posts.specterops.io Open in urlscan Pro
52.1.173.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4|
Effective URL:
https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=127...
Submission: On August 30 via api (August 30th 2019, 2:15:56 pm UTC) from US

Summary HTTP 77 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 77 HTTP transactions. The main IP is 52.1.173.203, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 2nd 2019. Valid for: a year.

This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	52.1.173.203 52.1.173.203	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	2606:4700::68... 2606:4700::6810:787f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
55	2606:4700::68... 2606:4700::6810:7991	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.35.253.62 13.35.253.62	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:205... 2600:9000:2057:3400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.35.254.41 13.35.254.41	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2600:9000:205... 2600:9000:2057:6800:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	3.218.228.228 3.218.228.228	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	54.164.222.146 54.164.222.146	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
77	10

7 52.1.173.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-173-203.compute-1.amazonaws.com

posts.specterops.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:787f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2606:4700::6810:7991 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.62 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-62.fra6.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.41 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-41.fra6.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:6800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.228.228 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-218-228-228.compute-1.amazonaws.com

srv-2019-08-30-14.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.164.222.146 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-164-222-146.compute-1.amazonaws.com

collector-medium.lightstep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	855 KB
7	specterops.io 1 redirects posts.specterops.io	33 KB
5	lightstep.com collector-medium.lightstep.com	2 KB
4	branch.io cdn.branch.io api2.branch.io	23 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	parsely.com srv-2019-08-30-14.pixel.parsely.com	765 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	17 KB
1	app.link app.link	728 B
77	8

	Domain	Requested by
38	miro.medium.com	posts.specterops.io
10	cdn-client.medium.com	posts.specterops.io cdn-client.medium.com
7	glyph.medium.com	posts.specterops.io
7	posts.specterops.io	1 redirects cdn-client.medium.com
5	collector-medium.lightstep.com	cdn-client.medium.com
3	api2.branch.io	cdn-client.medium.com
3	www.google-analytics.com	posts.specterops.io
2	srv-2019-08-30-14.pixel.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	posts.specterops.io
1	medium.com	1 redirects
77	12

This site contains links to these domains. Also see Links.

Domain
medium.com
www.specterops.io
www.virustotal.com
github.com
docs.microsoft.com
enigma0x3.net
help.medium.com

Subject Issuer	Validity	Valid
posts.specterops.io Sectigo RSA Domain Validation Secure Server CA	`2019-04-02` - `2020-04-01`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2018-07-31` - `2020-09-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.pixel.parsely.com Amazon	`2019-02-27` - `2020-03-27`	a year	crt.sh
*.lightstep.com Let's Encrypt Authority X3	`2019-07-15` - `2019-10-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
Frame ID: 97E11019AC090F08B6DC96CED1EE451B
Requests: 81 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f86... HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Favira-opti... HTTP 302
https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f86... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

77
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

10
IPs

2
Countries

975 kB
Transfer

2374 kB
Size

10
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----af109b7df5b1----------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_page-----af109b7df5b1---------------------nav_reg-
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_page-----af109b7df5b1---------------------nav_reg-
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.specterops.io/?source=post_page-----af109b7df5b1----------------------
Title: specterops.io

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_page-1bb43103a9a9----af109b7df5b1----------------------
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/1b16d74643382c88ad133bc274740472a7e58b0a1428225e192789af5a37fada/detection
Title: Avira.OptimizerHost.exe

Search URL Search Domain Scan URL

URL: https://github.com/PowerShellMafia/PowerSploit/blob/dev/Privesc/PowerUp.ps1
Title: PowerUp

Search URL Search Domain Scan URL

URL: https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools/tree/master/NtObjectManager
Title: NTObjectManager

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/secauthz/null-dacls-and-empty-dacls
Title: NULL DACL

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-getnamedpipeclientprocessid
Title: GetNamedPipeClientProcessID()

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-queryfullprocessimagenamew
Title: QueryFullProcessImageNameW()

Search URL Search Domain Scan URL

URL: https://github.com/xorrior/Random-CSharpTools/tree/master/SigPirate
Title: clone an existing certificate

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-waitnamedpipea
Title: WaitNamedPipe()

Search URL Search Domain Scan URL

URL: https://github.com/ChadSki/SharpNeedle
Title: https://github.com/ChadSki/SharpNeedle

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/wintrust/nf-wintrust-winverifytrust
Title: WinVerifyTrust()

Search URL Search Domain Scan URL

URL: https://enigma0x3.net/2019/08/29/avira-optimizer-local-privilege-escalation/
Title: http://enigma0x3.net

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_sidebar--------------------------follow_sidebar-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_sidebar-----af109b7df5b1---------------------clap_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_actions_footer-----af109b7df5b1---------------------clap_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/p/af109b7df5b1/share/twitter?source=follow_footer--------------------------follow_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/p/af109b7df5b1/share/facebook?source=follow_footer--------------------------follow_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_actions_footer--------------------------bookmark_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=follow_footer-1bb43103a9a9-------------------------follow_footer-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=follow_footer--------------------------follow_footer-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/p/af109b7df5b1/responses/show?source=follow_footer--------------------------follow_footer-
Title: Write the first response

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_recirc-----fdf5555c9eb1----0-----------------clap_preview-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_recirc-----bee58de48e05----1-----------------clap_preview-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&source=post_recirc-----ff74c39615ba----2-----------------clap_preview-

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----af109b7df5b1----------------------
Title: Discover Medium

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----af109b7df5b1----------------------
Title: Make Medium yours

Search URL Search Domain Scan URL

URL: https://medium.com/membership?source=post_page-----af109b7df5b1----------------------
Title: Become a member

Search URL Search Domain Scan URL

URL: https://help.medium.com/?source=post_page-----af109b7df5b1----------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.com/policy/9db0094a1e0f?source=post_page-----af109b7df5b1----------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://medium.com/policy/f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4| HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1%3Fsource%3Drss----f05f8696e3cc---4| HTTP 302
https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request avira-optimizer-local-privilege-escalation-af109b7df5b1 Show response
posts.specterops.io/
Redirect Chain

https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4|
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1%3Fsource%3Drss----f05f8696e3cc---4|
https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

147 KB
31 KB

1124ms
1123ms

Document
text/html

52.1.173.203
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-173-203.compute-1.amazonaws.com

Software

nginx /

Resource Hash

38a2fb4ee85afc775c4ef29c716f7c905ff286aedf4c8e4c1d38b0c39d2c423f

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Fri, 30 Aug 2019 14:15:38 GMT
content-type: text/html; charset=utf-8
set-cookie: uid=lo_yZpzxu1e6U2M; path=/; expires=Sat, 29 Aug 2020 14:15:37 GMT; secure; httponly sid=1:C2oF+r1oGGD6XDP1kAo+TjtnZQnuRW1sq9xbIkj5tSSJKOlOK0tPJutxRrAzpSAE; path=/; expires=Sat, 29 Aug 2020 14:15:37 GMT; secure; httponly
sepia-upstream: production
x-frame-options: allow-from medium.com
medium-fulfilled-by: lite/master-20190829-221926-ca6dddf1cd, rito/master-20190829-223538-45d72199e2, tutu/38478-ca6dddf
etag: W/"24a98-bhIW+GC2AomIsPN8jY4IjBJUDX0"
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 862

Redirect headers

status: 302
date: Fri, 30 Aug 2019 14:15:37 GMT
content-type: application/octet-stream
set-cookie: __cfduid=dbda39c1c90f89977f38a466046c9311c1567174536; expires=Sat, 29-Aug-20 14:15:36 GMT; path=/; domain=.medium.com; HttpOnly uid=lo_yZpzxu1e6U2M; Expires=Sat, 29-Aug-20 14:15:36 GMT; Domain=.medium.com; Path=/; Secure; HttpOnly sid=1:WBcBhFc8FRzurSlSj5fyr2Q/0B7GJGvT70vsjkiPXyD/pHs+aS57u6DF+8I+mGZF; path=/; expires=Sat, 29 Aug 2020 14:15:36 GMT; domain=.medium.com; secure; httponly __cfruid=b180f5150d7f336398ce6f4f19edb8433a371909-1567174537; path=/; domain=.medium.com; HttpOnly
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
x-powered-by: Medium
x-obvious-tid: 1567174536950:770127b2de13
x-obvious-info: 38478-ca6dddf,ca6dddf1cd7
link: <https://medium.com/humans.txt>; rel="humans"
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
pragma: no-cache
tk: T
location: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
strict-transport-security: max-age=15552000; includeSubDomains; preload
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 50e760b779cfcbc8-VIE

GET
H2 200 m2.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 44 KB
29 KB 60ms
27ms Stylesheet
text/css 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1801
status: 200
access-control-max-age: 86400
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 50e760c0095a8c6e-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 30 Aug 2019 18:15:38 GMT

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/304/ 7 KB
7 KB 57ms
25ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/304/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1486362
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6883
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c00921cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 0*6mGXmQSDMYyKuVUK.jpg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 58ms
27ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/0*6mGXmQSDMYyKuVUK.jpg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

5f12c6dcb8d2cd38186eefce73b01d998e15e46cdeef1f95ed805ca3492ec18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69034
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3660
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c00922cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*iqIUWWFdzyrQ6EWi-AxjQg.png
miro.medium.com/max/60/ 1 KB
1 KB 39ms
34ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*iqIUWWFdzyrQ6EWi-AxjQg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

395a2c43bcb3a28bbe411d71c19f1b62810a436e3d0daa9b60501880e289cfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1375
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c0499acbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*dS-HNMsFs2hZLuVQPFYp7w.png
miro.medium.com/max/60/ 1 KB
1 KB 32ms
28ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*dS-HNMsFs2hZLuVQPFYp7w.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

4ce2841fc2d2f13fb8022d3c0d5391833ccd67145a3116e4e2ea4b91a416d9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1291
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c0499dcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*ds_YNwgoD2x2aHen34E5qg.png
miro.medium.com/max/60/ 3 KB
3 KB 27ms
23ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ds_YNwgoD2x2aHen34E5qg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

0257393926cc92a6168f50b5420d5dd36a3900514303e184b0536015ae4821c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2776
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c0499ecbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*E6ssFlHFmAddso_5eMeWMQ.png
miro.medium.com/max/60/ 2 KB
2 KB 35ms
31ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*E6ssFlHFmAddso_5eMeWMQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

5300bec6a9066b2faef549bc31c12ca942072c585928121c1214cad73d82756d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2049
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c0499fcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*GTMASA1mUM7uxlKgcsW1Ag.png
miro.medium.com/max/60/ 1 KB
2 KB 40ms
36ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*GTMASA1mUM7uxlKgcsW1Ag.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

c238a1318356d91e97fdb8a45fe6a679e9a41325063293ac1255862a3d84b6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1491
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a0cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*T34pYig7on9LTnd6OUvAig.png
miro.medium.com/max/60/ 2 KB
2 KB 37ms
33ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*T34pYig7on9LTnd6OUvAig.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

31d01ffff8ea12cab31db230d664282fb7bd4286fa303cc4132d7ef609d93374

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2305
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a1cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*vFLPWzdrGw9FOp07Fj5u0Q.png
miro.medium.com/max/60/ 1 KB
2 KB 33ms
29ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*vFLPWzdrGw9FOp07Fj5u0Q.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

9d1b740bc0694bdce670fafcbe5bd2c8c836cc0703c7426af44d08140f4e1486

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1525
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a2cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*bR-f37IXsXsr4E78db4RHg.png
miro.medium.com/max/60/ 2 KB
3 KB 32ms
28ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*bR-f37IXsXsr4E78db4RHg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

d039d990d997ebb90371c809a91906a0e0c662c5fed35d3489dfe389f003b31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2519
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a4cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*t_GmxQKpHsghXtR-Z9uMJQ.png
miro.medium.com/max/48/ 3 KB
3 KB 33ms
29ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/48/1*t_GmxQKpHsghXtR-Z9uMJQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

ff5da06cd407767f986714b6ba52d018e72cbab3cca07f9e90d8d0890a175927

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3304
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a5cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*PXBElU0JXLqrTFQpNF-8Yw.png
miro.medium.com/max/60/ 754 B
822 B 33ms
30ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*PXBElU0JXLqrTFQpNF-8Yw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

0eb93e719feadfd56f370b3fd7e1eea6ab964affe02e6ced60f64cfde8ac677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 754
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a7cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*1FymRjpBgcpLatVP8U9iQg.png
miro.medium.com/max/60/ 885 B
953 B 33ms
29ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*1FymRjpBgcpLatVP8U9iQg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

fd46b31d57f356ab6317f06482b9057b4633f32473bea3c1ecdafc8fd52e924f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66995
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 885
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a8cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 0*6mGXmQSDMYyKuVUK.jpg
miro.medium.com/fit/c/160/160/ 7 KB
7 KB 35ms
32ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/0*6mGXmQSDMYyKuVUK.jpg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

2e565e34d56c198ae9f028652bb2fc0a04794fe1bf183418c8df916f3e82f96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 170235
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3199-1f885a6
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 7376
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049a9cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/160/160/ 6 KB
7 KB 57ms
54ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 111645
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6539
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c049aacbd0-VIE
expires: Sun, 29 Sep 2019 14:15:38 GMT

GET
H2 200 manifest.561566dd.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 47ms
32ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.561566dd.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4518a733cfa9d9c3339a678c125e957b43322e952f8f740c40a83044329484fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56124
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: CD7108897DF03A8D
x-amz-id-2: nd/Twrn2MllJYYhvwh9dwL3fL9QKY1pyUL1uM2oj2H3jdYmMFXOMRF72Dxx2gaQlXsn38J4atik=
last-modified: Thu, 29 Aug 2019 22:24:48 GMT
server: cloudflare
etag: W/"90c05d5a9c1a9a4f3a526731317e77c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: J_VkslJAhVPgkYJAHwmhsfELEAQivL_H
cache-control: public, max-age=31536000
cf-ray: 50e760c059accbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 vendors~main.4cf1ac76.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 801 KB
209 KB 49ms
35ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3371f6a046e6e7f06b5428ff6598abea3026a9a4ccb7abfe5f1526a2a16a774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 580764
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: C7D86F885BED8618
x-amz-id-2: YJlRVU6XzCVaPYo5k9gcUzOOVEMj5ggte7wp5kAZDY0vqcUlE/Jp3NkjF+vD0k2mOpkli2sgVyY=
last-modified: Fri, 23 Aug 2019 20:54:40 GMT
server: cloudflare
etag: W/"d46ab31496a6b01ee3eab257a9c12423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vY5fE_RInQKClHaBrWHp_FGgTy_9G1cy
cache-control: public, max-age=31536000
cf-ray: 50e760c069d0cbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 main.5ac1b058.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 348 KB
84 KB 46ms
39ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.5ac1b058.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a9731b20f904b25418dd1b3b7945a4a19a2030a7846b0ab5424877cae93839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56124
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 3EE99B51835EA99F
x-amz-id-2: Hee7zm5uYUwQVY7h/MuBrBYDsFOaY45RrxNfNQdZDggcgTOJitE/anfYNxb2p/LlXshz+y0iWuM=
last-modified: Thu, 29 Aug 2019 22:24:47 GMT
server: cloudflare
etag: W/"adfdb4442d6ac53570d7f67007763456"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: YynUUnpZBOtVdI1JSVZ.uXP4DjdGIj8U
cache-control: public, max-age=31536000
cf-ray: 50e760c059adcbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 vendors~screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~~b319665e.f2be28a6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 34 KB
15 KB 42ms
35ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~~b319665e.f2be28a6.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

81ab67a50a01c52c9cffc2a0fd8579dd4cbdcd41bb6fe4a7754d2bac02cfad65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 162718
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 66729C246ADAF873
x-amz-id-2: QR20wLfdrPvkotdvTeClYzQKVF2SuikIFSvcm/wOtabQ8bmRszh8HTJ/HIarSDjHTu3oztGeX60=
last-modified: Wed, 17 Jul 2019 16:46:30 GMT
server: cloudflare
etag: W/"23e34e999de903dca6d0f87ef9d52146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: tpvIBvcLxTFWEWeNwKS73HBJUi32agUY
cache-control: public, max-age=31536000
cf-ray: 50e760c069d2cbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.6a9d0afe.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 47 KB
15 KB 40ms
33ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.6a9d0afe.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

101f4c4d4e2b1a7c91fdc562403f04cd363d88bbdfd9cd74ed97b0f353411577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56124
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: F2DC292ED923A0DB
x-amz-id-2: pEYxJxR9WFalvxSgis/iks4EJUw97IxTdZVtKF/tATneeJHMK3HFH9cEJBgshUgsv+lhZWkfNwU=
last-modified: Thu, 29 Aug 2019 22:24:51 GMT
server: cloudflare
etag: W/"b0aa14c7c8a73c9e524e487129685264"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: d.2fb.AiuzhGuQ173LE3QNvX3w4Qho84
cache-control: public, max-age=31536000
cf-ray: 50e760c069cdcbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~screen.s~5e114ebe.815c0090.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 117 KB
31 KB 48ms
41ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~screen.s~5e114ebe.815c0090.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9843491026d7704369f1ca62660e37024acb4d244af3673530f45e0931e73462

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56124
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 40E6BBF3E43DFDE3
x-amz-id-2: ecqfd1kxP0qUP6gNQgbFvBxXko7gQZfGfTtOIaMVclGyv3cSebce3K7hrHorcgRaQOkl8dXV3qQ=
last-modified: Thu, 29 Aug 2019 22:24:49 GMT
server: cloudflare
etag: W/"0f5a8fdcaf4d30f39d36f7ea7fe6b4c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: U6OqTYAAuztJFaDRiKThF.d98d8eJY4D
cache-control: public, max-age=31536000
cf-ray: 50e760c069cecbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 screen.post~screen.post.amp~screen.sequence.post.852aa760.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 117 KB
29 KB 27ms
25ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post~screen.post.amp~screen.sequence.post.852aa760.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3415ab182bf0f1d33ce0618bf8a8fa53099c6056486e5317c88426d994d3bf69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56124
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 499902A1A401A45F
x-amz-id-2: coftIBYV3oxkFLABFKXfMS/wFvcKK04KPx/8Uy+GrcmGKnFHHIHCfPoui1M76LmrglaINfaj+7Q=
last-modified: Thu, 29 Aug 2019 22:24:52 GMT
server: cloudflare
etag: W/"eeeef74de6dc20c8b3ef40860942b2c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: TvPvqeiGdQzelLirrwtaXnoDJBMJFWBo
cache-control: public, max-age=31536000
cf-ray: 50e760c08a20cbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 screen.post.0c66c2aa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 51 KB
16 KB 26ms
25ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post.0c66c2aa.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

675701eeb8ebeb3f538ad6a67c46b4d8d6ac7825be26d23020f57be17bc4504f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56124
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 4B21AB3760B46D1D
x-amz-id-2: MQ1hMfwUjgmd7Is+TU3NfWdTmCwTLKMU6+wDfKLi4mxZSvII4AsiVYF7MB32hV4irbVhoKZxS/I=
last-modified: Thu, 29 Aug 2019 22:24:49 GMT
server: cloudflare
etag: W/"291944db66e7fccd1ff35cfafbe34913"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: wxDfCYYC4ACydTJprYL3QM7tN_E_gXh3
cache-control: public, max-age=31536000
cf-ray: 50e760c08a23cbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5524
date: Fri, 30 Aug 2019 12:43:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Fri, 30 Aug 2019 14:43:34 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 71 KB
22 KB 28ms
7ms Script
text/javascript 13.35.253.62
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-62.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eacb0667ab0b3b2bf3709448351d1cf4abf76aaa0febd955cafa892408cfc421

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: niwfoqhU_AnqkvtSMs5r0ZFpRVGmQSMv
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 09 Jul 2019 22:22:17 GMT
Server: AmazonS3
Age: 267
ETag: "4f18667a379e69fb939087b1fe6d8a31"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Fri, 30 Aug 2019 14:11:11 GMT
X-Amz-Cf-Pop: FRA6-C1
Content-Length: 21695
X-Amz-Cf-Id: 33cy3y0hQ_JPooZnr-XsoyYWWs0jgN2njNtREh64GNnTghH4-1vM2Q==

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173

Request headers

Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
14 KB 75ms
42ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3916887
status: 200
access-control-max-age: 86400
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 50e760c09f49cba0-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 76ms
43ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62863
status: 200
access-control-max-age: 86400
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 50e760c09f4ccba0-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 marat-sans-300-italic.woff
glyph.medium.com/font/24e0824/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 63ms
32ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/24e0824/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/marat-sans-300-italic.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84a548a3f01f6d92045be9ae44e89520ed11505928139d831749385a36aee74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3380477
status: 200
access-control-max-age: 86400
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 50e760c09f4acba0-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 62ms
31ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57049
status: 200
access-control-max-age: 86400
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 50e760c09f4dcba0-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 marat-sans-400-normal.woff
glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 14 KB
14 KB 51ms
32ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57049
status: 200
access-control-max-age: 86400
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 50e760c09f4fcba0-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1778362366&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1%3Fsource%3Drss----f05f8696e3cc---4%257C%26gi%3D12770cdb30fa&ul=en-us&de=UTF-8&dt=Avira%20Optimizer%20Local%20Privilege%20Escalation%20-%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=2006574786&gjid=69139509&cid=1739741830.1567174538&tid=UA-24232453-2&_gid=1896597155.1567174538&_r=1&z=961554164

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2019 14:15:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
728 B 177ms
156ms Script
text/javascript 2600:9000:2057:3400:19:9934:6a80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.50.2&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:3400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

b7f9ec6f1a72457bf8e7344a066a281bd84ed279a77cc006f0127d05f682b515

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 30 Aug 2019 14:15:38 GMT
Via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA6-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-Ixubmys9jxLCUd6CHSR0CiWHK+Y"
X-Amz-Cf-Id: F7H2j0RnUijT678FKeEaAB7d6XRCmByziZRAmXw-ZWkke5-txAT9sQ==

POST
H2 200 client-ready Show response
posts.specterops.io/_/lite/performance/ 2 B
243 B 108ms
108ms Fetch
text/plain 52.1.173.203
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/client-ready

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5ac1b058.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-173-203.compute-1.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
medium-fulfilled-by: lite/master-20190829-221926-ca6dddf1cd
x-envoy-upstream-service-time: 1
content-length: 2

GET
H2 200 vendors~tracing.9f9c73c5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 36ms
35ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~tracing.9f9c73c5.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.561566dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd09be184b9062495023bb42ce6a19f99465b0b9169cd065894ca7726dc43908

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 580763
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 8223ADB44D032B13
x-amz-id-2: 750Ertrfng0uSNAHZ9wVz+K1Rs3bjbs/UomEVnpALS2iNl1YRzMMavK/mha46wjgWY9Mtb9wcVs=
last-modified: Fri, 23 Aug 2019 20:54:41 GMT
server: cloudflare
etag: W/"8c190a054ed94053dfb9a683572b9ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: wzPJT5SuVLzwDg6o3gTQtBiXRBvwF9YS
cache-control: public, max-age=31536000
cf-ray: 50e760c30f05cbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

GET
H2 200 tracing.8c63ed59.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 30ms
30ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/tracing.8c63ed59.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.561566dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7220bc5ca535a9e53cf58eaf8499ab5c43819537d8271f3314a4ce4c54216a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 580763
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 801EB40E965EDDC7
x-amz-id-2: 8xKJXVM0Poua2hTeExrJsMx3uUFIAXtTMxWlg+3gSMPCpyi8sp6+fD3ROw1UvpLPohnguvXwT0k=
last-modified: Fri, 23 Aug 2019 20:54:40 GMT
server: cloudflare
etag: W/"53beb61b8a243d55137dd802695cc6c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: U2dFTPn6I5Lif3E1Cl_QRfacdl4N29xa
cache-control: public, max-age=31536000
cf-ray: 50e760c30f06cbd0-VIE
expires: Sat, 29 Aug 2020 14:15:38 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 94 B
316 B 269ms
268ms Fetch
application/json 52.1.173.203
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-173-203.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 341d08ef1d66623c648bad3f96adff6d949a2d6cae766fe7db4375d7e84bbf6d

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
Medium-Frontend-App: lite/master-20190829-221926-ca6dddf1cd
apollographql-client-version: master-20190829-221926-ca6dddf1cd
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
sepia-upstream: production
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
medium-fulfilled-by: rito/master-20190829-223538-45d72199e2, tutu/38478-ca6dddf
x-envoy-upstream-service-time: 157
content-length: 94
x-request-received-at: 1567174539094

POST
H2 200 graphql Show response
posts.specterops.io/_/ 4 KB
1 KB 547ms
547ms Fetch
application/json 52.1.173.203
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-173-203.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 561a45e3a26f32c722e01b08faf66fbd21691206f6363fdeddb909833d6a8d2d

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Graphql-Operation: PostRecircQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
Medium-Frontend-App: lite/master-20190829-221926-ca6dddf1cd
apollographql-client-version: master-20190829-221926-ca6dddf1cd
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
content-encoding: gzip
sepia-upstream: production
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
medium-fulfilled-by: rito/master-20190829-223538-45d72199e2, tutu/38478-ca6dddf
x-envoy-upstream-service-time: 361
x-request-received-at: 1567174539186

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 41 KB
17 KB 42ms
7ms Script
application/x-javascript 13.35.254.41
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5ac1b058.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-41.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 2ec3f1be2d2113c8735e56370fd02cd5171467e03711eb3aa73685991657a8c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 30 Aug 2019 00:27:54 GMT
Content-Encoding: gzip
Age: 50010
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Sat, 08 Jun 2019 00:02:21 GMT
Server: nginx
ETag: "5cfafb0d-a4fb"
Content-Type: application/x-javascript
Via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: 1bZjQt0IBvpl_NTKqkUJJaztHF_W_sVe8okbQKsy3vL_7oRIBxxVXg==
Expires: Sat, 31 Aug 2019 00:22:09 GMT

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/152/ 3 KB
3 KB 25ms
20ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/152/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

a57e16ea62acdc89a8b4e6defed5ac7097955913d59f667b8a0b6dc2866588c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106537
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3171
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd35cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 0*6mGXmQSDMYyKuVUK.jpg
miro.medium.com/fit/c/48/48/ 1 KB
2 KB 125ms
121ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/48/48/0*6mGXmQSDMYyKuVUK.jpg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

23302e86d404a2a4f0fd5aa96f2dddfa635dc782be934cee27220d32fa7b3fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1506
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd36cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*iqIUWWFdzyrQ6EWi-AxjQg.png
miro.medium.com/max/30/ 467 B
534 B 135ms
131ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*iqIUWWFdzyrQ6EWi-AxjQg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

7e6688bd2c09d92066265732de01ff5375e941237e5173571d523eaf28a376ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 467
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd39cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*dS-HNMsFs2hZLuVQPFYp7w.png
miro.medium.com/max/30/ 392 B
459 B 147ms
143ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*dS-HNMsFs2hZLuVQPFYp7w.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

3a724286da11967fe58cecf8fc85e434bc72d9769371107814850da79025619f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 392
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd3acbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*ds_YNwgoD2x2aHen34E5qg.png
miro.medium.com/max/30/ 986 B
1 KB 143ms
139ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*ds_YNwgoD2x2aHen34E5qg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

d34e2d252d717d55d95849fa15330342d86c1df2de4fdf270b926debc63e7653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 986
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd3bcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*E6ssFlHFmAddso_5eMeWMQ.png
miro.medium.com/max/30/ 735 B
802 B 170ms
166ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*E6ssFlHFmAddso_5eMeWMQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

5251bc7240646740067357a6b5fd43756abf29aa33f4170367cd1460a96d130e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 735
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd3dcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*GTMASA1mUM7uxlKgcsW1Ag.png
miro.medium.com/max/30/ 590 B
662 B 134ms
130ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*GTMASA1mUM7uxlKgcsW1Ag.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

66954136a5219d9d3bb42129e6854da128ed182a78e055b60745e6e91b463303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 590
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd3ecbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*T34pYig7on9LTnd6OUvAig.png
miro.medium.com/max/30/ 728 B
795 B 126ms
123ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*T34pYig7on9LTnd6OUvAig.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

8c4eae716b9ffa515906c95a8e365cbeea24a2ccf6afcef78baa95afed9a5d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 728
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd3fcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*vFLPWzdrGw9FOp07Fj5u0Q.png
miro.medium.com/max/30/ 710 B
791 B 125ms
122ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*vFLPWzdrGw9FOp07Fj5u0Q.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

d3b4b8bc4fa11f8d5c8e327202022097d7035c282666c2df732766c3db0eb737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 710
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd40cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*bR-f37IXsXsr4E78db4RHg.png
miro.medium.com/max/30/ 874 B
966 B 127ms
124ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*bR-f37IXsXsr4E78db4RHg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

2f90cdad50cb41bc99f32237d02b372daf6793c9440b22ed7d11c04c792663e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 874
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd41cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*t_GmxQKpHsghXtR-Z9uMJQ.png
miro.medium.com/max/24/ 1 KB
1 KB 134ms
132ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/24/1*t_GmxQKpHsghXtR-Z9uMJQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

558fa48b367b6610665699d69487664241b4d9544e929e5e9af56928b277f3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1054
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5cd42cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*PXBElU0JXLqrTFQpNF-8Yw.png
miro.medium.com/max/30/ 289 B
356 B 142ms
140ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*PXBElU0JXLqrTFQpNF-8Yw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

cda9040e4bb4fd4764b5b859e905aac5b26ba75208e4fa8295e92db22d644a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 289
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5dd63cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*1FymRjpBgcpLatVP8U9iQg.png
miro.medium.com/max/30/ 302 B
368 B 154ms
152ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*1FymRjpBgcpLatVP8U9iQg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

339695ed9020d2a965d7c78e9ef7b87f89588116f14a87cf82da73dbfb6ea48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 302
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5dd66cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 0*6mGXmQSDMYyKuVUK.jpg
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 40ms
38ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/0*6mGXmQSDMYyKuVUK.jpg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

4c07cc7cb44a6f46fed0ecc0df157c0a08a5ddf8e41410784cbed705db875104

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66992
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2731
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5dd67cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 34ms
32ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106536
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2735
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5dd68cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
13ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1778362366&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&ul=en-us&de=UTF-8&dt=Avira%20Optimizer%20Local%20Privilege%20Escalation%20-%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEDAAEAB~&jid=617378474&gjid=1455009205&cid=1739741830.1567174538&tid=UA-102239211-2&_gid=1896597155.1567174538&_r=1&z=109039994

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1*iqIUWWFdzyrQ6EWi-AxjQg.png
miro.medium.com/max/1296/ 147 KB
147 KB 163ms
162ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1296/1*iqIUWWFdzyrQ6EWi-AxjQg.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

94cbd20a93eb2258410e2b579d7c8def67d31bb848d53510a8810fa102aac793

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 150785
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5ed6ccbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*dS-HNMsFs2hZLuVQPFYp7w.png
miro.medium.com/max/1088/ 13 KB
13 KB 142ms
141ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1088/1*dS-HNMsFs2hZLuVQPFYp7w.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

792b775639f5faa173b24ec9457e67dbf31ca2ed17e197455f4177bc9c65720c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3202-b3dbcc5
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 13269
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c5ed6dcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
598 B 194ms
177ms XHR
application/json 2600:9000:2057:6800:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: dafe14d30fc96169ca4fecfae77eb7714c91bf34ee65fb6e45585f02071ecb62

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA6-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 312
x-amz-cf-id: kZ_Xrpj38EU2qHmw442-inQINa1SFXIfLqWGtU6lM9w7Xkdc_ryglg==

GET
H/1.1 200
OK / Show response
srv-2019-08-30-14.pixel.parsely.com/start/ 77 B
380 B 387ms
96ms Script
application/json 3.218.228.228
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2019-08-30-14.pixel.parsely.com/start/?rand=1567174539215&plid=24470616&idsite=medium.com&url=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1%3Futm_medium%3Drss&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1&sref=&sts=1567174539191&slts=0&title=Avira+Optimizer+Local+Privilege+Escalation+-+Posts+By+SpecterOps+Team+Members&date=Fri+Aug+30+2019+16%3A15%3A39+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=8407245&callback=parselyStartCallback
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.228.228 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-218-228-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e143096a839874c21ac7ea192a36a8d5fc62d076847e649c818aa400a28a9c4c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 30 Aug 2019 14:15:39 GMT
Server: nginx
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Length: 77
Content-Type: application/json

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
359 B 170ms
169ms XHR
application/json 2600:9000:2057:6800:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: TJ9Ehxizn28Y7pxT1447VmixUk03uPxFHhau0AfbhvcYmm-jHfJhJQ==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
360 B 555ms
555ms XHR
application/json 2600:9000:2057:6800:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: 2PO3ygdh-a4kFn0l28VK1x5fZYuvUwaFQFYiGV1lEcKqr57CKEHs-w==

GET
H2 200 1*9WbXEpOxOhaMq99CwG1ESQ.png
miro.medium.com/fit/c/40/40/ 3 KB
4 KB 28ms
27ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*9WbXEpOxOhaMq99CwG1ESQ.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

5f02985da4d4892097c8777c56606f2ba27a3114c534e19e659679661dc0841f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154095
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3547
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c8dc0bcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*HUuIXzzmiLidwQHi6Hd3nw.jpeg
miro.medium.com/fit/c/40/40/ 1 KB
1 KB 23ms
23ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*HUuIXzzmiLidwQHi6Hd3nw.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

dcc0a191c6382c7f6cf4e206dc7397174d03e8402883f9bd699399107232f316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106532
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1422
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c8dc0dcbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 0*6mGXmQSDMYyKuVUK.jpg
miro.medium.com/fit/c/40/40/ 1 KB
1 KB 23ms
22ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/0*6mGXmQSDMYyKuVUK.jpg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

8adc9714b03a7fcf0893913cb5a9b828e093ae2caa2a555b0753f6d8c60fb2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106532
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1428
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c8dc0ecbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 0*ji6keNd2kNMsDi-Z.png
miro.medium.com/max/328/ 20 KB
20 KB 22ms
22ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/328/0*ji6keNd2kNMsDi-Z.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

45cd32e37b92d25fe2955bcfc835e4de6f2b604470fba5730739fefe0375bfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86561
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 20533
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c8ec18cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*dy7MvBD79mkCTajDbSssBw.jpeg
miro.medium.com/max/328/ 21 KB
21 KB 34ms
33ms Image
image/jpeg 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/328/1*dy7MvBD79mkCTajDbSssBw.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

414da0483803cf8d292a313b5cbbe7bfcb09b7b75349402fd7ce218c0d913367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106531
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 21466
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c8ec19cbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 1*_yKdMthPwVpKYyHZnvrKJQ.png
miro.medium.com/max/328/ 56 KB
56 KB 25ms
25ms Image
image/png 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/328/1*_yKdMthPwVpKYyHZnvrKJQ.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

2704176598d62aee26360a6fdb451049b0e73431d6b158da7a2eb5ccc01a5473

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1?source=rss----f05f8696e3cc---4%7C&gi=12770cdb30fa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1433236
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 57184
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 50e760c8ec1acbd0-VIE
expires: Sun, 29 Sep 2019 14:15:39 GMT

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 19 KB
19 KB 30ms
29ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/fell-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087316f29690e0a35f6642721fb9bf8d05bb9cbac3bbb30c822ba878ff7965d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 96296
status: 200
access-control-max-age: 86400
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 50e760c8ead3cba0-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 29 Aug 2020 14:15:39 GMT

POST
H2 200 render Show response
posts.specterops.io/_/lite/performance/ 2 B
243 B 110ms
109ms Fetch
text/plain 52.1.173.203
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/render

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5ac1b058.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-173-203.compute-1.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2019 14:15:39 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
medium-fulfilled-by: lite/master-20190829-221926-ca6dddf1cd
x-envoy-upstream-service-time: 1
content-length: 2

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 95ms
94ms XHR
application/json 54.164.222.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.222.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-222-146.compute-1.amazonaws.com
Software: /
Resource Hash: a5b1b46b5c226d706eaedbc88bf86c26b6b423c78b0b33d6772689575b2e5726

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2019 14:15:40 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 97ms
97ms XHR
application/json 54.164.222.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.222.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-222-146.compute-1.amazonaws.com
Software: /
Resource Hash: df61cd8901f736487bc837f72912e1164f3c959b26db4890defb4c37c494515a

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2019 14:15:41 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 99ms
99ms XHR
application/json 54.164.222.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.222.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-222-146.compute-1.amazonaws.com
Software: /
Resource Hash: 15de75188395b1e8d2854009906429faeb95604499a82a2e02b158dbd73b3a1b

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2019 14:15:42 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 96ms
96ms XHR
application/json 54.164.222.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.222.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-222-146.compute-1.amazonaws.com
Software: /
Resource Hash: d85012bdfeed87d2da7de605efcf0355a4822c09008f90f02079841f9b800ff8

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2019 14:15:42 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST
H2 409 batch
posts.specterops.io/_/ 10 KB
0 148ms
148ms Fetch
text/html 52.1.173.203
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5ac1b058.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-173-203.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://getpocket.com https://posts.specterops.io https://.posts.specterops.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://posts.specterops.io https://*.posts.specterops.io https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 38478-ca6dddf,ca6dddf1cd7
status: 409
content-length: 10152
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1567174544103:22b972039219
server: nginx
date: Fri, 30 Aug 2019 14:15:44 GMT
x-frame-options
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 95ms
95ms XHR
application/json 54.164.222.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4cf1ac76.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.222.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-222-146.compute-1.amazonaws.com
Software: /
Resource Hash: 14e288661c72b1d2a9a44295e18e6e8dff0edd6cb2bcd437d6bde1e261d58267

Request headers

Sec-Fetch-Mode: cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Fri, 30 Aug 2019 14:15:44 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

GET
H/1.1 200
OK /
srv-2019-08-30-14.pixel.parsely.com/event/ 43 B
385 B 291ms
97ms Image
image/gif 3.218.228.228
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2019-08-30-14.pixel.parsely.com/event/?rand=1567174549695&plid=24470616&idsite=medium.com&url=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1%3Futm_medium%3Drss&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fposts.specterops.io%2Favira-optimizer-local-privilege-escalation-af109b7df5b1%3Futm_medium%3Drss&sref=&sts=1567174549695&slts=0&date=Fri+Aug+30+2019+16%3A15%3A49+GMT%2B0200+(Central+European+Summer+Time)&action=heartbeat&inc=5&tt=4900&pvid=8407245&u=pid%3D934b63e90845f26ed27bcea63ed953cc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.228.228 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-218-228-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 30 Aug 2019 14:15:49 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
posts.specterops.io/	1970-01-19 03:29:39	Name: lightstep_session_id Value: 1d409c7c2d948a49
posts.specterops.io/	1970-01-19 03:29:39	Name: lightstep_guid/lite-web Value: 330794e0131bccf9
.specterops.io/	1970-01-19 03:19:34	Name: _gat_tracker0 Value: 1
.specterops.io/	1970-01-19 12:48:58	Name: _parsely_visitor Value: {%22id%22:%22pid=934b63e90845f26ed27bcea63ed953cc%22%2C%22session_count%22:1%2C%22last_session_ts%22:1567174539191}
.specterops.io/	1970-01-19 03:19:36	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af109b7df5b1%22%2C%22sref%22:%22%22%2C%22sts%22:1567174539191%2C%22slts%22:0}
posts.specterops.io/	1970-01-19 12:05:10	Name: uid Value: lo_yZpzxu1e6U2M
.specterops.io/	1970-01-19 03:19:34	Name: _gat Value: 1
.specterops.io/	1970-01-19 03:21:00	Name: _gid Value: GA1.2.1896597155.1567174538
.specterops.io/	1970-01-19 20:50:46	Name: _ga Value: GA1.2.1739741830.1567174538
posts.specterops.io/	1970-01-19 12:05:10	Name: sid Value: 1:C2oF+r1oGGD6XDP1kAo+TjtnZQnuRW1sq9xbIkj5tSSJKOlOK0tPJutxRrAzpSAE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.5ac1b058.chunk.js(Line 1) Message: -+++++= .+++++= .+@@@@@+ #@@@@: .@@@@@= @@@@@ @+@@@@- =#@@@@@ @ +@@@@: :% @@@@@ @ @@@@-%: @@@@@ @ @@@@- @@@@@ -@- #@@+ :@@@@@: -#@@@#- ## =@@@@@@@= ....... .........
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.5ac1b058.chunk.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	allow-from medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
collector-medium.lightstep.com
d1z2jf7jlzjs58.cloudfront.net
glyph.medium.com
medium.com
miro.medium.com
posts.specterops.io
srv-2019-08-30-14.pixel.parsely.com
www.google-analytics.com
13.35.253.62
13.35.254.41
2600:9000:2057:3400:19:9934:6a80:93a1
2600:9000:2057:6800:11:f728:3040:93a1
2606:4700::6810:787f
2606:4700::6810:7991
2a00:1450:4001:81a::200e
3.218.228.228
52.1.173.203
54.164.222.146
0257393926cc92a6168f50b5420d5dd36a3900514303e184b0536015ae4821c5
087316f29690e0a35f6642721fb9bf8d05bb9cbac3bbb30c822ba878ff7965d8
087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6
0eb93e719feadfd56f370b3fd7e1eea6ab964affe02e6ced60f64cfde8ac677d
101f4c4d4e2b1a7c91fdc562403f04cd363d88bbdfd9cd74ed97b0f353411577
12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192
14e288661c72b1d2a9a44295e18e6e8dff0edd6cb2bcd437d6bde1e261d58267
15de75188395b1e8d2854009906429faeb95604499a82a2e02b158dbd73b3a1b
23302e86d404a2a4f0fd5aa96f2dddfa635dc782be934cee27220d32fa7b3fda
2704176598d62aee26360a6fdb451049b0e73431d6b158da7a2eb5ccc01a5473
2e565e34d56c198ae9f028652bb2fc0a04794fe1bf183418c8df916f3e82f96a
2ec3f1be2d2113c8735e56370fd02cd5171467e03711eb3aa73685991657a8c0
2f90cdad50cb41bc99f32237d02b372daf6793c9440b22ed7d11c04c792663e8
31d01ffff8ea12cab31db230d664282fb7bd4286fa303cc4132d7ef609d93374
339695ed9020d2a965d7c78e9ef7b87f89588116f14a87cf82da73dbfb6ea48c
3415ab182bf0f1d33ce0618bf8a8fa53099c6056486e5317c88426d994d3bf69
341d08ef1d66623c648bad3f96adff6d949a2d6cae766fe7db4375d7e84bbf6d
386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572
38a2fb4ee85afc775c4ef29c716f7c905ff286aedf4c8e4c1d38b0c39d2c423f
395a2c43bcb3a28bbe411d71c19f1b62810a436e3d0daa9b60501880e289cfe1
3a724286da11967fe58cecf8fc85e434bc72d9769371107814850da79025619f
3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51
414da0483803cf8d292a313b5cbbe7bfcb09b7b75349402fd7ce218c0d913367
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
4518a733cfa9d9c3339a678c125e957b43322e952f8f740c40a83044329484fd
45cd32e37b92d25fe2955bcfc835e4de6f2b604470fba5730739fefe0375bfa1
4c07cc7cb44a6f46fed0ecc0df157c0a08a5ddf8e41410784cbed705db875104
4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173
4ce2841fc2d2f13fb8022d3c0d5391833ccd67145a3116e4e2ea4b91a416d9ed
5251bc7240646740067357a6b5fd43756abf29aa33f4170367cd1460a96d130e
5300bec6a9066b2faef549bc31c12ca942072c585928121c1214cad73d82756d
558fa48b367b6610665699d69487664241b4d9544e929e5e9af56928b277f3a6
561a45e3a26f32c722e01b08faf66fbd21691206f6363fdeddb909833d6a8d2d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f02985da4d4892097c8777c56606f2ba27a3114c534e19e659679661dc0841f
5f12c6dcb8d2cd38186eefce73b01d998e15e46cdeef1f95ed805ca3492ec18b
66954136a5219d9d3bb42129e6854da128ed182a78e055b60745e6e91b463303
675701eeb8ebeb3f538ad6a67c46b4d8d6ac7825be26d23020f57be17bc4504f
792b775639f5faa173b24ec9457e67dbf31ca2ed17e197455f4177bc9c65720c
7e6688bd2c09d92066265732de01ff5375e941237e5173571d523eaf28a376ec
81ab67a50a01c52c9cffc2a0fd8579dd4cbdcd41bb6fe4a7754d2bac02cfad65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a548a3f01f6d92045be9ae44e89520ed11505928139d831749385a36aee74c
8adc9714b03a7fcf0893913cb5a9b828e093ae2caa2a555b0753f6d8c60fb2ef
8c4eae716b9ffa515906c95a8e365cbeea24a2ccf6afcef78baa95afed9a5d10
94cbd20a93eb2258410e2b579d7c8def67d31bb848d53510a8810fa102aac793
9843491026d7704369f1ca62660e37024acb4d244af3673530f45e0931e73462
99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8
9d1b740bc0694bdce670fafcbe5bd2c8c836cc0703c7426af44d08140f4e1486
a3371f6a046e6e7f06b5428ff6598abea3026a9a4ccb7abfe5f1526a2a16a774
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a57e16ea62acdc89a8b4e6defed5ac7097955913d59f667b8a0b6dc2866588c2
a5b1b46b5c226d706eaedbc88bf86c26b6b423c78b0b33d6772689575b2e5726
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b7f9ec6f1a72457bf8e7344a066a281bd84ed279a77cc006f0127d05f682b515
c238a1318356d91e97fdb8a45fe6a679e9a41325063293ac1255862a3d84b6eb
c7220bc5ca535a9e53cf58eaf8499ab5c43819537d8271f3314a4ce4c54216a6
cda9040e4bb4fd4764b5b859e905aac5b26ba75208e4fa8295e92db22d644a42
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d039d990d997ebb90371c809a91906a0e0c662c5fed35d3489dfe389f003b31d
d34e2d252d717d55d95849fa15330342d86c1df2de4fdf270b926debc63e7653
d3b4b8bc4fa11f8d5c8e327202022097d7035c282666c2df732766c3db0eb737
d5a9731b20f904b25418dd1b3b7945a4a19a2030a7846b0ab5424877cae93839
d85012bdfeed87d2da7de605efcf0355a4822c09008f90f02079841f9b800ff8
dafe14d30fc96169ca4fecfae77eb7714c91bf34ee65fb6e45585f02071ecb62
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcc0a191c6382c7f6cf4e206dc7397174d03e8402883f9bd699399107232f316
dd09be184b9062495023bb42ce6a19f99465b0b9169cd065894ca7726dc43908
df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f
df61cd8901f736487bc837f72912e1164f3c959b26db4890defb4c37c494515a
e143096a839874c21ac7ea192a36a8d5fc62d076847e649c818aa400a28a9c4c
eacb0667ab0b3b2bf3709448351d1cf4abf76aaa0febd955cafa892408cfc421
ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
fd46b31d57f356ab6317f06482b9057b4633f32473bea3c1ecdafc8fd52e924f
ff5da06cd407767f986714b6ba52d018e72cbab3cca07f9e90d8d0890a175927

posts.specterops.io Open in urlscan Pro 52.1.173.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

50 %IPv6

8 Domains

12 Subdomains

10 IPs

2 Countries

975 kBTransfer

2374 kBSize

10 Cookies

38 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

posts.specterops.io Open in urlscan Pro
52.1.173.203 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

10
IPs

2
Countries

975 kB
Transfer

2374 kB
Size

10
Cookies

77 HTTP transactions
4 data transactions