 51 KB
52 KB 89ms
87ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*1acKQsWchBvkk1nk

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443284f640afd32b1532789657bc8f182c11b0f5599e49b70793c6de80655d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 213648
x-envoy-upstream-service-time: 227
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52726
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db0d85f9028-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H3 200 0*8CtgNhEdrEXcU-75
miro.medium.com/max/720/ 75 KB
75 KB 109ms
107ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*8CtgNhEdrEXcU-75

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

011fde0b027062771524c604be95e7538912dd0402efeeaaba4c4d32faacf9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 138120
x-envoy-upstream-service-time: 243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76592
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db0d8639028-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H3 200 0*c8h3STMGC0nxyTDd
miro.medium.com/max/640/ 76 KB
76 KB 67ms
65ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/640/0*c8h3STMGC0nxyTDd

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49d98921ea92f67eab9a08aa38bf26cccf84ec38f90a700a89ceb0d2f08a6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 586987
x-envoy-upstream-service-time: 264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77680
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db0d8649028-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H3 200 0*7XZQgCET-WfKmQ6P
miro.medium.com/max/720/ 63 KB
63 KB 45ms
42ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*7XZQgCET-WfKmQ6P

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5c2408e788a199fd971127ce0f1ddb40ef3fe9f0ceedff56a2863b7c0f66f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 586987
x-envoy-upstream-service-time: 250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64351
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db0d8659028-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/176/176/ 9 KB
9 KB 137ms
134ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/176/176/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb889c1cb1f8aa32011e8ecadf4982471cd8cf659e1676a5cbc62b7bdffc6380

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 597295
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9114
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 75609db0d8679028-FRA
expires: Sat, 05 Nov 2022 18:56:15 GMT

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0 375ms
106ms Preflight 2600:1f18:24e6:b902:6d57:676f:b91a:394d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:6d57:676f:b91a:394d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
content-length: 0
date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff

GET
H3 200 0*PHZXNa19OkzAjKq4
miro.medium.com/max/720/ 39 KB
40 KB 63ms
63ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*PHZXNa19OkzAjKq4

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e0c7393357848d9741e07f7426f58396da2c85a9b7b94e21a3c0f3e156eed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 586988
x-envoy-upstream-service-time: 420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40298
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db52a0f9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 0*c5R-mNI774IqryzT
miro.medium.com/max/720/ 60 KB
60 KB 39ms
39ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*c5R-mNI774IqryzT

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24aba2bc191d7d301e8ed851d045f0f00a174af524dc7f07f9f77016edbf5555

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 588061
x-envoy-upstream-service-time: 179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60997
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db52a139028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*48R4OwM2KL6q4Prw0fJDhg.png
miro.medium.com/max/720/ 46 KB
46 KB 44ms
43ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*48R4OwM2KL6q4Prw0fJDhg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed94a03a7b2235760adc5913caedfe3b9094bd9151a4c7e2586d1757c642d818

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 138121
x-envoy-upstream-service-time: 344
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47011
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db53a349028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*rzHWpGJI2DB0B-tBgYVJNw.png
miro.medium.com/max/720/ 69 KB
70 KB 46ms
46ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*rzHWpGJI2DB0B-tBgYVJNw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

497337300a5bbcfff088d450bb9cf80b81779b6f206be832ad62f1c062472b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 588061
x-envoy-upstream-service-time: 321
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71110
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db53a399028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 0*5GW6H9LYN_cq2kLC
miro.medium.com/max/720/ 98 KB
98 KB 54ms
54ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*5GW6H9LYN_cq2kLC

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c28d069a5ae2d5565051c7acf9a79060137adf5e35fd195c284eaea7230caa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 534479
x-envoy-upstream-service-time: 340
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99891
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db54a6a9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*Hj8bVBrqNwjCjduGCkI3Gw.png
miro.medium.com/max/720/ 51 KB
51 KB 51ms
51ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*Hj8bVBrqNwjCjduGCkI3Gw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d389af9d797e2a5f2558888560d83b21ea9580793f728c620a130a4ba65b47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 522396
x-envoy-upstream-service-time: 127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51868
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609db54a6c9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 0*jqxK6iiTcjESrdZ7
miro.medium.com/max/720/ 82 KB
82 KB 42ms
42ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*jqxK6iiTcjESrdZ7

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ad3bf318559f99bcdd2794acebb696cede54934d167e56ac336c992382182e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 460479
x-envoy-upstream-service-time: 183
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83766
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220930-203142-057a4d4bc6
accept-ranges: bytes
cf-ray: 75609db57ad49028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*qbpD8LRWj-SxAyvsoZwWGA.png
miro.medium.com/max/720/ 42 KB
42 KB 36ms
35ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*qbpD8LRWj-SxAyvsoZwWGA.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6871ae165cc313cad425fcf58cdb0efd2efc76b9ae28d0e33579296a47719a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 460479
x-envoy-upstream-service-time: 193
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42653
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220930-203142-057a4d4bc6
accept-ranges: bytes
cf-ray: 75609db57ae19028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 0*c1jEhDFrTC2viDcK
miro.medium.com/max/720/ 34 KB
34 KB 39ms
39ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*c1jEhDFrTC2viDcK

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11240494cb8626859842a59157789400ac9d7d5dd8753920e2eab5b0d451a5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 282418
x-envoy-upstream-service-time: 181
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34785
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220930-203142-057a4d4bc6
accept-ranges: bytes
cf-ray: 75609db59b0b9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*oaapwKagX6IpbFxxcH6D8g.png
miro.medium.com/max/720/ 75 KB
75 KB 35ms
35ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*oaapwKagX6IpbFxxcH6D8g.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ceeadc3050854bf8fefd20f634eec2a300233e4a9f23aec05199fc27befb39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202341
x-envoy-upstream-service-time: 215
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76701
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221003-220408-255912eb52
accept-ranges: bytes
cf-ray: 75609db59b219028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*K3JSTz-okUASptitD9r9dg.png
miro.medium.com/max/720/ 77 KB
78 KB 44ms
43ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*K3JSTz-okUASptitD9r9dg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01de5d5ed7344628a6db746a2f4a677f92716a353c5a6beabef80f4a16af8f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202341
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79181
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221003-220408-255912eb52
accept-ranges: bytes
cf-ray: 75609db59b279028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*lgm9K0Cyg8sjcXFY3Y5qqA.png
miro.medium.com/max/720/ 30 KB
30 KB 46ms
46ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*lgm9K0Cyg8sjcXFY3Y5qqA.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84860473147a2ad712d1052ce02c38f6614515c36407f287aebb9191782bf77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 160507
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30371
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221003-220408-255912eb52
accept-ranges: bytes
cf-ray: 75609db5ab339028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*n1Gv5sb2uj86Ch5Ua2_WHg.png
miro.medium.com/max/720/ 60 KB
60 KB 61ms
60ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*n1Gv5sb2uj86Ch5Ua2_WHg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54d1d1e2bbaa16ce51529a69e441f3f4ad9228146aea5007ed36ab4fbe0017e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 160507
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61535
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221003-220408-255912eb52
accept-ranges: bytes
cf-ray: 75609db5ab489028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 0*70AG84FlekbasMTE.jpg
miro.medium.com/max/720/ 42 KB
43 KB 44ms
44ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*70AG84FlekbasMTE.jpg

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f1c970575963a1c5ed7dfe0098f9fbd11248423a4cc3dfe886606c8a5972040

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 160507
x-envoy-upstream-service-time: 70
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43341
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221004-195731-2f1668cc99
accept-ranges: bytes
cf-ray: 75609db5ab4c9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 0*_XWSnYBn8k4KjAGw
miro.medium.com/max/720/ 175 KB
176 KB 103ms
103ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*_XWSnYBn8k4KjAGw

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cacfcdf1db167339dcad66d886626b21c52db33f0d35b8178e91a31af190a5ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92944
x-envoy-upstream-service-time: 371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 179705
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221004-195731-2f1668cc99
accept-ranges: bytes
cf-ray: 75609db5bb5a9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*3576U4p84nArRxJqpXv7cQ.png
miro.medium.com/max/720/ 53 KB
54 KB 44ms
43ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*3576U4p84nArRxJqpXv7cQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02fe2389bbbfdde196cbbed95fad940ad4c4f3db14cdcb8f0434f19d92cf0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75612
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54760
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221004-195731-2f1668cc99
accept-ranges: bytes
cf-ray: 75609db5cb749028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*VfuPXUzUG3sGVWmVrpbfBw.png
miro.medium.com/max/720/ 38 KB
38 KB 47ms
47ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*VfuPXUzUG3sGVWmVrpbfBw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd616e4110181278a822f4cea13401e029ba18f8757808355ea66d333befaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30736
x-envoy-upstream-service-time: 305
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39067
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221004-195731-2f1668cc99
accept-ranges: bytes
cf-ray: 75609db5cb829028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*2sqlJAksZ-fOkEyhXSwBEw.png
miro.medium.com/max/720/ 22 KB
23 KB 34ms
33ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*2sqlJAksZ-fOkEyhXSwBEw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2938c51d57f681383f340b69dc9e8263e1de1b5807153b8b8af1cbd92ff1dd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30736
x-envoy-upstream-service-time: 85
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22805
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221004-195731-2f1668cc99
accept-ranges: bytes
cf-ray: 75609db5cb849028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 0*pQiJps_7EGFCoO9V
miro.medium.com/max/160/ 6 KB
6 KB 37ms
37ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/160/0*pQiJps_7EGFCoO9V

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e623618c66b2d1bc7cb1102420145226bbae8398f3071f6b78f81ca2b252735

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 203060
x-envoy-upstream-service-time: 2136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5853
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221003-220408-255912eb52
accept-ranges: bytes
cf-ray: 75609db6cd4f9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
182 B 157ms
157ms Fetch
application/json 2600:1f18:24e6:b902:6d57:676f:b91a:394d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.092b0731.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:6d57:676f:b91a:394d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

POST
H2 200 pubf9cc52896502b9413b68ba36fc0c7162
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 490ms
233ms Ping
application/json 2600:1f18:24e6:b901:43d1:1456:57d:23b8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubf9cc52896502b9413b68ba36fc0c7162?ddsource=browser&ddtags=sdk_version%3A2.8.0%2Cenv%3Aproduction%2Cservice%3Alite%2Cversion%3Amain-20221006-153254-fdb603b8b4&batch_time=1665082576477&m_time=1665082576477
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:43d1:1456:57d:23b8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 PostGiveTipOnExternalPlatform.8f77b158.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 49ms
49ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.8f77b158.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.a9f0e41c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
x-amz-version-id: jOmB2cABPV60dTlglOANqba9eeq2SJ1k
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AF3N7753DC5XQHW6
age: 90696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +jmYCPeoPNLAPjqnBrcfyOcxcR/Zsc8Mzcobt2w+i+uriU2T6p15YXqwtxy/bdUu/V9fxYpFmqI=
last-modified: Mon, 29 Aug 2022 15:03:38 GMT
server: cloudflare
etag: W/"a8da66300dc20eb65b5ca5b255fb21bf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609db7ddbebb79-FRA
expires: Fri, 06 Oct 2023 18:56:16 GMT

GET
H3 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/32/32/ 1 KB
1 KB 46ms
45ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5662822283419524d975e985628a750612de365972df3f8a7e3e92d25550691f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 593139
x-envoy-upstream-service-time: 74
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1153
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 75609db858449028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/48/48/ 2 KB
2 KB 41ms
40ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/48/48/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fbb7049ad12606310dcd8e51de98ecc0e1685e6cdde00e7a999644797e8713d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 597295
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1768
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220303-000533-8c0cdff0ab
accept-ranges: bytes
cf-ray: 75609db858479028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/88/88/ 4 KB
4 KB 42ms
41ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/88/88/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e6610f624debb1f77669186e644eef7f43bd336b3cfe1297a4108d2b5c50b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 593139
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3871
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 75609db8584a9028-FRA
expires: Sat, 05 Nov 2022 18:56:16 GMT

POST
H2 200 pubf9cc52896502b9413b68ba36fc0c7162
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 155ms
155ms Ping
application/json 2600:1f18:24e6:b901:43d1:1456:57d:23b8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubf9cc52896502b9413b68ba36fc0c7162?ddsource=browser&ddtags=sdk_version%3A2.8.0%2Cenv%3Aproduction%2Cservice%3Alite%2Cversion%3Amain-20221006-153254-fdb603b8b4&batch_time=1665082576919&m_time=1665082576919
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:43d1:1456:57d:23b8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 graphql Show response
doublepulsar.com/_/ 143 B
439 B 127ms
127ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

efbae0ccd9e19a309d572fb0c8c7886b36ba10f8c727e7cffa98fe62a5d83de0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
sepia-upstream: medium
server: nginx
etag: W/"8f-0DQOxPlPvy3wrJLQWIjq4boFLrY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb
x-envoy-upstream-service-time: 14
content-length: 143
x-xss-protection: 0
x-request-received-at: 1665082576981

POST
H2 200 graphql Show response
doublepulsar.com/_/ 1 KB
865 B 176ms
176ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f94609e310e229787546d18d14bdff1cf82425028a5e56721017f59c3aaee17f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"568-hQDX0+p8mu1LY5nUqb/sKcGD3R0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 61
x-xss-protection: 0
x-request-received-at: 1665082576984

POST
H2 200 graphql Show response
doublepulsar.com/_/ 1 KB
987 B 182ms
182ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

257919f0f68c547b8ac318f6f1986e8db8bd4d8818947668f5a91451eea85bfb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: FloatingPostActionsQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"50d-4DwteoD0o1gejLUQ7VcP4BpdKJU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-084101-420552508f
x-envoy-upstream-service-time: 72
x-xss-protection: 0
x-request-received-at: 1665082576980

POST
H2 200 graphql Show response
doublepulsar.com/_/ 210 B
531 B 248ms
248ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

661b1e261036d47fe2ffa636531f80a7716efcf189259fe87c4d23aebc4cb98f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
sepia-upstream: medium
server: nginx
etag: W/"d2-f41UpEVmf5VP2hsV4HLvhhNSBUk"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 29
content-length: 210
x-xss-protection: 0
x-request-received-at: 1665082577089

POST
H2 200 graphql Show response
doublepulsar.com/_/ 210 B
532 B 258ms
258ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7f9cea017960d6386bdb15c1068a44793130dc6d17a9935fd65cddea0cb96057

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
sepia-upstream: medium
server: nginx
etag: W/"d2-ZrNMJ9Z74w1K7xE46N4wyo1Pk/A"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 43
content-length: 210
x-xss-protection: 0
x-request-received-at: 1665082577085

POST
H2 200 graphql Show response
doublepulsar.com/_/ 122 B
443 B 322ms
322ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

687b200c21d0489d1317df38901138a20919b1d331637e567c32b242470841b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PostPageMeterQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
sepia-upstream: medium
server: nginx
etag: W/"7a-Anj6kLKPTl7dYRRc0vntDac3O3s"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 104
content-length: 122
x-xss-protection: 0
x-request-received-at: 1665082577092

POST
H2 200 graphql Show response
doublepulsar.com/_/ 2 KB
1 KB 383ms
382ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c1ff3a3e0217e0f6df52ba2fcd74ade8a5cc543b02ce4d9bae75c14747ec41ee

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PublisherFollowersDialogUserQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"933-h6jcxNoTz0uN7K9UEL87TCg2VQI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 166
x-xss-protection: 0
x-request-received-at: 1665082577136

POST
H2 200 graphql Show response
doublepulsar.com/_/ 4 KB
2 KB 289ms
288ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c5d3a47f72ce50b8d1fe552735546e14b3febc34fa8e5268cbebb42594f30416

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: RecircSidebarQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"1140-KFmYKi0a9AeiraIVR/6Dv2heJ1w"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-084101-420552508f
x-envoy-upstream-service-time: 70
x-xss-protection: 0
x-request-received-at: 1665082577091

POST
H2 200 graphql Show response
doublepulsar.com/_/ 78 B
398 B 246ms
242ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
sepia-upstream: medium
server: nginx
etag: W/"4e-oZRptXabGmg8T9fhH50MI993LtI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 33
content-length: 78
x-xss-protection: 0
x-request-received-at: 1665082577091

POST
H2 200 graphql Show response
doublepulsar.com/_/ 103 B
398 B 241ms
238ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

411436c9447b338e064058a1f7c2b0b5d41c501433d6c65dd46cfaf0a20d60cc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
sepia-upstream: medium
server: nginx
etag: W/"67-dgcCi3yTZjeWGH494v8BCS5Oxe8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb
x-envoy-upstream-service-time: 27
content-length: 103
x-xss-protection: 0
x-request-received-at: 1665082577094

POST
H2 200 graphql Show response
doublepulsar.com/_/ 81 B
374 B 194ms
194ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:14 GMT
sepia-upstream: medium
server: nginx
etag: W/"51-T0kabmH8r91amHAHqjii15hhpe8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb
x-envoy-upstream-service-time: 24
content-length: 81
x-xss-protection: 0
x-request-received-at: 1665082577091

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 121ms
120ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.092b0731.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, clientele/main-20221005-185408-812c854e01
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 137ms
137ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.092b0731.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, clientele/main-20221005-185408-812c854e01
x-envoy-upstream-service-time: 4
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 118ms
117ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.092b0731.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, clientele/main-20221005-185408-812c854e01
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 shim.js Show response
cdn.sprig.com/ 193 KB
65 KB 105ms
26ms Script
application/javascript 13.225.78.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=WISfSM8eD3
Requested by: Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf57366bd55298c814cedbb050f84cb0a1253820b5f5c1ab1c4ce216eb3bed5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 22:00:01 GMT
x-amz-version-id: dudLBg1byoAmUpFiYjdx5p.wTRvX21WL
content-encoding: br
last-modified: Mon, 03 Oct 2022 18:29:01 GMT
server: AmazonS3
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"ae2766997c89d8c8569d782ac1bbddb4"
age: 75377
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Lm9cmU2eVkOUXkyDyiRLgKAxkDbeNsxdZXMtW1NNynKggnp8pLRDjw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 698ms
33ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 18:27:31 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1726
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 06 Oct 2022 20:27:31 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 76 KB
23 KB 83ms
24ms Script
text/javascript 108.138.17.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=80131e8793e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: xpT8NSlkFRtFn0r3VTueOXydk4ItdRFJ
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
date: Thu, 06 Oct 2022 18:55:15 GMT
last-modified: Tue, 13 Sep 2022 22:02:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 63
etag: "9a440767cf788fb1f7e43521d015d5ca"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 23149
x-amz-cf-id: 4rW7LoBt8ieYI7ivx1brmxtmYmYKk61B6-0J-cNav_TLq0JqOLVvYg==

GET
H3 200 0*tJkAQl1tB_Toh0js.jpg
miro.medium.com/fit/c/20/20/ 339 B
691 B 73ms
66ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/0*tJkAQl1tB_Toh0js.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543d2b2983d520d88830e0cb82ecfc590f6779268ecd3e36a52236d05b418ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306829
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 339
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220923-182944-2f1209e24b
accept-ranges: bytes
cf-ray: 75609dbd8bbc9028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 1*9fuAK6Iim8zAbPvgSMNuDw.png
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 73ms
66ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*9fuAK6Iim8zAbPvgSMNuDw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae919033a953acd9259fe21761388a5458f67673fe5a58feb2bd4e6469b43cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306829
x-envoy-upstream-service-time: 123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2343
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609dbd8bbd9028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 1*fGp03J40JD70Af-AAQ8tbg.png
miro.medium.com/fit/c/20/20/ 492 B
833 B 50ms
44ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*fGp03J40JD70Af-AAQ8tbg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12bdac97d9763394d137e1b60107a8ba67e67a1c007bcffa1c43d6a3a0668b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 115540
x-envoy-upstream-service-time: 94
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 492
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 75609dbd8bbe9028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 0*U4i9pbnZa1jejeyg
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 79ms
74ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*U4i9pbnZa1jejeyg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d704183567375e88c3f095dd15a6c80079983a4ac8dbb4eab5967b9c915591d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30579
x-envoy-upstream-service-time: 5261
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2352
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609dbd8bbf9028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 1*cHP8DbSurq9-y7eiervxzw.png
miro.medium.com/fit/c/20/20/ 845 B
1 KB 45ms
40ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*cHP8DbSurq9-y7eiervxzw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d0f4d9aee0b06ec44dbea5ec6447ea3749dde0ce84be31f405ee0ce38f9a9e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339897
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 845
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 75609dbd8bc09028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 1*e1S_025e9KsDj454v8X8Gw.png
miro.medium.com/focal/56/56/50/50/ 4 KB
4 KB 55ms
52ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*e1S_025e9KsDj454v8X8Gw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fed8454bf35249eb3ab18d555912407681135eaa85fb2e8e780afa46fd18b483

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 200890
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3858
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20221003-220408-255912eb52
accept-ranges: bytes
cf-ray: 75609dbd8bc29028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 1*VozsyhtIWztTuCOM5GZ0Xg.jpeg
miro.medium.com/fit/c/20/20/ 636 B
988 B 37ms
35ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*VozsyhtIWztTuCOM5GZ0Xg.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

980e10d1e5f6b67f24a2ba12558a9a48829c817a764b51e47a51f0d8980db43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 183250
x-envoy-upstream-service-time: 60
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 636
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 75609dbd8bc39028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 1*9hfVWtZq4ajl1MaJSJifag.jpeg
miro.medium.com/focal/56/56/50/50/ 518 B
870 B 41ms
39ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*9hfVWtZq4ajl1MaJSJifag.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3857160e2969e62b4efd7f21c45c5586ff9f7e51928fd710ebdc29f49d7fda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 546174
x-envoy-upstream-service-time: 122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 518
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 75609dbd8bc49028-FRA
expires: Sat, 05 Nov 2022 18:56:17 GMT

GET
H3 200 4560.797148c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 34ms
33ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4560.797148c8.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.a9f0e41c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf803319c36aa71faacf7697319f06ac9933ca3e7a8fc0e74cacdd181f1a6239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
x-amz-version-id: Z7SHTutg2G4kHOFJhOz6Xxw6u59VS670
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5X9GVKRFSPQKGJD2
age: 779956
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YhxC9U9kTkFx0D3XAJRxmTUz3odWvUf3ZIHHqf2il8f4gQlvVK7nQBZ3x4il/11H8S40NtzeA14=
last-modified: Fri, 23 Sep 2022 22:08:57 GMT
server: cloudflare
etag: W/"3433382da36e684d93fbb7e115304304"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609dbdaabdbb79-FRA
expires: Fri, 06 Oct 2023 18:56:17 GMT

GET
H3 200 PostNextFiveStories.5ef18fff.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 56ms
56ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.5ef18fff.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.a9f0e41c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:17 GMT
x-amz-version-id: exTCuGBa1y2uney1YBpz5JAAyr6r7o7e
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6HYRPE56B03M9HZ0
age: 90692
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 371Blsw/iymLWs3ZYzse7ROVFRrRMZvvZssTOaA6DzeYUl9tNFU43LonSFAvaKjOz6oWJcdZTmk=
last-modified: Fri, 26 Aug 2022 22:24:21 GMT
server: cloudflare
etag: W/"5bc6ab68088c4531380f47520b82da55"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 75609dbdaac2bb79-FRA
expires: Fri, 06 Oct 2023 18:56:17 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 84 B
379 B 134ms
133ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a2d4f5ad43cfea60885731b88ca81204b87f5a9aef556a5f7db4b76dfa114abc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
sepia-upstream: medium
server: nginx
etag: W/"54-zt84IdXKOUh/6RpuiXhEmdxl+wc"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb
x-envoy-upstream-service-time: 21
content-length: 84
x-xss-protection: 0
x-request-received-at: 1665082577598

POST
H2 200 graphql Show response
doublepulsar.com/_/ 210 B
531 B 148ms
148ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

661b1e261036d47fe2ffa636531f80a7716efcf189259fe87c4d23aebc4cb98f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:15 GMT
sepia-upstream: medium
server: nginx
etag: W/"d2-f41UpEVmf5VP2hsV4HLvhhNSBUk"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 34
content-length: 210
x-xss-protection: 0
x-request-received-at: 1665082577600

GET
H2 200 _r Show response
app.link/ 91 B
594 B 554ms
176ms Script
text/javascript 2600:9000:20eb:1400:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.65.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:1400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

bcca81ee0ff23c04feef223fdf0def7af01e6055bb04f6fc02f76744f312d1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:56:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA2-C1
etag: W/"5b-Jw0eqr747fQSwD6k9VloQMYsvbY"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: lZwSIrP1XBVCEliEohTRX9rIgJ9K_9-OTz_ILGyenzxqGOPgWV2mog==

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/ 15 KB
3 KB 164ms
163ms Fetch
application/json 3.93.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-235-75.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: b4b6ce4c5080c412618652486c6e6211cc4147725f4669152208d91c6c6fc1d1

Request headers

x-ul-visitor-id: 6942e69b-e5e2-42fc-94d5-aa98dd7f53be
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version: 2.17.5
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Thu, 06 Oct 2022 18:56:18 GMT
content-encoding: gzip
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"3bbc-MS+9yK/Z42cDMflcXG8Mfbk1NoY"
Transfer-Encoding: chunked
vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 11
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

OPTIONS
H/1.1 200
OK config
api.sprig.com/sdk/1/environments/WISfSM8eD3/ 0
0 568ms
109ms Preflight 3.93.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Thu, 06 Oct 2022 18:56:18 GMT
vary: Origin

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 128ms
56ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1209265370&t=pageview&_s=1&dl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&ul=en-us&de=UTF-8&dt=ProxyNotShell%E2%80%94%20the%20story%20of%20the%20claimed%20zero%20days%20in%20Microsoft%20Exchange%20%7C%20by%20Kevin%20Beaumont%20%7C%20Sep%2C%202022%20%7C%20DoublePulsar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=955952997&gjid=2011771149&cid=1797292473.1665082578&tid=UA-24232453-2&_gid=1316767632.1665082578&_r=1&_slc=1&z=166277242

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 18:56:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doublepulsar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 24 KB
5 KB 311ms
310ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

043c6d5090d69807da549422146754bbe0da0537bbcc04e527e55def42006a65

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 2ef3488017cb0368
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PostNextFiveStoriesCollection
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20221006-153254-fdb603b8b4
apollographql-client-version: main-20221006-153254-fdb603b8b4
ot-tracer-spanid: 7758b95b746bccc5

Response headers

date: Thu, 06 Oct 2022 18:56:16 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"6115-1nXi2sfz/G6ZAwLdSrN5Gf8PCd0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6, rito/main-20221006-085558-e232742bfb, tutu/main-20221006-171605-b6f45502f7
x-envoy-upstream-service-time: 196
x-xss-protection: 0
x-request-received-at: 1665082578079

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
675 B 471ms
181ms XHR
application/json 2600:9000:21f3:4800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2efe39480a7381443ebba5716a99a523dadfbe703718c7b03a1043c13f4401c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Oct 2022 18:56:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: be140af4c66f4c78b74447dfa1e49166-2022100618
content-length: 316
x-amz-cf-id: --5OZhAqbhCgJNbIc0RkrjLNlftxHieH8yCaO8ShUj8iEoltqXnD4w==

POST
H2 200 pubf9cc52896502b9413b68ba36fc0c7162
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 245ms
245ms Ping
application/json 2600:1f18:24e6:b901:43d1:1456:57d:23b8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubf9cc52896502b9413b68ba36fc0c7162?ddsource=browser&ddtags=sdk_version%3A2.8.0%2Cenv%3Aproduction%2Cservice%3Alite%2Cversion%3Amain-20221006-153254-fdb603b8b4&batch_time=1665082578121&m_time=1665082578122
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:43d1:1456:57d:23b8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

PUT
H/1.1 204
No Content 6942e69b-e5e2-42fc-94d5-aa98dd7f53be Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ 0
815 B 261ms
149ms Fetch 3.93.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/6942e69b-e5e2-42fc-94d5-aa98dd7f53be
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-235-75.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id: sprig-anon-7ee1e77d-4904-49dd-a993-9573b16b28db
x-ul-visitor-id: 6942e69b-e5e2-42fc-94d5-aa98dd7f53be
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version: 2.17.5
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Thu, 06 Oct 2022 18:56:18 GMT
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
x-ul-visitor-id: ce2578d8-0d76-4a93-bb47-35724a025e5a
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiJjZTI1NzhkOC0wZDc2LTRhOTMtYmI0Ny0zNTcyNGEwMjVlNWEiLCJpYXQiOjE2NjUwODI1NzgsImV4cCI6MTY2NTI1NTM3OH0.wl6Pp8lyD8hVL_wieOGMzcE-WXwivbh6Y_qvVANagoOh1D061MklLoIUR7qBIrtqkiUr9j_9YcYSG6bztLnj_Q
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 39
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

PUT
H/1.1 204
No Content attributes Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/6942e69b-e5e2-42fc-94d5-aa98dd7f53be/ 0
815 B 238ms
130ms Fetch 3.93.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/6942e69b-e5e2-42fc-94d5-aa98dd7f53be/attributes
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-235-75.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id: sprig-anon-7ee1e77d-4904-49dd-a993-9573b16b28db
x-ul-visitor-id: 6942e69b-e5e2-42fc-94d5-aa98dd7f53be
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version: 2.17.5
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Thu, 06 Oct 2022 18:56:18 GMT
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
x-ul-visitor-id: ce2578d8-0d76-4a93-bb47-35724a025e5a
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiJjZTI1NzhkOC0wZDc2LTRhOTMtYmI0Ny0zNTcyNGEwMjVlNWEiLCJpYXQiOjE2NjUwODI1NzgsImV4cCI6MTY2NTI1NTM3OH0.wl6Pp8lyD8hVL_wieOGMzcE-WXwivbh6Y_qvVANagoOh1D061MklLoIUR7qBIrtqkiUr9j_9YcYSG6bztLnj_Q
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 19
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

OPTIONS
H/1.1 200
OK 6942e69b-e5e2-42fc-94d5-aa98dd7f53be
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ 0
0 109ms
109ms Preflight 3.93.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/6942e69b-e5e2-42fc-94d5-aa98dd7f53be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Thu, 06 Oct 2022 18:56:18 GMT
vary: Origin

OPTIONS
H/1.1 200
OK attributes
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/6942e69b-e5e2-42fc-94d5-aa98dd7f53be/ 0
0 221ms
110ms Preflight 3.93.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/6942e69b-e5e2-42fc-94d5-aa98dd7f53be/attributes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Thu, 06 Oct 2022 18:56:18 GMT
vary: Origin

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
612 B 184ms
183ms XHR
application/json 2600:9000:21f3:4800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

36d85f3dd78d3ce1efe8a05fb6c8216690eaec6128848405d8ad57cd0cd2b38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Oct 2022 18:56:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"b7-rVND9sJfzSxOReGv1LsaVoNR7L8"
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 0335f3746f284977be55a58a6589c794-2022100618
content-length: 183
x-amz-cf-id: 2Yzx0DKMaavXtNWgqxAIyGmU-HLNUrMi2BJh0EC2eEpKyG8LbAWMvQ==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
432 B 206ms
206ms XHR
application/json 2600:9000:21f3:4800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Oct 2022 18:56:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 350dae8f03484578a26ba6a2311cecda-2022100618
content-length: 28
x-amz-cf-id: L0OGj6ySG0757Tovh-DqRTk8LLz_UMoLu-OkpfB742GidC4qW14z2w==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
433 B 185ms
185ms XHR
application/json 2600:9000:21f3:4800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Oct 2022 18:56:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: a652143e74e64eed8c37ff3e6995a363-2022100618
content-length: 28
x-amz-cf-id: VGUPe_F4bqN33BOFOpXJTlgxdboRfPEfjRM5gwB0p7JwEQskyFEttw==

POST
H2 200 oh-noes
doublepulsar.com/_/ 101 B
0 142ms
142ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/oh-noes

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.092b0731.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://doublepulsar.com https://.doublepulsar.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

date: Thu, 06 Oct 2022 18:56:19 GMT
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://doublepulsar.com https://*.doublepulsar.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 20221006-1716-root,b6f45502
x-envoy-upstream-service-time: 28
content-length: 101
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1665082581483:a353ff00abf7
sepia-upstream: medium
server: nginx
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6
link: <https://medium.com/humans.txt>; rel="humans"
x-opentracing: {"ot-tracer-spanid":"1cab79661a4721d3","ot-tracer-traceid":"75bb65c983ec6b3c","ot-tracer-sampled":"true"}
expires: Thu, 09 Sep 1999 09:09:09 GMT

POST
H2 200 batch Show response
doublepulsar.com/_/ 17 B
173 B 381ms
380ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.092b0731.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

date: Thu, 06 Oct 2022 18:56:19 GMT
medium-fulfilled-by: valencia/main-20220930-203142-057a4d4bc6
x-envoy-upstream-service-time: 165
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.com/	1970-01-20 15:16:58	Name: sid Value: 1:CnzPnFGtXuLgCfVQT1iWVofmImR3mJBrH19Hh0Tn3Gv1aZxkDLwg6ZNhuYSK38E+
.medium.com/	1970-01-20 15:16:58	Name: uid Value: lo_2470f282cf13
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 994b7c6d61da8b61d814da157329f5e65b924b99-1665082574
doublepulsar.com/	1970-01-20 15:16:58	Name: uid Value: lo_2470f282cf13
doublepulsar.com/	1970-01-20 15:16:58	Name: sid Value: 1:gUQoO0TcXZiJqtUZtO5lTv336b6rXrQJwsbHO8gTbsd4eEZQ2OOm5QM3sFLCQROt
doublepulsar.com/	1970-01-20 06:31:23	Name: _dd_s Value: rum=1&id=cee53b0b-23c3-462b-bed7-fcfa16a271f4&created=1665082576470&expire=1665083476470
.doublepulsar.com/	1970-01-20 16:07:22	Name: _ga Value: GA1.2.1797292473.1665082578
.doublepulsar.com/	1970-01-20 06:32:48	Name: _gid Value: GA1.2.1316767632.1665082578
.doublepulsar.com/	1970-01-20 06:31:22	Name: _gat Value: 1
.app.link/	1970-01-20 15:16:58	Name: _s Value: G47T5CGp30tEZv47LwQWz2BZDwJhgg1ePV%2BbwPw1HBBxNr43ezWayzfw%2FSLaI2DB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sprig.com
api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.sprig.com
doublepulsar.com
glyph.medium.com
medium.com
miro.medium.com
rum-http-intake.logs.datadoghq.com
www.google-analytics.com
108.138.17.113
13.225.78.38
2600:1f18:24e6:b901:43d1:1456:57d:23b8
2600:1f18:24e6:b902:6d57:676f:b91a:394d
2600:9000:20eb:1400:19:9934:6a80:93a1
2600:9000:21f3:4800:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2a00:1450:400d:80a::200e
3.93.235.75
52.1.119.170
011fde0b027062771524c604be95e7538912dd0402efeeaaba4c4d32faacf9b1
01de5d5ed7344628a6db746a2f4a677f92716a353c5a6beabef80f4a16af8f05
02fe2389bbbfdde196cbbed95fad940ad4c4f3db14cdcb8f0434f19d92cf0086
043c6d5090d69807da549422146754bbe0da0537bbcc04e527e55def42006a65
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
11240494cb8626859842a59157789400ac9d7d5dd8753920e2eab5b0d451a5c1
12bdac97d9763394d137e1b60107a8ba67e67a1c007bcffa1c43d6a3a0668b42
12e0c7393357848d9741e07f7426f58396da2c85a9b7b94e21a3c0f3e156eed5
14d7c67ad8ed851231c5e7dc067f72f775f00605e90fc8a7bf646ec85bb7705e
1950c7280b74b029c73a0b0ed1f4e77b62b6f620ead144285a0bc83ea28c7153
24aba2bc191d7d301e8ed851d045f0f00a174af524dc7f07f9f77016edbf5555
257919f0f68c547b8ac318f6f1986e8db8bd4d8818947668f5a91451eea85bfb
2938c51d57f681383f340b69dc9e8263e1de1b5807153b8b8af1cbd92ff1dd49
2b5c249d284060871ae4e4a74dba477ebb86b6bb7882e6eec7a6916fc1522d04
2efe39480a7381443ebba5716a99a523dadfbe703718c7b03a1043c13f4401c6
31ad3bf318559f99bcdd2794acebb696cede54934d167e56ac336c992382182e
31aea01c54082d4366ed9c1a30b107ddd68add375f5a417cccfc3b0d3e049522
344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661
36d85f3dd78d3ce1efe8a05fb6c8216690eaec6128848405d8ad57cd0cd2b38a
39380fe01c2df546b384833f729e7c2265cb467cfca3c4bc5d2e85b123ae88ed
39ce00af99742574f8a6cf3949839a910755595ef6e2af6f048917338f923251
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
3e623618c66b2d1bc7cb1102420145226bbae8398f3071f6b78f81ca2b252735
3f1c970575963a1c5ed7dfe0098f9fbd11248423a4cc3dfe886606c8a5972040
411436c9447b338e064058a1f7c2b0b5d41c501433d6c65dd46cfaf0a20d60cc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443284f640afd32b1532789657bc8f182c11b0f5599e49b70793c6de80655d64
45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8
497337300a5bbcfff088d450bb9cf80b81779b6f206be832ad62f1c062472b15
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
4aa4ea0a5b704ba20b740254f94697c354bc2508f41ad06f233db9b115825d8f
4c4ffcc9444d10a660d22a349baecd56bd2c6538d247074a754580791fb574c9
4ceeadc3050854bf8fefd20f634eec2a300233e4a9f23aec05199fc27befb39e
4edc203436e639704759a0b22466343483791d9f0bff5ac587ef25f8c7202546
50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93
543d2b2983d520d88830e0cb82ecfc590f6779268ecd3e36a52236d05b418ebb
54bdf228c7a517eb862d683fea710837b6134d9399826803104e8fb1709a2750
5662822283419524d975e985628a750612de365972df3f8a7e3e92d25550691f
5723ac756594424cca13672cbe38c7b3ec88c7d2f2b5490bac39e324507392c4
5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc
5e6610f624debb1f77669186e644eef7f43bd336b3cfe1297a4108d2b5c50b5e
60b1f4a654515e6718e96a6ef5ca1c2612c384ee76a9fffc113bf7936398b529
64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
661b1e261036d47fe2ffa636531f80a7716efcf189259fe87c4d23aebc4cb98f
66eb60a7fdc9831cf6ad759153bb6212616a33587085e5258f2b11b877609856
687b200c21d0489d1317df38901138a20919b1d331637e567c32b242470841b8
6b9b076f650f3530b44d3f99c581cb806a86d51ec91fe55cb9cd85bc48b135d1
6d0f4d9aee0b06ec44dbea5ec6447ea3749dde0ce84be31f405ee0ce38f9a9e2
70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca
718c21c54c22368449ebeafd73dbc663738e4dc0f668ff581cf04a7049764e13
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
7f9cea017960d6386bdb15c1068a44793130dc6d17a9935fd65cddea0cb96057
7fbb7049ad12606310dcd8e51de98ecc0e1685e6cdde00e7a999644797e8713d
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
84319657d51cc68ee7e2c1f4cfd81affeb0c799ac3e946ccd1a9a806eae4413f
84860473147a2ad712d1052ce02c38f6614515c36407f287aebb9191782bf77e
8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c
8d389af9d797e2a5f2558888560d83b21ea9580793f728c620a130a4ba65b47f
959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478
980e10d1e5f6b67f24a2ba12558a9a48829c817a764b51e47a51f0d8980db43b
98603782d93de93b6ada4b84259aa2739d2cae8e2fb08dcd56a9eea445cc4d25
9ae919033a953acd9259fe21761388a5458f67673fe5a58feb2bd4e6469b43cc
9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e
9c28d069a5ae2d5565051c7acf9a79060137adf5e35fd195c284eaea7230caa3
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2d4f5ad43cfea60885731b88ca81204b87f5a9aef556a5f7db4b76dfa114abc
a3857160e2969e62b4efd7f21c45c5586ff9f7e51928fd710ebdc29f49d7fda7
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ab5a3b546b67f6a0df513c2da7347cf669f58701a96d3f1d81f37e9d29996187
ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b6ce4c5080c412618652486c6e6211cc4147725f4669152208d91c6c6fc1d1
b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293
ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d
bcca81ee0ff23c04feef223fdf0def7af01e6055bb04f6fc02f76744f312d1d9
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
bf803319c36aa71faacf7697319f06ac9933ca3e7a8fc0e74cacdd181f1a6239
bfd616e4110181278a822f4cea13401e029ba18f8757808355ea66d333befaa1
c1ff3a3e0217e0f6df52ba2fcd74ade8a5cc543b02ce4d9bae75c14747ec41ee
c25fa752260dab146cbb9bc0dc8a23fad476a7107a1d02f1c089c5f1612bba4f
c2aba4d59dbb00af771b35ea962de7f13f0099d894886b663cc453f891fca6ac
c53107115c2886b771e3b10186bef63a1b74e14f8a00b21ee1bf576f6b0750d7
c54d1d1e2bbaa16ce51529a69e441f3f4ad9228146aea5007ed36ab4fbe0017e
c5d3a47f72ce50b8d1fe552735546e14b3febc34fa8e5268cbebb42594f30416
c7a0082580538fe9271efed1ff0a00f5b059c677869f5dccaa56b280b73052e1
cacfcdf1db167339dcad66d886626b21c52db33f0d35b8178e91a31af190a5ad
cc6871ae165cc313cad425fcf58cdb0efd2efc76b9ae28d0e33579296a47719a
cf57366bd55298c814cedbb050f84cb0a1253820b5f5c1ab1c4ce216eb3bed5c
d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83
d704183567375e88c3f095dd15a6c80079983a4ac8dbb4eab5967b9c915591d7
d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8
d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44
db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e
dc115cd1e5ef793ff04ed5df6e547e94d31951a693f26687e7111338dd54489d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d98921ea92f67eab9a08aa38bf26cccf84ec38f90a700a89ceb0d2f08a6d2
e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc
e5c2408e788a199fd971127ce0f1ddb40ef3fe9f0ceedff56a2863b7c0f66f60
ed94a03a7b2235760adc5913caedfe3b9094bd9151a4c7e2586d1757c642d818
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
efbae0ccd9e19a309d572fb0c8c7886b36ba10f8c727e7cffa98fe62a5d83de0
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0
f94609e310e229787546d18d14bdff1cf82425028a5e56721017f59c3aaee17f
face323314afe36ef510c9fd57e043ce5ac3ee3d34324e375131415bd3505e7e
fb889c1cb1f8aa32011e8ecadf4982471cd8cf659e1676a5cbc62b7bdffc6380
fc1bbfbd6071831b2ff691ec6b9496a968663008078867fc284318644cef803d
fed8454bf35249eb3ab18d555912407681135eaa85fb2e8e780afa46fd18b483
fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce

doublepulsar.com Open in urlscan Pro 52.1.119.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

100 %HTTPS

64 %IPv6

7 Domains

13 Subdomains

11 IPs

2 Countries

2642 kBTransfer

4985 kBSize

10 Cookies

101 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

100 %
HTTPS

64 %
IPv6

7
Domains

13
Subdomains

11
IPs

2
Countries

2642 kB
Transfer

4985 kB
Size

10
Cookies

130 HTTP transactions
0 data transactions