Submitted URL: https://t.co/KV32TDxawi
Effective URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Submission: On October 03 via manual from CH — Scanned from DE

Summary

This website contacted 11 IPs in 1 countries across 8 domains to perform 117 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is doublepulsar.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 31st 2021. Valid for: a year.
This is the only time doublepulsar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
1 21 52.1.119.170 14618 (AMAZON-AES)
1 11 2606:4700:7::... 13335 (CLOUDFLAR...)
69 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
1 108.138.17.79 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 108.138.17.81 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
6 3.93.235.75 14618 (AMAZON-AES)
4 2600:9000:249... 16509 (AMAZON-02)
117 11
Apex Domain
Subdomains
Transfer
80 medium.com
medium.com — Cisco Umbrella Rank: 11974
glyph.medium.com — Cisco Umbrella Rank: 28183
miro.medium.com — Cisco Umbrella Rank: 18203
cdn-client.medium.com — Cisco Umbrella Rank: 29689
2 MB
21 doublepulsar.com
doublepulsar.com
53 KB
7 sprig.com
cdn.sprig.com — Cisco Umbrella Rank: 21802
api.sprig.com — Cisco Umbrella Rank: 9749
70 KB
5 branch.io
cdn.branch.io — Cisco Umbrella Rank: 826
api2.branch.io — Cisco Umbrella Rank: 482
25 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 datadoghq.com
browser-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6248
182 B
1 app.link
app.link — Cisco Umbrella Rank: 2683
596 B
1 t.co
t.co — Cisco Umbrella Rank: 550
610 B
117 8
Domain Requested by
44 cdn-client.medium.com doublepulsar.com
cdn-client.medium.com
28 miro.medium.com doublepulsar.com
cdn-client.medium.com
21 doublepulsar.com 1 redirects t.co
cdn-client.medium.com
7 glyph.medium.com doublepulsar.com
glyph.medium.com
6 api.sprig.com cdn-client.medium.com
4 api2.branch.io cdn-client.medium.com
2 www.google-analytics.com t.co
cdn-client.medium.com
2 browser-http-intake.logs.datadoghq.com cdn-client.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io t.co
1 cdn.sprig.com t.co
1 medium.com 1 redirects
1 t.co
117 13
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
doublepulsar.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-31 -
2022-12-31
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2022-08-25 -
2022-11-23
3 months crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-26 -
2023-04-26
a year crt.sh
api.sprig.com
Amazon
2022-09-16 -
2023-10-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
appipv4.link
Amazon
2022-05-25 -
2023-06-23
a year crt.sh
app.sprig.com
Amazon
2022-03-01 -
2023-03-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Frame ID: 4090A34E704E40EB16395234E124B03D
Requests: 113 HTTP requests in this frame

Screenshot

Page Title

ProxyNotShell— the story of the claimed zero days in Microsoft Exchange | by Kevin Beaumont | Sep, 2022 | DoublePulsar

Page URL History Show full URLs

  1. https://t.co/KV32TDxawi Page URL
  2. https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell... HTTP 302
    https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

117
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

13
Subdomains

11
IPs

1
Countries

2046 kB
Transfer

4328 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/KV32TDxawi Page URL
  2. https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 302
    https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

117 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
KV32TDxawi
t.co/
476 B
610 B
Document
General
Full URL
https://t.co/KV32TDxawi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
237
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 22:17:31 GMT
expires
Mon, 03 Oct 2022 22:22:31 GMT
perf
7626143928
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
a42d71147124a8981b1b6cbc1c43def4347cd668011b6719c8a97c418b57884b
x-response-time
109
x-transaction-id
47c9f6e95b6503e0
x-xss-protection
0
Primary Request proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
doublepulsar.com/
Redirect Chain
  • https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
  • https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
  • https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
210 KB
44 KB
Document
General
Full URL
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Requested by
Host: t.co
URL: https://t.co/KV32TDxawi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
be0f8a65fc2fe3b1ab402e3d49df3ae1a6730454a60e95d23f1191a681ea6932
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://medium.com

Request headers

Referer
https://t.co/KV32TDxawi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://medium.com
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 22:17:30 GMT
etag
W/"34790-NGTLpZIqxHhW4y4kAhpF3I2jeds"
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, lite/main-20221003-193214-e217ea642f, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-202629-a9824be504
medium-missing-time
323
sepia-upstream
medium
server
nginx
vary
Accept-Encoding
x-envoy-upstream-service-time
649
x-request-received-at
1664835452280

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
75490c66fd999a0b-FRA
content-length
0
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type
text/plain;charset=UTF-8
date
Mon, 03 Oct 2022 22:17:32 GMT
expires
Thu, 09 Sep 1999 09:09:09 GMT
link
<https://medium.com/humans.txt>; rel="humans"
location
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
medium-fulfilled-by
edgy/8.3.0, valencia/main-20220930-203142-057a4d4bc6
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
1
x-content-type-options
nosniff
x-envoy-upstream-service-time
34
x-frame-options
sameorigin
x-obvious-info
20221003-2130-root,320a4ddb
x-obvious-tid
1664835452074:fb7e9fb748f2
x-opentracing
{"ot-tracer-spanid":"64471f5c4fe89a87","ot-tracer-traceid":"5e92514a896e29c5","ot-tracer-sampled":"true"}
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block
unbound.css
glyph.medium.com/css/
15 KB
1 KB
Stylesheet
General
Full URL
https://glyph.medium.com/css/unbound.css
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
282
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=7200
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75490c6d0eeb9a0b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 04 Oct 2022 00:17:32 GMT
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
20437100
x-envoy-upstream-service-time
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75490c6db8429963-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 03 Oct 2023 22:17:33 GMT
1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/64/64/
2 KB
3 KB
Image
General
Full URL
https://miro.medium.com/fit/c/64/64/1*euFkwA7zJWm-l7aDoNtJrw.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2aba4d59dbb00af771b35ea962de7f13f0099d894886b663cc453f891fca6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
390307
x-envoy-upstream-service-time
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2534
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220303-000533-8c0cdff0ab
accept-ranges
bytes
cf-ray
75490c6da8059a0b-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/96/96/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/fit/c/96/96/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
372118
x-envoy-upstream-service-time
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4168
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220912-192647-a63a7427a9
accept-ranges
bytes
cf-ray
75490c6da8099a0b-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
1*6Ay_Mt1ikoTKAHgHTJcfMQ.png
miro.medium.com/max/720/
190 KB
190 KB
Image
General
Full URL
https://miro.medium.com/max/720/1*6Ay_Mt1ikoTKAHgHTJcfMQ.png
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25fa752260dab146cbb9bc0dc8a23fad476a7107a1d02f1c089c5f1612bba4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
309458
x-envoy-upstream-service-time
393
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
194173
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c6da8049a0b-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
18 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
18792810
x-envoy-upstream-service-time
31
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75490c6db85d9963-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 03 Oct 2023 22:17:33 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
19085454
x-envoy-upstream-service-time
16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75490c6dc8639963-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 03 Oct 2023 22:17:33 GMT
sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
20 KB
Font
General
Full URL
https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
19118404
x-envoy-upstream-service-time
33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75490c6dc8669963-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 03 Oct 2023 22:17:33 GMT
sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
28 KB
28 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
29463885
x-envoy-upstream-service-time
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75490c6dd87b9963-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 03 Oct 2023 22:17:33 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
28 KB
29 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
20316178
x-envoy-upstream-service-time
81
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75490c6de8a49963-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 03 Oct 2023 22:17:33 GMT
0*1acKQsWchBvkk1nk
miro.medium.com/max/720/
51 KB
52 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*1acKQsWchBvkk1nk
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443284f640afd32b1532789657bc8f182c11b0f5599e49b70793c6de80655d64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
341409
x-envoy-upstream-service-time
227
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52726
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c6e1a88996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
0*8CtgNhEdrEXcU-75
miro.medium.com/max/720/
75 KB
75 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*8CtgNhEdrEXcU-75
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011fde0b027062771524c604be95e7538912dd0402efeeaaba4c4d32faacf9b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
341409
x-envoy-upstream-service-time
243
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76592
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c6e1a71996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
0*c8h3STMGC0nxyTDd
miro.medium.com/max/640/
76 KB
76 KB
Image
General
Full URL
https://miro.medium.com/max/640/0*c8h3STMGC0nxyTDd
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49d98921ea92f67eab9a08aa38bf26cccf84ec38f90a700a89ceb0d2f08a6d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
341406
x-envoy-upstream-service-time
264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77680
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c6e1a79996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
0*7XZQgCET-WfKmQ6P
miro.medium.com/max/720/
63 KB
63 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*7XZQgCET-WfKmQ6P
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c2408e788a199fd971127ce0f1ddb40ef3fe9f0ceedff56a2863b7c0f66f60
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
340938
x-envoy-upstream-service-time
250
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64351
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c6e1a80996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/176/176/
9 KB
9 KB
Image
General
Full URL
https://miro.medium.com/fit/c/176/176/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb889c1cb1f8aa32011e8ecadf4982471cd8cf659e1676a5cbc62b7bdffc6380
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
365382
x-envoy-upstream-service-time
58
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9114
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220912-192647-a63a7427a9
accept-ranges
bytes
cf-ray
75490c6e1a84996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
manifest.3d6b90a1.js
cdn-client.medium.com/lite/static/js/
10 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/manifest.3d6b90a1.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1891123add5a5ae2cd8b372eff416c3d116384bde590d3dedb160e4b2c3945bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
k.9LgjWYV73G_rM9ByzkX9lymDGT4qbT
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
EPXMA5VH8Q49FHH9
age
9005
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
WRYEH0kkepWk9ZDMG602hDSmyLG8uObdrpXyqIFLhri1IQjpuPYITOU0zMq9EkAkTRgwB6c/iHo=
last-modified
Mon, 03 Oct 2022 19:10:48 GMT
server
cloudflare
etag
W/"6c6bd5ffc62261104c466398aaa8f79e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6e58f19a0b-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
221.eb6d4e84.js
cdn-client.medium.com/lite/static/js/
691 KB
213 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
eFYPkrNVdSEA2cbFUgGI5AL5fmJ6xhM1
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
J2TVWCT1EY9N2ACT
age
464477
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
AdbnGoZITPw5AWsHgEIvXYgiPZgy5XVnPYvmDgCgX/9Y22m9b757aLHTZLskxG4TdBNklNLgyCM=
last-modified
Wed, 03 Aug 2022 13:07:29 GMT
server
cloudflare
etag
W/"8217b3c83342b21eef3049023dae74f7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6e58f79a0b-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
main.7c19e15b.js
cdn-client.medium.com/lite/static/js/
736 KB
177 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/main.7c19e15b.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8dc6281d3785ca4290b4e64cf9976a481b8c2a87718ac0c4cdb69479c903ad6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
WeIQv8VXZJdFUeearUhDZB45_TgAjm7c
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
WNWEDA43MGTSF008
age
289288
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EjHYyPSzf1VGW2Z0oeG1FdiePE/fxOuUWijURXyhIqVbko3/RmdfPGGYo5gwc4nrOdDvZY8H4Cw=
last-modified
Fri, 30 Sep 2022 13:36:19 GMT
server
cloudflare
etag
W/"58b2992d42a7e2263beb4de4796048f7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6e58f39a0b-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
instrumentation.c71f0248.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
DN80NP6MC45XWT2W
age
882306
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
XL/2Jb9u14qm8cCj//wgdYe0Ggn1t1G4gX21uBRkpd82xhiecCSbOyioU4BrWRYiv2q6edekGpo=
last-modified
Wed, 07 Sep 2022 22:21:02 GMT
server
cloudflare
etag
W/"1c4019035217766e8fa41b4d396c90c0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6e58f29a0b-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
4800.b97019a4.chunk.js
cdn-client.medium.com/lite/static/js/
66 KB
19 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4800.b97019a4.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
718c21c54c22368449ebeafd73dbc663738e4dc0f668ff581cf04a7049764e13
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
Pi1n8E4Ms1X56g03fobJVGJ0O7tggnc_
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNGBGFW7CCN1A9H8
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
RWop0tBEjn1hbwGKGeC8qHg0gQvQXBNFBXW1tGddjSJb8GJ6hVallTgDD7nFgJkweLk6zhJnO3A=
last-modified
Fri, 23 Sep 2022 22:08:57 GMT
server
cloudflare
etag
W/"2aa4d7c3babdc88eeabdd9cfa8a20aa2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6e58f59a0b-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
7371.4a3c1218.chunk.js
cdn-client.medium.com/lite/static/js/
25 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7371.4a3c1218.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1950c7280b74b029c73a0b0ed1f4e77b62b6f620ead144285a0bc83ea28c7153
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
ZgNlieNTl7_oC7QUU6YmKWuVvR0u2dl7
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S9WV5BEE8VQ35TFJ
age
449328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
RUXaKinQylzW1iCX4Uuk4+aRNYqI03Ss1YCQxy3ZiM+wehKVDUWKO6LUNOErLlBRbLnEi/YOvqE=
last-modified
Tue, 27 Sep 2022 22:13:05 GMT
server
cloudflare
etag
W/"e903565a339cec66b6a32a9599611f55"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6e58f49a0b-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
9282.ec2603ec.chunk.js
cdn-client.medium.com/lite/static/js/
61 KB
17 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9282.ec2603ec.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39380fe01c2df546b384833f729e7c2265cb467cfca3c4bc5d2e85b123ae88ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
f9rHmSQaljoFAznKpwf9hYc4W9FXpDMA
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
TCPH0MAD5T4HH6H6
age
338448
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
qbcCa3qhcIAuJ4ELPBaz+p9ey8krGEZkwx6+/Ul5ZTtwY9Dd1MDUwKvy6Emlyegok0cgjobfZpY=
last-modified
Fri, 30 Sep 2022 00:10:27 GMT
server
cloudflare
etag
W/"cc663080b41f7a5677ede3486e8c0c5d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbdf996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
2837.7bf36ac5.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2837.7bf36ac5.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
o1F2trFqCAwB_O69FIjcfeJyeffDoM30
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
N5QPWAH5YESTA7PY
age
608621
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
pTts5V3fZqIikiFPC6BW/A3MOD4OnXKycVPrg721/MSCwCHv+ASP/tp9DZr5HHGf9ZFA3VS70ac=
last-modified
Mon, 12 Sep 2022 21:07:06 GMT
server
cloudflare
etag
W/"874ff76ff89f6785bac7273c52caa1cf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbe1996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
AppLayout.b4a5b0ec.chunk.js
cdn-client.medium.com/lite/static/js/
101 KB
20 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/AppLayout.b4a5b0ec.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9bcad9a1633d8b6d24692ee67b1644f42631a7d256cb98844783b084975488d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
f.CLirdm3HUHatWw.MHYRGj4mAbcJyOJ
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
94NNS0XXHBC65A1J
age
305753
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3ezTxkzbvxLAh7UNKVu4yiCWqYs3t8gvs67BtY6IhzsnlV04jdeGxsieVhqsOUU3Tsdz2YeT13w=
last-modified
Fri, 30 Sep 2022 09:10:31 GMT
server
cloudflare
etag
W/"cd988c2eb2683d2ef48339a45a33ebca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbe3996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
reporting.bbdcaa9d.chunk.js
cdn-client.medium.com/lite/static/js/
1 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2R4YTKBCDDS6HF3J
age
6940
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified
Fri, 01 Jul 2022 00:11:40 GMT
server
cloudflare
etag
W/"72bc359fe3377069bd162b3be6ed3d05"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbe6996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
4270.c0f5b685.chunk.js
cdn-client.medium.com/lite/static/js/
5 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4270.c0f5b685.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
KSkooLLVUmAEyr4Mvb9mqebbFmTOLR9I
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
C2ZN163S1S828YMM
age
517967
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
lN1VMVaeaxRA6JY7+jojWRuyaU3UMOhyF07ltDGS+YyWWVSyvqeb9ASTn/Hr82e9/OYyZQ+ZxgQ=
last-modified
Wed, 08 Jun 2022 01:57:01 GMT
server
cloudflare
etag
W/"ecb15ff3b96846c74bbdba0df72c6c69"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbe9996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
1752.a348f767.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KZ14F4DJ39Z3KD31
age
1168536
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified
Tue, 25 May 2021 18:36:29 GMT
server
cloudflare
etag
W/"7741f0aa651938c2144d2a015cea95e3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbea996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
7794.9590314e.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
edEnQQoOPA8J97QSUBTjXG.e16leDLA5
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ZZ2GZ8XPEV2XSK8Q
age
269909
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified
Tue, 25 May 2021 18:36:34 GMT
server
cloudflare
etag
W/"fdb51abd005c8009b18f0a8ff313072f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbed996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
8316.18f2a6aa.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8316.18f2a6aa.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
QUYK47Sx_vLYH.MHyrUF8Ib7srVpusAN
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CNHD5SFN5Y8TW45S
age
269908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hFIjAklPE8uAiFD3F+iWoIjr1hZAL+bvgJNwZvAJEZUDnYTo6ZgZ84z2QdIcyEiccMTz7/tDkuo=
last-modified
Thu, 14 Apr 2022 09:06:33 GMT
server
cloudflare
etag
W/"9fa67454adaeb385a3a70077ff7b7df1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbee996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
5472.5f6d4371.chunk.js
cdn-client.medium.com/lite/static/js/
11 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5472.5f6d4371.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
M9BL7xv54wPjdaXSST5ko_cL9x0mMNwi
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CNH8PTMK5AP330DM
age
269909
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
xGpOOu8UZAzsu1YWUtNuDaspxj3NnwdsbLl4CFr6mQNnuC5VgdmPYNonihLFzHPh0iUQuVnGPss=
last-modified
Thu, 14 Apr 2022 09:06:30 GMT
server
cloudflare
etag
W/"6adb8844d763f7d58b6ed49ab89899c7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbef996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
4330.73510d98.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4330.73510d98.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b1f4a654515e6718e96a6ef5ca1c2612c384ee76a9fffc113bf7936398b529
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
gaO9i4g_WJfSIkahOEBED62Hd2PF3jN.
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNG8M44J0DXWCZRY
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
e3L2M0SK+KXTy9FmYbmAhbCaQggo8V2rrXfqKWckd+NFe4mmjA6dnZiHSkSLbZb5d54ypN6Q0Ho=
last-modified
Fri, 23 Sep 2022 22:08:56 GMT
server
cloudflare
etag
W/"9f468563337263a84a8e448effec8cfc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbf0996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
2981.c8b67800.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2981.c8b67800.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
TKbpTetPCYsKF3g5_IiCFHFhUDC2WY1y
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GAQFSEGQ7ZX9WVAM
age
637124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JZ3QGAr3YDxzfAuaIsASsvJvN+RTmdc03eLiHotXzIYN053sc/z1HPnQtDrlr+KdJljcubb5W7Y=
last-modified
Fri, 19 Aug 2022 10:43:45 GMT
server
cloudflare
etag
W/"ae90acd9390e2e8ae30aa02c7d1d058e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbf3996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
3115.38ecb46c.chunk.js
cdn-client.medium.com/lite/static/js/
126 KB
36 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3115.38ecb46c.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f41ca7aa3bb0e3241ba079c8cc866ec35788c30f2835fbb5665332397523a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
7flG.m10YzEiRobRS3Ivk4Dpll1FW6HF
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
XH51ES2616ZDJZ72
age
879283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ZCii+QL+F7EWUgUSqSgYG2ytQsOV9buUPhaHA6WJDLw8LYIOsWRVYNG3a482Fi6qJJeKRb4YjrU=
last-modified
Fri, 23 Sep 2022 14:32:46 GMT
server
cloudflare
etag
W/"82978dafd1ac1db919ee7665b6f1bb2e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbf4996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
5758.4d052c2f.chunk.js
cdn-client.medium.com/lite/static/js/
11 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5758.4d052c2f.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b9b076f650f3530b44d3f99c581cb806a86d51ec91fe55cb9cd85bc48b135d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
gt_SJcOubU_dOS.haXYGewc4icbw4Hyj
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNG51J9P0YEAZ77C
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
qkVrdfiZXNyapPBMXHd6fakFRBLi3L7foXwy6eMlpoooaUFOxNB9X/SKcM5jePUGZUPF1q+ni4M=
last-modified
Fri, 23 Sep 2022 22:08:58 GMT
server
cloudflare
etag
W/"d9935bdb71077ea91b9c9f793a918600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbf5996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
4869.15af887a.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4869.15af887a.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
zsasPIPj4VNjHd6lWz1Ablp9oC5jhxmA
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BVXG0076RV4B9JAP
age
518078
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
uKH8UQbmWp1mPmCPTJvTtTv1kuEn3ARbt5hpFXJtd9Q7grMGajh8gSczyhsbEk9PSu4/TmP63i8=
last-modified
Tue, 21 Jun 2022 18:46:21 GMT
server
cloudflare
etag
W/"461c7bfcd82063a67a77f584159505ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbf6996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
9401.492bc814.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9401.492bc814.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
o7qB8yuUJ2.ySHF37F8FxNhTjXdITIXy
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BVXT7BCCKH158FM3
age
518078
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
fmyPMPKPQeWvDtiHrQgX5CGXZTku+5n0vOfhSaA2QdzDZmCmY1RbWsXR1l8WR2n7FzWl5DH3jRU=
last-modified
Tue, 21 Jun 2022 18:46:28 GMT
server
cloudflare
etag
W/"1ddc9c0c19f0fe0be7a7d8a22ff4b327"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbf9996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
2307.b2a54ca4.chunk.js
cdn-client.medium.com/lite/static/js/
43 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2307.b2a54ca4.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
uC58zPGNf1Kmzb_z_oSfu.TRqdXHy86R
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
4FNZA2AQ2HMAKR1P
age
637124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
v5fjgekWKQBKHUWXtS38VUfIdGtrSZeJZbo9JFk0TafKXhvG12gQFQHCSmKuVupC91S9KgZ1su8=
last-modified
Tue, 30 Aug 2022 17:41:16 GMT
server
cloudflare
etag
W/"452a684fb8b71960fde058398549b560"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbfa996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
7070.94d1cda1.chunk.js
cdn-client.medium.com/lite/static/js/
39 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7070.94d1cda1.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de48cb910621bf94185fc11bda005922bbb5e19141e2585e4b9d963b29191288
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
ktJLO74K0xTbt9Ispkb0vmcViDu8.8pH
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ANHQFKKK3HM9ZZW1
age
545538
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2eSsykJAbq2iIxyRZSkrNpvNIri41QLwsDEEuAwdNskp26vBS8xdwKwbFxm9u1wvfwlyjGh/Eu0=
last-modified
Thu, 08 Sep 2022 16:34:08 GMT
server
cloudflare
etag
W/"3018997b2d895aadca3817869d506cee"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbfb996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
9442.5291e270.chunk.js
cdn-client.medium.com/lite/static/js/
21 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9442.5291e270.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
pCL2A.BoWSvPuskvdf9gJgCn0qWM.lXJ
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
8NAYDQE9MQK743Q9
age
463407
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Q+YMUo3f6jyml7SXk6SmWMrC+AY114aKXRjQlxqfefqQ7aN4c6PDcZ7B2XOvKqS3AdCjuSFaiK8=
last-modified
Wed, 06 Jul 2022 07:53:44 GMT
server
cloudflare
etag
W/"3edcd4d9e5942e997e7195e591b148c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbfc996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
4483.0a43a5ce.chunk.js
cdn-client.medium.com/lite/static/js/
24 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4483.0a43a5ce.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
nXdB1pZcC2zXCHIpRf4DyB5qHFX0z_KH
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
W3D8VPVQKPJHDC62
age
1053222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ytI/ljuGLDtWZEwYKNhFOgDeD2WTPgxo05GxSQEDIon/zinlUDuR+/2Nyy0YzyZcgw8tUYCCnFU=
last-modified
Mon, 01 Aug 2022 21:57:50 GMT
server
cloudflare
etag
W/"bf55b6950792bc738fb0d12bda42e128"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbfd996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
210.1b33e4a9.chunk.js
cdn-client.medium.com/lite/static/js/
32 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/210.1b33e4a9.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
6A1grWb2eI.v5FtaeGijF4bKOleB0EK_
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
R9K4CT5HZKR9XB80
age
1204163
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
bK9GrVt2RHKtpupDor4YEMRzj0iT9/K30lVIGBWPvzExxM1r7ZHTbRKVadGGdneEwMfPW+FNrAY=
last-modified
Mon, 22 Aug 2022 23:07:50 GMT
server
cloudflare
etag
W/"e21593b9b2665e2c028ec837b9b17a44"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebbff996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
864.dc58ca67.chunk.js
cdn-client.medium.com/lite/static/js/
14 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/864.dc58ca67.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1bbfbd6071831b2ff691ec6b9496a968663008078867fc284318644cef803d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
_13YWGk4m_2cdhVw9e_kaqVd2sou9n_x
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNGFVVEW7PGG9YEM
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
f+b8sgM9JUrsTLOuhGjWrz8Sh97pk9INvjRwPRF8pSwootUBCTlBJvtZQWP3E3GIxU+6bpnWX8E=
last-modified
Fri, 23 Sep 2022 22:09:03 GMT
server
cloudflare
etag
W/"8132d360ea9d611d92078a70603dd23b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc01996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
9841.1bb423da.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9841.1bb423da.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
1xI7YK_MjEYp2K.Qr19IRQM3SL0GPfHl
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
8NAXTKXVT5YRHG8C
age
463405
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6RKhOlsS35C1DjFeoOeZMOD90SHxxnChKIQkQecxgi1FNFcL9Jw/77BJ3rP6obK3+XmQcVD4AV8=
last-modified
Wed, 06 Jul 2022 07:53:45 GMT
server
cloudflare
etag
W/"a438d4b84fc984bedab39eff52de7d1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc04996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
3610.fcfa0e1c.chunk.js
cdn-client.medium.com/lite/static/js/
30 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3610.fcfa0e1c.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c206b884da0783970fa403fc66def17bf89bb4986b5c98949e7b75a5db16cbfb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
SvrIKziMjwkYIM75gFH6vJL0G_D45wAi
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ANHH2E62E6RX251Y
age
545538
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
meVSuqcsYgzSvH0WPN2gRwIJI8XllV0bOTOODl1dZR2YUkuZ48bKw3/4shHFxqKuTF31bkaZoVM=
last-modified
Fri, 09 Sep 2022 19:41:33 GMT
server
cloudflare
etag
W/"8c1ecb719c418f4fc48dedcf9554b0ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc06996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
1018.3d424dd7.chunk.js
cdn-client.medium.com/lite/static/js/
15 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1018.3d424dd7.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bdf228c7a517eb862d683fea710837b6134d9399826803104e8fb1709a2750
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
wsEivFZJ80.8q67Y.g4rlVOMV58uSqJ4
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
THHCJEXA160XVYBP
age
1154975
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MFKO8CrU3InddHsLhYZPAGn9EzGKiSNY154vNB90PaLU9R72DyO3JRvdXHq2oCtgZ5yZ6v9GO50=
last-modified
Mon, 19 Sep 2022 15:53:23 GMT
server
cloudflare
etag
W/"886236e23480793d25fe6271214d1f15"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc07996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
9304.78e04611.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9304.78e04611.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eb60a7fdc9831cf6ad759153bb6212616a33587085e5258f2b11b877609856
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
XDBaX6XKHnNFSwpvKayMa.sNOC1hcaLl
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNG67HTECN3C6TXV
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
aFise8ajUBpU7qgQd2gJgXPrvwjeGFn0z2ZLiO1h3bVNsp+BLgHIrYkUEfahVV3mhR8DUzrN1gc=
last-modified
Fri, 23 Sep 2022 22:09:03 GMT
server
cloudflare
etag
W/"4e6f30dbe08ace2ef331214677bc3aa1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc0d996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
763.3dd24340.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/763.3dd24340.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
goZsfOIuyppoMc0Onuw5TwPKffEVGUNf
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
8TGJ1XETE0NY1ZG4
age
312539
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6iXFlhEzeicU7aJ8UbF6igParGUQqtaRkkp5G2WlBmS6AJF/WHGutadrfqBzSG8sE92+qrVVMAw=
last-modified
Thu, 01 Sep 2022 13:17:18 GMT
server
cloudflare
etag
W/"95c429bc01e6ab0aedece2277f3f41dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc0e996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
8051.c536c001.chunk.js
cdn-client.medium.com/lite/static/js/
59 KB
14 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8051.c536c001.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
5HJouVNr7TaNTnESG04IiNLbaSQMTDfM
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
R9KF81087VD844WE
age
1204163
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ASyihAp1nF+SMXGApQv3rEubcbtNjRG0JqkLTfOMyQEA7BqHyJCgSgU6R8jkZ2S7R5xv2Uvx110=
last-modified
Mon, 22 Aug 2022 23:07:58 GMT
server
cloudflare
etag
W/"47343252b22a02ee0822f03f0be391ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc10996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
9241.75bfe1e3.chunk.js
cdn-client.medium.com/lite/static/js/
41 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9241.75bfe1e3.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ac4a3c12bb0b08c0ae9b05365825828c08851a699a832c913e2afb1c3580ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
thKnoib30J58SR5F9wQhy7xUOSqm8Pq6
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNGF6JC0P97CC9MH
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
4NoiPoz2uXueiUJovmLDy5DypSPCwY8hlctXNVO5o64Zy9LBg9gGUO2dh+ohOuzn9fULSUfsfzA=
last-modified
Fri, 23 Sep 2022 22:09:03 GMT
server
cloudflare
etag
W/"956b129002f049bcd12e3c5b0a64f5f4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc13996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
5887.e23e194c.chunk.js
cdn-client.medium.com/lite/static/js/
24 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5887.e23e194c.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9fbfa693085c04a8fc871dbc81a411c40a4835b67e9abea9f17b37dbadda13c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
UoLrn01dG37xoFBmTBeLMH6L63RiU_7D
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
3T4Z82C7GGJR365H
age
23047
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ZV6VhaSztY3DC6sYjwktaamp23HZp8Q0ehBS6000/wre2fikWTqNGCx4Uw2cN9c/bkx0z+ESj0w=
last-modified
Fri, 30 Sep 2022 17:47:18 GMT
server
cloudflare
etag
W/"a34080eb110db4ef13275bf1e151f9d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc14996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
5754.6687b8d5.chunk.js
cdn-client.medium.com/lite/static/js/
17 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5754.6687b8d5.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
jm4XNl7ULcgGCxMyZPfaouJSQOG7cvnF
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BABNVAC1BSV2C8K2
age
879914
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JuAasHgUwNuFUAxgOmmPG+bBIkW5yXPNOZqk3r8KUPVeaUKAUHQjXw6QBt3GUwX6eWS+1+eA1Co=
last-modified
Fri, 20 May 2022 05:33:41 GMT
server
cloudflare
etag
W/"d8cccf81b0e959008ed590e4a91a1c61"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc15996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
PostPage.MainContent.4dc53f59.chunk.js
cdn-client.medium.com/lite/static/js/
113 KB
27 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.4dc53f59.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c19b363458ee0653134de238372a0a7913daa0487f59516ed6ab74ebea42be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
uhltjUujLuBOCsj_7XkJjiBoIf1adySj
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
EPXV26XG0TG5YGPY
age
9005
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Wo9pMp3/on0mPxz732YrIGMxoF2V9tyN79dG85rJtS9fiQweXrKzrz/dmWRqe9I8AywHUV6kBpppYZ8Vq8SA1g==
last-modified
Mon, 03 Oct 2022 19:10:27 GMT
server
cloudflare
etag
W/"8f72d62217c3937c872a5b50f525da36"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc18996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
1987.e87f9d80.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1987.e87f9d80.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
cBz4yUOPeuq85PbanD5Gb9jI.f0cdUtK
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
E9ECF7NHXNH0HYA8
age
351931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
tKLOWGSriv3Ultn4eLNFbNKM/gTHzGNs9zVwMjqNYCyLbYgGmDgqtuSG09J4Lq8R5AQQIImYNzM=
last-modified
Thu, 01 Sep 2022 18:26:19 GMT
server
cloudflare
etag
W/"5587b9535df6c9068c64661ba037ac8b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc19996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
8237.1eb3b71c.chunk.js
cdn-client.medium.com/lite/static/js/
30 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8237.1eb3b71c.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4edc203436e639704759a0b22466343483791d9f0bff5ac587ef25f8c7202546
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
dxiPIalaMFBcJ6bndxlKAhUvQhDPAi29
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNG2GE4SZ1K8S5J0
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
r4d1cVQf8adJjJWwXVtv/SJVZPQxvcNoH3eHVrE+r8z1XMOmCpVFuVgiXL3rn7HYoFCR79W4XHo=
last-modified
Fri, 23 Sep 2022 22:09:02 GMT
server
cloudflare
etag
W/"ed71bc5d2a871a459349806dc92e2372"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc1b996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
7994.20fdadc7.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7994.20fdadc7.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0a3092a83a7ac2a6d9a67302e1c0b622d243d6192836c550081afafd8e9ff12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
I.gDFCTh_ggFQHbPiMZH7SjdFB2PibD1
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7ZPX3KK1XAHGVQC8
age
338448
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
rkNC/S07C0M1f5KKmXp7EXdVi47LVTJ7rai8XNLgyryHqRzK0YFtjMTuFmzOnLGHObMI0ze8Q84=
last-modified
Wed, 28 Sep 2022 23:25:05 GMT
server
cloudflare
etag
W/"d58c2efe8b246225abd782338419bdf6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc1f996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
PostPage.RightColumnContent.0f35592e.chunk.js
cdn-client.medium.com/lite/static/js/
34 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.0f35592e.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a885a06c6a1e5288df4869c5bb14fcd5ac22728b80400893894a43b9cc643a06
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
x-amz-version-id
8S3aE_z3f1QeCidswhWcPSr.qH7w4_sQ
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
BNG7GQQ9CDK15P80
age
532365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6IQttwhupVctxmAGZEY/U6hMVIOOQCS5FM8iHCbV0ye6O88XtM1Gl+aldSWc3Hkm2xRl5IumsYM=
last-modified
Fri, 23 Sep 2022 22:09:21 GMT
server
cloudflare
etag
W/"049e3985257cb5e121b8b223bd1eb2a7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c6ebc22996e-FRA
expires
Tue, 03 Oct 2023 22:17:33 GMT
pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/
0
0
Preflight
General
Full URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:31d4:76a1:520b:b06b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://doublepulsar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
content-length
0
date
Mon, 03 Oct 2022 22:17:34 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
0*PHZXNa19OkzAjKq4
miro.medium.com/max/720/
39 KB
40 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*PHZXNa19OkzAjKq4
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e0c7393357848d9741e07f7426f58396da2c85a9b7b94e21a3c0f3e156eed5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
340938
x-envoy-upstream-service-time
420
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40298
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c729a69996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
0*c5R-mNI774IqryzT
miro.medium.com/max/720/
60 KB
60 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*c5R-mNI774IqryzT
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24aba2bc191d7d301e8ed851d045f0f00a174af524dc7f07f9f77016edbf5555
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
340827
x-envoy-upstream-service-time
179
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60997
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c729a70996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
1*48R4OwM2KL6q4Prw0fJDhg.png
miro.medium.com/max/720/
46 KB
46 KB
Image
General
Full URL
https://miro.medium.com/max/720/1*48R4OwM2KL6q4Prw0fJDhg.png
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed94a03a7b2235760adc5913caedfe3b9094bd9151a4c7e2586d1757c642d818
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
340938
x-envoy-upstream-service-time
344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47011
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c729a79996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
1*rzHWpGJI2DB0B-tBgYVJNw.png
miro.medium.com/max/720/
69 KB
70 KB
Image
General
Full URL
https://miro.medium.com/max/720/1*rzHWpGJI2DB0B-tBgYVJNw.png
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497337300a5bbcfff088d450bb9cf80b81779b6f206be832ad62f1c062472b15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
340827
x-envoy-upstream-service-time
321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71110
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c72aa7e996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
0*5GW6H9LYN_cq2kLC
miro.medium.com/max/720/
98 KB
98 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*5GW6H9LYN_cq2kLC
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c28d069a5ae2d5565051c7acf9a79060137adf5e35fd195c284eaea7230caa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
287443
x-envoy-upstream-service-time
340
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99891
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c72aa86996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
1*Hj8bVBrqNwjCjduGCkI3Gw.png
miro.medium.com/max/720/
51 KB
51 KB
Image
General
Full URL
https://miro.medium.com/max/720/1*Hj8bVBrqNwjCjduGCkI3Gw.png
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d389af9d797e2a5f2558888560d83b21ea9580793f728c620a130a4ba65b47f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
273022
x-envoy-upstream-service-time
127
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51868
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c72aa8d996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
0*jqxK6iiTcjESrdZ7
miro.medium.com/max/720/
82 KB
82 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*jqxK6iiTcjESrdZ7
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ad3bf318559f99bcdd2794acebb696cede54934d167e56ac336c992382182e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
213745
x-envoy-upstream-service-time
183
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83766
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220930-203142-057a4d4bc6
accept-ranges
bytes
cf-ray
75490c72cad1996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
1*qbpD8LRWj-SxAyvsoZwWGA.png
miro.medium.com/max/720/
42 KB
42 KB
Image
General
Full URL
https://miro.medium.com/max/720/1*qbpD8LRWj-SxAyvsoZwWGA.png
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6871ae165cc313cad425fcf58cdb0efd2efc76b9ae28d0e33579296a47719a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
213742
x-envoy-upstream-service-time
193
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42653
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220930-203142-057a4d4bc6
accept-ranges
bytes
cf-ray
75490c72dadc996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
0*c1jEhDFrTC2viDcK
miro.medium.com/max/720/
34 KB
34 KB
Image
General
Full URL
https://miro.medium.com/max/720/0*c1jEhDFrTC2viDcK
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11240494cb8626859842a59157789400ac9d7d5dd8753920e2eab5b0d451a5c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=c0628ecb19c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
36231
x-envoy-upstream-service-time
181
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34785
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220930-203142-057a4d4bc6
accept-ranges
bytes
cf-ray
75490c72eaf8996e-FRA
expires
Wed, 02 Nov 2022 22:17:33 GMT
pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/
2 B
182 B
Fetch
General
Full URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.7c19e15b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:31d4:76a1:520b:b06b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 03 Oct 2022 22:17:34 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
2
content-type
application/json
PostGiveTipOnExternalPlatform.8f77b158.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.8f77b158.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.3d6b90a1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:34 GMT
x-amz-version-id
jOmB2cABPV60dTlglOANqba9eeq2SJ1k
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
AF3N7753DC5XQHW6
age
1053208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+jmYCPeoPNLAPjqnBrcfyOcxcR/Zsc8Mzcobt2w+i+uriU2T6p15YXqwtxy/bdUu/V9fxYpFmqI=
last-modified
Mon, 29 Aug 2022 15:03:38 GMT
server
cloudflare
etag
W/"a8da66300dc20eb65b5ca5b255fb21bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c748ddc996e-FRA
expires
Tue, 03 Oct 2023 22:17:34 GMT
1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/32/32/
1 KB
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/32/32/1*euFkwA7zJWm-l7aDoNtJrw.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5662822283419524d975e985628a750612de365972df3f8a7e3e92d25550691f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
372118
x-envoy-upstream-service-time
74
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1153
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220525-094934-61c2d29c30
accept-ranges
bytes
cf-ray
75490c751edc996e-FRA
expires
Wed, 02 Nov 2022 22:17:34 GMT
1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/48/48/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/48/48/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fbb7049ad12606310dcd8e51de98ecc0e1685e6cdde00e7a999644797e8713d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
372118
x-envoy-upstream-service-time
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1768
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220303-000533-8c0cdff0ab
accept-ranges
bytes
cf-ray
75490c751edd996e-FRA
expires
Wed, 02 Nov 2022 22:17:34 GMT
1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/88/88/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/fit/c/88/88/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e6610f624debb1f77669186e644eef7f43bd336b3cfe1297a4108d2b5c50b5e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
365382
x-envoy-upstream-service-time
48
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3871
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220525-094934-61c2d29c30
accept-ranges
bytes
cf-ray
75490c751ede996e-FRA
expires
Wed, 02 Nov 2022 22:17:34 GMT
graphql
doublepulsar.com/_/
143 B
439 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1246643df1f98737fdf91402ce06ee2681324411369a5fab24f97b7c8a0d5d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
VisitorQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"8f-JUROMhogyXj3Y9n5fReqQg0Wu5Y"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d
x-envoy-upstream-service-time
13
content-length
143
x-xss-protection
0
x-request-received-at
1664835454476
graphql
doublepulsar.com/_/
1 KB
864 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
564f8b51b47eadb1525217cbf635f1360dd75afc20573078b1b4e0b9e7a09726
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
CollectionViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"568-/5X2H9wVpMzTcNmV0JUflcxq3VU"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-212942-320a4ddbcf
x-envoy-upstream-service-time
69
x-xss-protection
0
x-request-received-at
1664835454483
graphql
doublepulsar.com/_/
1 KB
987 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
eabacb0d38d42e045857cc966ce9eeab7dc115d7cd5b50aaa3e219c110e8cbc0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
FloatingPostActionsQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"50d-I3erfGivJeCpIvzjqLd3TWDrhWQ"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-195610-e217ea642f
x-envoy-upstream-service-time
77
x-xss-protection
0
x-request-received-at
1664835454481
graphql
doublepulsar.com/_/
210 B
532 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9281415fcd4423e76533f41d432bb8dff03c4fdb7392e89cdecd98e4ce690b95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"d2-vIkY0eVRTdWBM1vPqA1ZTbaFxO4"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-212942-320a4ddbcf
x-envoy-upstream-service-time
32
content-length
210
x-xss-protection
0
x-request-received-at
1664835454584
graphql
doublepulsar.com/_/
210 B
531 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
38e0d4da3b856f5948a61e4f069191dc20d6736505c31bf4c36a1822715df062
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"d2-FDySJ8eTS8w7yKaD6obMdQDN44s"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-202629-a9824be504
x-envoy-upstream-service-time
41
content-length
210
x-xss-protection
0
x-request-received-at
1664835454583
graphql
doublepulsar.com/_/
108 B
429 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
PostPageMeterQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-202629-a9824be504
x-envoy-upstream-service-time
60
content-length
108
x-xss-protection
0
x-request-received-at
1664835454586
graphql
doublepulsar.com/_/
2 KB
1 KB
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c1ff3a3e0217e0f6df52ba2fcd74ade8a5cc543b02ce4d9bae75c14747ec41ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
PublisherFollowersDialogUserQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"933-h6jcxNoTz0uN7K9UEL87TCg2VQI"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-202629-a9824be504
x-envoy-upstream-service-time
107
x-xss-protection
0
x-request-received-at
1664835454583
graphql
doublepulsar.com/_/
4 KB
2 KB
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
53f7612e98e58b82ec7a7b48916894b1bb5453f5723bbd6802c8636842afde50
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
RecircSidebarQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"11fa-LN8w19Sv7A+V65Mmg6lvYNWw+7E"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-172719-70518f41f6
x-envoy-upstream-service-time
119
x-xss-protection
0
x-request-received-at
1664835454588
graphql
doublepulsar.com/_/
78 B
398 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
InteractivePostBodyQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"4e-oZRptXabGmg8T9fhH50MI993LtI"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-202629-a9824be504
x-envoy-upstream-service-time
29
content-length
78
x-xss-protection
0
x-request-received-at
1664835454585
graphql
doublepulsar.com/_/
102 B
397 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8b0f1fbcee4bb01b35bbee497850e37d06187e1ceff757db9f50575a9ae76ada
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
MaybeTextToSpeechQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"66-hrfghN3gq9D1Uv9msmYl9M9E5d4"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d
x-envoy-upstream-service-time
65
content-length
102
x-xss-protection
0
x-request-received-at
1664835454587
graphql
doublepulsar.com/_/
81 B
374 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
PostGiveTipOnExternalPlatformQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"51-T0kabmH8r91amHAHqjii15hhpe8"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d
x-envoy-upstream-service-time
20
content-length
81
x-xss-protection
0
x-request-received-at
1664835454584
/
doublepulsar.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://doublepulsar.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.7c19e15b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, clientele/main-20220930-203142-057a4d4bc6
x-envoy-upstream-service-time
7
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
/
doublepulsar.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://doublepulsar.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.7c19e15b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, clientele/main-20220930-203142-057a4d4bc6
x-envoy-upstream-service-time
8
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
/
doublepulsar.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://doublepulsar.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.7c19e15b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, clientele/main-20220930-203142-057a4d4bc6
x-envoy-upstream-service-time
7
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
shim.js
cdn.sprig.com/
193 KB
65 KB
Script
General
Full URL
https://cdn.sprig.com/shim.js?id=WISfSM8eD3
Requested by
Host: t.co
URL: https://t.co/KV32TDxawi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-79.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf57366bd55298c814cedbb050f84cb0a1253820b5f5c1ab1c4ce216eb3bed5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 20:36:29 GMT
x-amz-version-id
dudLBg1byoAmUpFiYjdx5p.wTRvX21WL
content-encoding
br
last-modified
Mon, 03 Oct 2022 18:29:01 GMT
server
AmazonS3
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"ae2766997c89d8c8569d782ac1bbddb4"
age
6066
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
YqWveo_qLoF5k6sefXjnHzGpAxr-1BZJq75Ut6UrXVmHDi9L5Qx4mA==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t.co
URL: https://t.co/KV32TDxawi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 21:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
3697
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 03 Oct 2022 23:15:57 GMT
branch-latest.min.js
cdn.branch.io/
76 KB
23 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: t.co
URL: https://t.co/KV32TDxawi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
xpT8NSlkFRtFn0r3VTueOXydk4ItdRFJ
content-encoding
gzip
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 22:15:29 GMT
last-modified
Tue, 13 Sep 2022 22:02:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
126
etag
"9a440767cf788fb1f7e43521d015d5ca"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
23149
x-amz-cf-id
bYfS-QCS1nYe9qACmwP4xgcePGjMBmhKrsk2K8K6osN2x9cli6dErA==
graphql
doublepulsar.com/_/
84 B
379 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1ade50dcb9973173b92a8a9f814383fdc887a2c2b3a7ac9c8f9c3fbc03a5ae5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
ClapCountQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"54-nEw1g1AUBeKTAJhGS3WFxadxQDQ"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d
x-envoy-upstream-service-time
19
content-length
84
x-xss-protection
0
x-request-received-at
1664835455019
graphql
doublepulsar.com/_/
210 B
532 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9281415fcd4423e76533f41d432bb8dff03c4fdb7392e89cdecd98e4ce690b95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:32 GMT
sepia-upstream
medium
server
nginx
etag
W/"d2-vIkY0eVRTdWBM1vPqA1ZTbaFxO4"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d, tutu/main-20221003-202629-a9824be504
x-envoy-upstream-service-time
31
content-length
210
x-xss-protection
0
x-request-received-at
1664835455022
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1400176491&t=pageview&_s=1&dl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=ProxyNotShell%E2%80%94%20the%20story%20of%20the%20claimed%20zero%20days%20in%20Microsoft%20Exchange%20%7C%20by%20Kevin%20Beaumont%20%7C%20Sep%2C%202022%20%7C%20DoublePulsar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=318615421&gjid=2123982205&cid=399917902.1664835455&tid=UA-24232453-2&_gid=1897611906.1664835455&_r=1&_slc=1&z=514584105
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 22:17:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://doublepulsar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
_r
app.link/
91 B
596 B
Script
General
Full URL
https://app.link/_r?sdk=web2.65.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2ce5813a32f3c63f4ee450ef26a6d8cf6ae51564e5785422bc7bdd39312e135d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA56-P3
etag
W/"5b-GCVAHpK4NDbArJ80N9JdMNpYndw"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
lSbKkExCovacskZxKXRAJKyoZUM1Lf7zVhyJqxHnoRWenk6ctHAeYQ==
config
api.sprig.com/sdk/1/environments/WISfSM8eD3/
15 KB
3 KB
Fetch
General
Full URL
https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-235-75.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
56a7e319beaf448089f236a6a86ce88efdca69980ea0eabab44414efdbeca691

Request headers

x-ul-visitor-id
2c0180be-fc4b-47f6-b00b-7f7550329bcf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json
x-ul-installation-method
web-snippet
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version
2.17.5
x-ul-environment-id
WISfSM8eD3
userleap-platform
web

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
content-encoding
gzip
x-envoy-decorator-operation
userleap-api.userleap-api.svc.cluster.local:80/*
server
istio-envoy
etag
W/"3b72-AZnED8Y+cFsrzwOxsiDvpPsa4wQ"
Transfer-Encoding
chunked
vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
23
Connection
keep-alive
timing-allow-origin
https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
config
api.sprig.com/sdk/1/environments/WISfSM8eD3/
0
0
Preflight
General
Full URL
https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-235-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method
GET
Origin
https://doublepulsar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept,Content-Type,authorization,*
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 22:17:35 GMT
vary
Origin
4560.797148c8.chunk.js
cdn-client.medium.com/lite/static/js/
43 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4560.797148c8.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.3d6b90a1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf803319c36aa71faacf7697319f06ac9933ca3e7a8fc0e74cacdd181f1a6239
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
x-amz-version-id
Z7SHTutg2G4kHOFJhOz6Xxw6u59VS670
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
5X9GVKRFSPQKGJD2
age
532311
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YhxC9U9kTkFx0D3XAJRxmTUz3odWvUf3ZIHHqf2il8f4gQlvVK7nQBZ3x4il/11H8S40NtzeA14=
last-modified
Fri, 23 Sep 2022 22:08:57 GMT
server
cloudflare
etag
W/"3433382da36e684d93fbb7e115304304"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c79d980996e-FRA
expires
Tue, 03 Oct 2023 22:17:35 GMT
PostNextFiveStories.5ef18fff.chunk.js
cdn-client.medium.com/lite/static/js/
4 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.5ef18fff.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.3d6b90a1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
x-amz-version-id
exTCuGBa1y2uney1YBpz5JAAyr6r7o7e
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6HYRPE56B03M9HZ0
age
1053211
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
371Blsw/iymLWs3ZYzse7ROVFRrRMZvvZssTOaA6DzeYUl9tNFU43LonSFAvaKjOz6oWJcdZTmk=
last-modified
Fri, 26 Aug 2022 22:24:21 GMT
server
cloudflare
etag
W/"5bc6ab68088c4531380f47520b82da55"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75490c79d983996e-FRA
expires
Tue, 03 Oct 2023 22:17:35 GMT
1*1bl-7PjgNCTrhTbri4v20A.jpeg
miro.medium.com/fit/c/20/20/
986 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*1bl-7PjgNCTrhTbri4v20A.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b439b26028fb7b42b79878b26924e144d26bbcd5f8c44df5b3a1ec3698cf8c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
209962
x-envoy-upstream-service-time
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
986
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c7a4a49996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
1*u6qAnC98KRw8xSDQyFpypQ.png
miro.medium.com/focal/56/56/50/50/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*u6qAnC98KRw8xSDQyFpypQ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd9dca910bc9ede5ff42b9a7ac1b21df0d8fbd45b10bda5b8fadb668891704ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
209962
x-envoy-upstream-service-time
137
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4227
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c7a4a4f996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
1*VozsyhtIWztTuCOM5GZ0Xg.jpeg
miro.medium.com/fit/c/20/20/
636 B
986 B
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*VozsyhtIWztTuCOM5GZ0Xg.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980e10d1e5f6b67f24a2ba12558a9a48829c817a764b51e47a51f0d8980db43b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
884
x-envoy-upstream-service-time
60
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
636
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220912-192647-a63a7427a9
accept-ranges
bytes
cf-ray
75490c7a4a52996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
1*9hfVWtZq4ajl1MaJSJifag.jpeg
miro.medium.com/focal/56/56/50/50/
518 B
870 B
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*9hfVWtZq4ajl1MaJSJifag.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3857160e2969e62b4efd7f21c45c5586ff9f7e51928fd710ebdc29f49d7fda7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
278742
x-envoy-upstream-service-time
122
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
518
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c7a4a53996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
1*qz8tfR0xm0p7NDodpbr_5Q.jpeg
miro.medium.com/fit/c/20/20/
938 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*qz8tfR0xm0p7NDodpbr_5Q.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d21705d4aa31b1fb8c5816edba7d8d54181818fc4281ac998eec4a2799cd636
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
550687
x-envoy-upstream-service-time
101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
938
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
75490c7a4a55996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
1*6PemblqFV8rKDYflnGAAbA.png
miro.medium.com/focal/56/56/50/50/
6 KB
6 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*6PemblqFV8rKDYflnGAAbA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9445502cce4dd74c4fc6ad92fbf033369b9d78fb8118f995505ee40f6d937252
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
96816
x-envoy-upstream-service-time
65
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6070
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220923-182944-2f1209e24b
accept-ranges
bytes
cf-ray
75490c7a4a57996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
1*N3XzP2bucTYwTm8ZmUZkUA.jpeg
miro.medium.com/fit/c/20/20/
994 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*N3XzP2bucTYwTm8ZmUZkUA.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977a9f4cee4a4afb98c9ebe8be9030a90f7d0cd0c67af6f317b18521e9603b40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
119874
x-envoy-upstream-service-time
39
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
994
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
75490c7a4a5b996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
1*5cm_JoRfw0MTV4uOWObmkQ.png
miro.medium.com/focal/56/56/51/13/
3 KB
4 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/51/13/1*5cm_JoRfw0MTV4uOWObmkQ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79a4032dc99f8b7f145fa26d5b6754dc570c312381849db1e61907d5f2a04c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
333899
x-envoy-upstream-service-time
159
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3370
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220927-191243-5273a104f0
accept-ranges
bytes
cf-ray
75490c7a4a5c996e-FRA
expires
Wed, 02 Nov 2022 22:17:35 GMT
graphql
doublepulsar.com/_/
138 B
451 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dc0a4948011b3bf48695d6b088a8ad2a65b902eee0dfa2bff5ec3b7d77e9941c
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5d6d6ef0dcee6e60
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
PostNextFiveStoriesCollection
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20221003-193214-e217ea642f
apollographql-client-version
main-20221003-193214-e217ea642f
ot-tracer-spanid
306b46b169ba89aa

Response headers

date
Mon, 03 Oct 2022 22:17:33 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
sepia-upstream
medium
server
nginx
content-type
text/html; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6, rito/main-20220930-135036-ed9380d85d
x-envoy-upstream-service-time
8
content-length
138
x-xss-protection
0
x-request-received-at
1664835455198
open
api2.branch.io/v1/
316 B
678 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dba185420f5aa82665a4f03ca0a868d7845b971d524849a492aea42ea28a9259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
1ca9060c9122453685722f02b70436b2-2022100322
content-length
316
x-amz-cf-id
1n_Rj4YMPu2X3vfG48uaPlBg2oy7FCf0XdKFc9yIXNXdB4VFU4FQjA==
profile
api2.branch.io/v1/
183 B
614 B
XHR
General
Full URL
https://api2.branch.io/v1/profile
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
4a00e6e2d0427a2472e22cbb1426421e32d3951832d955a168b95e41a541592a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"b7-Nd7UR+TPnpMsXpyW9LVRrjuVBPM"
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
f0825a3764134d86a69f713aedf2c26f-2022100322
content-length
183
x-amz-cf-id
HePNL66KJ12YD2wp7YvVM3D1upBTS6MWoe8RfQSDbwxb40B8mLCrKw==
2c0180be-fc4b-47f6-b00b-7f7550329bcf
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/
0
0
Preflight
General
Full URL
https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/2c0180be-fc4b-47f6-b00b-7f7550329bcf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-235-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method
PUT
Origin
https://doublepulsar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept,Content-Type,authorization,*
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 22:17:35 GMT
vary
Origin
2c0180be-fc4b-47f6-b00b-7f7550329bcf
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/
0
815 B
Fetch
General
Full URL
https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/2c0180be-fc4b-47f6-b00b-7f7550329bcf
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-235-75.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id
sprig-anon-63a49b27-6efc-48f4-a666-cedd4f60cfab
x-ul-visitor-id
2c0180be-fc4b-47f6-b00b-7f7550329bcf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json
x-ul-installation-method
web-snippet
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version
2.17.5
x-ul-environment-id
WISfSM8eD3
userleap-platform
web

Response headers

date
Mon, 03 Oct 2022 22:17:35 GMT
x-envoy-decorator-operation
userleap-api.userleap-api.svc.cluster.local:80/*
server
istio-envoy
x-ul-visitor-id
2c0180be-fc4b-47f6-b00b-7f7550329bcf
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization
Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiIyYzAxODBiZS1mYzRiLTQ3ZjYtYjAwYi03Zjc1NTAzMjliY2YiLCJpYXQiOjE2NjQ4MzU0NTUsImV4cCI6MTY2NTAwODI1NX0.NYk0UhoDu86aoQTM9dDna6eV2l9lq-zxd_z35S1ty13Sh7r89qnMVddUbwZ2GKRZtxInzNJV3ms34mmtl0fX3Q
vary
Origin
access-control-allow-origin
*
access-control-expose-headers
Authorization,x-ul-visitor-id
x-envoy-upstream-service-time
18
Connection
keep-alive
timing-allow-origin
https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
attributes
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/2c0180be-fc4b-47f6-b00b-7f7550329bcf/
0
815 B
Fetch
General
Full URL
https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/2c0180be-fc4b-47f6-b00b-7f7550329bcf/attributes
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-235-75.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id
sprig-anon-63a49b27-6efc-48f4-a666-cedd4f60cfab
x-ul-visitor-id
2c0180be-fc4b-47f6-b00b-7f7550329bcf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json
x-ul-installation-method
web-snippet
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version
2.17.5
x-ul-environment-id
WISfSM8eD3
userleap-platform
web

Response headers

date
Mon, 03 Oct 2022 22:17:36 GMT
x-envoy-decorator-operation
userleap-api.userleap-api.svc.cluster.local:80/*
server
istio-envoy
x-ul-visitor-id
2c0180be-fc4b-47f6-b00b-7f7550329bcf
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization
Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiIyYzAxODBiZS1mYzRiLTQ3ZjYtYjAwYi03Zjc1NTAzMjliY2YiLCJpYXQiOjE2NjQ4MzU0NTUsImV4cCI6MTY2NTAwODI1NX0.NYk0UhoDu86aoQTM9dDna6eV2l9lq-zxd_z35S1ty13Sh7r89qnMVddUbwZ2GKRZtxInzNJV3ms34mmtl0fX3Q
vary
Origin
access-control-allow-origin
*
access-control-expose-headers
Authorization,x-ul-visitor-id
x-envoy-upstream-service-time
57
Connection
keep-alive
timing-allow-origin
https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
attributes
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/2c0180be-fc4b-47f6-b00b-7f7550329bcf/
0
0
Preflight
General
Full URL
https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/2c0180be-fc4b-47f6-b00b-7f7550329bcf/attributes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-235-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method
PUT
Origin
https://doublepulsar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers
Accept,Content-Type,authorization,*
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 22:17:35 GMT
vary
Origin
pageview
api2.branch.io/v1/
28 B
434 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Oct 2022 22:17:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
503cd9ba8ea04f459e31532a8898060e-2022100322
content-length
28
x-amz-cf-id
177s_7iwxhRNSYiq39tnLVa20w4ezqoyyYgXlwGUONRvTTJxuy-r4g==
pageview
api2.branch.io/v1/
28 B
437 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Oct 2022 22:17:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
815710fce5b14b5d9d664d5b9cd86364-2022100322
content-length
28
x-amz-cf-id
k3nloxkqvO5SvCyR-TI7AB-qUmvwhaClWDr0yUC_JWZxXM7x49UdEw==
oh-noes
doublepulsar.com/_/
101 B
0
Fetch
General
Full URL
https://doublepulsar.com/_/oh-noes
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.7c19e15b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx / Medium
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://doublepulsar.com https://*.doublepulsar.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-xsrf-token
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type
application/json

Response headers

date
Mon, 03 Oct 2022 22:17:36 GMT
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://doublepulsar.com https://*.doublepulsar.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
20221003-2113-root,c8a2a73a
x-envoy-upstream-service-time
24
content-length
101
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-obvious-tid
1664835459097:64afb0181e34
sepia-upstream
medium
server
nginx
x-frame-options
sameorigin
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6
link
<https://medium.com/humans.txt>; rel="humans"
x-opentracing
{"ot-tracer-spanid":"7fc8201d7ef6eec0","ot-tracer-traceid":"6f1a139ed2bf3567","ot-tracer-sampled":"true"}
expires
Thu, 09 Sep 1999 09:09:09 GMT
batch
doublepulsar.com/_/
17 B
173 B
Fetch
General
Full URL
https://doublepulsar.com/_/batch
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.7c19e15b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-xsrf-token
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type
application/json

Response headers

date
Mon, 03 Oct 2022 22:17:37 GMT
medium-fulfilled-by
valencia/main-20220930-203142-057a4d4bc6
x-envoy-upstream-service-time
169
sepia-upstream
medium
server
nginx
content-length
17
content-type
application/json

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_RUM function| main object| __APOLLO_CLIENT__ function| _resizeIframe function| Sprig function| UserLeap string| GoogleAnalyticsObject function| ga object| branch object| google_tag_data object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: bd965150-c396-455f-8d5d-ee92ddacb175
.medium.com/ Name: sid
Value: 1:aC5IomOMXrK9CO6i0xMLZ0XmDk9kEBrg/ytx1nItT1BYuSx0M2E6sxV1GjDPlvYf
.medium.com/ Name: uid
Value: lo_a1375ec0db84
.medium.com/ Name: __cfruid
Value: dfc2cf42b85a5178ca08bf15bdc882a80f8c1c43-1664835452
doublepulsar.com/ Name: uid
Value: lo_a1375ec0db84
doublepulsar.com/ Name: sid
Value: 1:gUQoO0TcXZiJqtUZtO5lTgpDtbadtFjWx6uK+8CGjBofomVN0QXlUvs9/NamMcs/
doublepulsar.com/ Name: _dd_s
Value: rum=0&expire=1664836354054
.doublepulsar.com/ Name: _ga
Value: GA1.2.399917902.1664835455
.doublepulsar.com/ Name: _gid
Value: GA1.2.1897611906.1664835455
.doublepulsar.com/ Name: _gat
Value: 1
.app.link/ Name: _s
Value: bCrZTTgySvZby%2Fkxf4DyAKyMJOVgZz2lbhjt6qZs9VT1IflA1hoZo4%2BE8c2EtjHi

1 Console Messages

Source Level URL
Text
network error URL: https://doublepulsar.com/_/graphql
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sprig.com
api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.sprig.com
doublepulsar.com
glyph.medium.com
medium.com
miro.medium.com
t.co
www.google-analytics.com
104.244.42.197
108.138.17.79
108.138.17.81
2001:4860:4802:32::178
2600:1f18:24e6:b900:31d4:76a1:520b:b06b
2600:9000:223d:8600:19:9934:6a80:93a1
2600:9000:2491:6400:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
3.93.235.75
52.1.119.170
011fde0b027062771524c604be95e7538912dd0402efeeaaba4c4d32faacf9b1
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0d21705d4aa31b1fb8c5816edba7d8d54181818fc4281ac998eec4a2799cd636
11240494cb8626859842a59157789400ac9d7d5dd8753920e2eab5b0d451a5c1
12e0c7393357848d9741e07f7426f58396da2c85a9b7b94e21a3c0f3e156eed5
1891123add5a5ae2cd8b372eff416c3d116384bde590d3dedb160e4b2c3945bd
1950c7280b74b029c73a0b0ed1f4e77b62b6f620ead144285a0bc83ea28c7153
24aba2bc191d7d301e8ed851d045f0f00a174af524dc7f07f9f77016edbf5555
2ce5813a32f3c63f4ee450ef26a6d8cf6ae51564e5785422bc7bdd39312e135d
31ad3bf318559f99bcdd2794acebb696cede54934d167e56ac336c992382182e
344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661
38e0d4da3b856f5948a61e4f069191dc20d6736505c31bf4c36a1822715df062
39380fe01c2df546b384833f729e7c2265cb467cfca3c4bc5d2e85b123ae88ed
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443284f640afd32b1532789657bc8f182c11b0f5599e49b70793c6de80655d64
45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8
497337300a5bbcfff088d450bb9cf80b81779b6f206be832ad62f1c062472b15
4a00e6e2d0427a2472e22cbb1426421e32d3951832d955a168b95e41a541592a
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
4edc203436e639704759a0b22466343483791d9f0bff5ac587ef25f8c7202546
50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93
53f7612e98e58b82ec7a7b48916894b1bb5453f5723bbd6802c8636842afde50
54bdf228c7a517eb862d683fea710837b6134d9399826803104e8fb1709a2750
564f8b51b47eadb1525217cbf635f1360dd75afc20573078b1b4e0b9e7a09726
5662822283419524d975e985628a750612de365972df3f8a7e3e92d25550691f
56a7e319beaf448089f236a6a86ce88efdca69980ea0eabab44414efdbeca691
5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc
5e6610f624debb1f77669186e644eef7f43bd336b3cfe1297a4108d2b5c50b5e
60b1f4a654515e6718e96a6ef5ca1c2612c384ee76a9fffc113bf7936398b529
64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
66eb60a7fdc9831cf6ad759153bb6212616a33587085e5258f2b11b877609856
6b9b076f650f3530b44d3f99c581cb806a86d51ec91fe55cb9cd85bc48b135d1
70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca
718c21c54c22368449ebeafd73dbc663738e4dc0f668ff581cf04a7049764e13
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338
7fbb7049ad12606310dcd8e51de98ecc0e1685e6cdde00e7a999644797e8713d
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
8b0f1fbcee4bb01b35bbee497850e37d06187e1ceff757db9f50575a9ae76ada
8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c
8d389af9d797e2a5f2558888560d83b21ea9580793f728c620a130a4ba65b47f
9281415fcd4423e76533f41d432bb8dff03c4fdb7392e89cdecd98e4ce690b95
9445502cce4dd74c4fc6ad92fbf033369b9d78fb8118f995505ee40f6d937252
959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
977a9f4cee4a4afb98c9ebe8be9030a90f7d0cd0c67af6f317b18521e9603b40
97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478
980e10d1e5f6b67f24a2ba12558a9a48829c817a764b51e47a51f0d8980db43b
9b439b26028fb7b42b79878b26924e144d26bbcd5f8c44df5b3a1ec3698cf8c3
9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e
9c28d069a5ae2d5565051c7acf9a79060137adf5e35fd195c284eaea7230caa3
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2ac4a3c12bb0b08c0ae9b05365825828c08851a699a832c913e2afb1c3580ba
a2f41ca7aa3bb0e3241ba079c8cc866ec35788c30f2835fbb5665332397523a6
a3857160e2969e62b4efd7f21c45c5586ff9f7e51928fd710ebdc29f49d7fda7
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a885a06c6a1e5288df4869c5bb14fcd5ac22728b80400893894a43b9cc643a06
a9fbfa693085c04a8fc871dbc81a411c40a4835b67e9abea9f17b37dbadda13c
ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b1246643df1f98737fdf91402ce06ee2681324411369a5fab24f97b7c8a0d5d4
b1ade50dcb9973173b92a8a9f814383fdc887a2c2b3a7ac9c8f9c3fbc03a5ae5
b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48
b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293
ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d
be0f8a65fc2fe3b1ab402e3d49df3ae1a6730454a60e95d23f1191a681ea6932
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
bf803319c36aa71faacf7697319f06ac9933ca3e7a8fc0e74cacdd181f1a6239
c1ff3a3e0217e0f6df52ba2fcd74ade8a5cc543b02ce4d9bae75c14747ec41ee
c206b884da0783970fa403fc66def17bf89bb4986b5c98949e7b75a5db16cbfb
c25fa752260dab146cbb9bc0dc8a23fad476a7107a1d02f1c089c5f1612bba4f
c2aba4d59dbb00af771b35ea962de7f13f0099d894886b663cc453f891fca6ac
c8dc6281d3785ca4290b4e64cf9976a481b8c2a87718ac0c4cdb69479c903ad6
cc6871ae165cc313cad425fcf58cdb0efd2efc76b9ae28d0e33579296a47719a
cd9dca910bc9ede5ff42b9a7ac1b21df0d8fbd45b10bda5b8fadb668891704ae
cf57366bd55298c814cedbb050f84cb0a1253820b5f5c1ab1c4ce216eb3bed5c
d0a3092a83a7ac2a6d9a67302e1c0b622d243d6192836c550081afafd8e9ff12
d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83
d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8
d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44
db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e
dba185420f5aa82665a4f03ca0a868d7845b971d524849a492aea42ea28a9259
dc0a4948011b3bf48695d6b088a8ad2a65b902eee0dfa2bff5ec3b7d77e9941c
de48cb910621bf94185fc11bda005922bbb5e19141e2585e4b9d963b29191288
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d98921ea92f67eab9a08aa38bf26cccf84ec38f90a700a89ceb0d2f08a6d2
e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc
e5c2408e788a199fd971127ce0f1ddb40ef3fe9f0ceedff56a2863b7c0f66f60
e9bcad9a1633d8b6d24692ee67b1644f42631a7d256cb98844783b084975488d
eabacb0d38d42e045857cc966ce9eeab7dc115d7cd5b50aaa3e219c110e8cbc0
ed94a03a7b2235760adc5913caedfe3b9094bd9151a4c7e2586d1757c642d818
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
f0c19b363458ee0653134de238372a0a7913daa0487f59516ed6ab74ebea42be
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0
f79a4032dc99f8b7f145fa26d5b6754dc570c312381849db1e61907d5f2a04c4
fb889c1cb1f8aa32011e8ecadf4982471cd8cf659e1676a5cbc62b7bdffc6380
fc1bbfbd6071831b2ff691ec6b9496a968663008078867fc284318644cef803d
fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce