doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Effective URL:
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
Submission: On September 30 via manual (September 30th 2022, 1:30:34 pm UTC) from GR — Scanned from DE

Summary HTTP 111 Redirects Links 88 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 111 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is doublepulsar.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 31st 2021. Valid for: a year.

This is the only time doublepulsar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	52.1.119.170 52.1.119.170	14618 (AMAZON-AES) (AMAZON-AES)
1 75	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b901:8229:c2bb:8e4c:3667	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.17.33 108.138.17.33	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.240.122 99.86.240.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:d200:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	54.86.227.14 54.86.227.14	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:249... 2600:9000:2491:3800:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
111	9

21 52.1.119.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-119-170.compute-1.amazonaws.com

doublepulsar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:8229:c2bb:8e4c:3667 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-33.fra56.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-122.vie50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:d200:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.86.227.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-227-14.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2491:3800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 9170 glyph.medium.com — Cisco Umbrella Rank: 19577 miro.medium.com — Cisco Umbrella Rank: 12172 cdn-client.medium.com — Cisco Umbrella Rank: 20545	2 MB
21	doublepulsar.com 1 redirects doublepulsar.com	53 KB
7	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 13982 api.sprig.com — Cisco Umbrella Rank: 8063	70 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 978 api2.branch.io — Cisco Umbrella Rank: 632	25 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 4588	182 B
1	app.link app.link — Cisco Umbrella Rank: 1728	595 B
111	7

	Domain	Requested by
44	cdn-client.medium.com	doublepulsar.com cdn-client.medium.com
23	miro.medium.com	doublepulsar.com cdn-client.medium.com
21	doublepulsar.com	1 redirects cdn-client.medium.com
7	glyph.medium.com	doublepulsar.com glyph.medium.com
6	api.sprig.com	cdn-client.medium.com
4	api2.branch.io	cdn-client.medium.com
2	www.google-analytics.com	doublepulsar.com cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	doublepulsar.com
1	cdn.sprig.com	doublepulsar.com
1	medium.com	1 redirects
111	12

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
www.gteltsc.vn
github.com
msrc-blog.microsoft.com
policy.medium.com
brightmoney.medium.com
symplocaceae1916.medium.com
cryptoblades.medium.com
help.medium.com
itunes.apple.com
play.google.com
blog.confiant.com
posts.specterops.io
medium.statuspage.io
about.medium.com
blog.medium.com
knowable.fyi

Subject Issuer	Validity	Valid
doublepulsar.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-31` - `2022-12-31`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-08-25` - `2022-11-23`	3 months	crt.sh
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
api.sprig.com Amazon	`2022-09-16` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
app.sprig.com Amazon	`2022-03-01` - `2023-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
Frame ID: 5F2664579AE8EDB7E4AB9AD5EF602230
Requests: 107 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProxyNotShell— the story of the claimed zero days in Microsoft Exchange | by Kevin Beaumont | Sep, 2022 | DoublePulsar

Page URL History Show full URLs

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell... HTTP 302
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

111
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

12
Subdomains

9
IPs

2
Countries

1739 kB
Transfer

4016 kB
Size

10
Cookies

88 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=---three_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F5c63d963a9e9&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderCollection&%7Estage=mobileNavBar&source=---three_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_nav-----------------------three_column_layout_nav-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_nav-----------------------three_column_layout_nav-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fnotifications&source=---three_column_layout_nav-----------------------notifications_sidenav-----------
Title: Notifications

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Flists&source=---three_column_layout_nav-----------------------lists_sidenav-----------
Title: Lists

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fstories%2Fdrafts&source=---three_column_layout_nav-----------------------stories_sidenav-----------
Title: Stories

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---three_column_layout_nav-----------------------new_post_sidenav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=-----5c63d963a9e9---------------------smart_meter-----------
Title: Sign up for Medium and get an extra one

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&user=Kevin+Beaumont&userId=7db6d2df42a6&source=post_page-7db6d2df42a6----5c63d963a9e9---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F5c63d963a9e9&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=--------------------------bookmark_header-----------

Search URL Search Domain Scan URL

URL: https://www.gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html
Title: Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server | Blog | GTSC — Cung cấp các dịch vụ bảo mật toàn diện (gteltsc.vn)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-CVE-2021-34473-SSRF
Title: ThreatHunting/Exchange-CVE-2021–34473-SSRF at master · GossiTheDog/ThreatHunting · GitHub

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-Powershell-via-SSRF
Title: ThreatHunting/Exchange-Powershell-via-SSRF at master · GossiTheDog/ThreatHunting · GitHub

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Title: blog post

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fdoublepulsar%2F5c63d963a9e9&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&user=Kevin+Beaumont&userId=7db6d2df42a6&source=-----5c63d963a9e9---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/doublepulsar/newsletters/cybersecurity-threat-context-and-response?source=newsletter_v3_promo--------------------------newsletter_v3_promo-----------
Title: Take a look.

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=newsletter_v3_promo--------------------------newsletter_v3_promo----------bf3adc545c1c-
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fbf3adc545c1c&operation=register&redirect=https%3A%2F%2Fmedium.com%2Fdoublepulsar%2Fnewsletters%2Fcybersecurity-threat-context-and-response&collection=DoublePulsar&collectionId=8343faddf0ec&newsletterV3=Cybersecurity+Threat+Context+and+Response&newsletterV3Id=bf3adc545c1c&user=Kevin+Beaumont&userId=7db6d2df42a6&source=--------------------------newsletter_v3_promo----------bf3adc545c1c-
Title: Get this newsletter

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fdoublepulsar%2F5c63d963a9e9&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&collection=DoublePulsar&collectionId=8343faddf0ec&source=post_page-----5c63d963a9e9---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----0----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/follina?source=post_page-----5c63d963a9e9---------------follina-----------------
Title: Follina

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F1a47fce5629e&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Ffollina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e&source=-----5c63d963a9e9----0-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page_footer_cta_write-------------------------------------
Title: Write on Medium

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----1----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/bpfdoor?source=post_page-----5c63d963a9e9---------------bpfdoor-----------------
Title: Bpfdoor

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F54b078f1a896&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fbpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896&source=-----5c63d963a9e9----1-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/proxyshell?source=post_page-----5c63d963a9e9---------------proxyshell-----------------
Title: Proxyshell

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=-----5c63d963a9e9----2-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----3----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----5c63d963a9e9---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F7a871c465fa5&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fhivenightmare-aka-serioussam-anybody-can-read-the-registry-in-windows-10-7a871c465fa5&source=-----5c63d963a9e9----3-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----5c63d963a9e9----4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cyberattack?source=post_page-----5c63d963a9e9---------------cyberattack-----------------
Title: Cyberattack

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F76e4ec6ec64b&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fkaseya-supply-chain-attack-delivers-mass-ransomware-event-to-us-companies-76e4ec6ec64b&source=-----5c63d963a9e9----4-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://brightmoney.medium.com/?source=post_internal_links---------0----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/illumination?source=post_internal_links---------0----------------------------
Title: ILLUMINATION

Search URL Search Domain Scan URL

URL: https://medium.com/illumination/fraud-is-on-the-rise-in-2022-more-women-as-targets-bright-1824e52595b6?source=post_internal_links---------0----------------------------
Title: Fraud is on the rise in 2022, more women as targets — Bright

Search URL Search Domain Scan URL

URL: https://symplocaceae1916.medium.com/?source=post_internal_links---------1----------------------------

Search URL Search Domain Scan URL

URL: https://symplocaceae1916.medium.com/update-shooting-range-hack-free-resources-generator-585d1018d05f?source=post_internal_links---------1----------------------------
Title: {UPDATE} Shooting Range Hack Free Resources Generator

Search URL Search Domain Scan URL

URL: https://medium.com/@ayushlucky?source=post_internal_links---------2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@ayushlucky/vulnhub-mission-pumpkin-v1-0-pumpkingarden-walkthrough-e9feea8db3fc?source=post_internal_links---------2----------------------------
Title: VULNHUB— MISSION-PUMPKIN V1.0: PUMPKINGARDEN WALKTHROUGH

Search URL Search Domain Scan URL

URL: https://cryptoblades.medium.com/?source=post_internal_links---------3----------------------------

Search URL Search Domain Scan URL

URL: https://cryptoblades.medium.com/the-kings-gathering-fead02e10774?source=post_internal_links---------3----------------------------
Title: The King’s gathering!

Search URL Search Domain Scan URL

URL: https://medium.com/@brianrcline?source=post_internal_links---------4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@brianrcline/setting-up-dkim-in-netsuite-c26908aeea10?source=post_internal_links---------4----------------------------
Title: Setting Up DKIM in NetSuite

Search URL Search Domain Scan URL

URL: https://medium.com/@dr.spitfire?source=post_internal_links---------5----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@dr.spitfire/whoa-this-is-not-a-vulnerability-3450843af72b?source=post_internal_links---------5----------------------------
Title: Whoa! This is not a vulnerability 😠

Search URL Search Domain Scan URL

URL: https://medium.com/@RomainCointepas?source=post_internal_links---------6----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/nextdns?source=post_internal_links---------6----------------------------
Title: NextDNS

Search URL Search Domain Scan URL

URL: https://medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a?source=post_internal_links---------6----------------------------
Title: CNAME Cloaking, the dangerous disguise of third-party trackers

Search URL Search Domain Scan URL

URL: https://medium.com/@strobeshq?source=post_internal_links---------7----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@strobeshq/transform-devops-to-devsecops-890c3488d9ee?source=post_internal_links---------7----------------------------
Title: Transform DevOps to DevSecOps

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----5c63d963a9e9--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----5c63d963a9e9--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----5c63d963a9e9--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----5c63d963a9e9--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----5c63d963a9e9--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_sidebar-----------------------three_column_layout_nav-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&source=post_page---three_column_layout_sidebar-----------------------three_column_layout_nav-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=---three_column_layout_sidebar----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&user=Kevin+Beaumont&userId=7db6d2df42a6&source=post_page-7db6d2df42a6--three_column_layout_sidebar-----------------------follow_profile-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fb4bad6c46577&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&newsletterV3=7db6d2df42a6&newsletterV3Id=b4bad6c46577&user=Kevin+Beaumont&userId=7db6d2df42a6&source=---three_column_layout_sidebar-----------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=read_next_recirc---three_column_layout_sidebar------0---------------------b58ba098_0334_4985_9580_b569c59edd59-------

Search URL Search Domain Scan URL

URL: https://medium.com/@giladisraeli92?source=read_next_recirc---three_column_layout_sidebar------1---------------------b58ba098_0334_4985_9580_b569c59edd59-------

Search URL Search Domain Scan URL

URL: https://medium.com/@giladisraeli92/how-to-ramp-up-corporates-use-of-threat-intelligence-a304d79674b2?source=read_next_recirc---three_column_layout_sidebar------1---------------------b58ba098_0334_4985_9580_b569c59edd59-------
Title: How to Ramp-Up Corporate’s Use of Threat Intelligence?

Search URL Search Domain Scan URL

URL: https://medium.com/@eliyastein?source=read_next_recirc---three_column_layout_sidebar------2---------------------b58ba098_0334_4985_9580_b569c59edd59-------

Search URL Search Domain Scan URL

URL: https://blog.confiant.com/?source=read_next_recirc---three_column_layout_sidebar------2---------------------b58ba098_0334_4985_9580_b569c59edd59-------
Title: Confiant

Search URL Search Domain Scan URL

URL: https://blog.confiant.com/how-one-crypto-drainer-template-facilitates-tens-of-millions-of-dollars-in-theft-66f3794aea4b?source=read_next_recirc---three_column_layout_sidebar------2---------------------b58ba098_0334_4985_9580_b569c59edd59-------
Title: How One “Crypto Drainer” Template Facilitates Tens Of Millions Of Dollars In Theft

Search URL Search Domain Scan URL

URL: https://medium.com/@_wald0?source=read_next_recirc---three_column_layout_sidebar------3---------------------b58ba098_0334_4985_9580_b569c59edd59-------

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/?source=read_next_recirc---three_column_layout_sidebar------3---------------------b58ba098_0334_4985_9580_b569c59edd59-------
Title: Posts By SpecterOps Team Members

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/managed-identity-attack-paths-part-1-automation-accounts-82667d17187a?source=read_next_recirc---three_column_layout_sidebar------3---------------------b58ba098_0334_4985_9580_b569c59edd59-------
Title: Managed Identity Attack Paths, Part 1: Automation Accounts

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=---three_column_layout_sidebar----------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=---three_column_layout_sidebar----------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=---three_column_layout_sidebar----------------------------------
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=---three_column_layout_sidebar----------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=---three_column_layout_sidebar----------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=---three_column_layout_sidebar----------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=---three_column_layout_sidebar----------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=---three_column_layout_sidebar----------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://knowable.fyi/?source=---three_column_layout_sidebar----------------------------------
Title: Knowable

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 302
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 Show response
doublepulsar.com/
Redirect Chain

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

180 KB
39 KB

660ms
660ms

Document
text/html

52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e0f48e61e92da05bcd3476626002787278609a64c4acfd22a160fb5bf67b5fc2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Fri, 30 Sep 2022 13:30:24 GMT
etag: W/"2d083-6aHHjYSkRwTLUVBlsFwLgh7MsBc"
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, lite/main-20220930-093257-1588d16c94, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
medium-missing-time: 432
sepia-upstream: medium
server: nginx
vary: Accept-Encoding
x-envoy-upstream-service-time: 562
x-request-received-at: 1664544626362

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 752d50291e4d9a3b-FRA
content-length: 0
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/plain;charset=UTF-8
date: Fri, 30 Sep 2022 13:30:26 GMT
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220930-130348-2aa93fd5a2
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 31
x-frame-options: sameorigin
x-obvious-info: 20220930-0942-root,1588d16c
x-obvious-tid: 1664544626179:6855848c7383
x-opentracing: {"ot-tracer-spanid":"6b29c3df2ef38c15","ot-tracer-traceid":"27472b36aab9faa8","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 unbound.css
glyph.medium.com/css/ 15 KB
1 KB 40ms
26ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1340
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752d502eb9a39a3b-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 30 Sep 2022 15:30:27 GMT

GET
H2 200 1*6Ay_Mt1ikoTKAHgHTJcfMQ.png
miro.medium.com/max/720/ 190 KB
190 KB 43ms
29ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*6Ay_Mt1ikoTKAHgHTJcfMQ.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25fa752260dab146cbb9bc0dc8a23fad476a7107a1d02f1c089c5f1612bba4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18632
x-envoy-upstream-service-time: 393
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194173
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d502efa229a3b-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 63ms
52ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 20068911
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752d502f0cf991d5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 65ms
54ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 21440684
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752d502f0d0191d5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 68ms
57ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 20067908
x-envoy-upstream-service-time: 31
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752d502f0d0891d5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 48ms
38ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 21440688
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752d502f0d0491d5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 64ms
61ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 20067908
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752d502f0d1091d5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
29 KB 42ms
42ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://doublepulsar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 20025342
x-envoy-upstream-service-time: 81
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 752d502f1d1391d5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/64/64/ 2 KB
3 KB 84ms
72ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/64/64/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2aba4d59dbb00af771b35ea962de7f13f0099d894886b663cc453f891fca6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 99481
x-envoy-upstream-service-time: 57
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2534
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220303-000533-8c0cdff0ab
accept-ranges: bytes
cf-ray: 752d502f38e56949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 83ms
71ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81292
x-envoy-upstream-service-time: 57
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4168
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 752d502f38e36949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 0*1acKQsWchBvkk1nk
miro.medium.com/max/720/ 51 KB
52 KB 77ms
65ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*1acKQsWchBvkk1nk

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443284f640afd32b1532789657bc8f182c11b0f5599e49b70793c6de80655d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50583
x-envoy-upstream-service-time: 227
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52726
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d502f38dd6949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 0*8CtgNhEdrEXcU-75
miro.medium.com/max/720/ 75 KB
75 KB 49ms
38ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*8CtgNhEdrEXcU-75

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

011fde0b027062771524c604be95e7538912dd0402efeeaaba4c4d32faacf9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50583
x-envoy-upstream-service-time: 243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76592
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d502f38d86949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 0*c8h3STMGC0nxyTDd
miro.medium.com/max/640/ 76 KB
76 KB 88ms
77ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/640/0*c8h3STMGC0nxyTDd

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49d98921ea92f67eab9a08aa38bf26cccf84ec38f90a700a89ceb0d2f08a6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50580
x-envoy-upstream-service-time: 264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77680
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d502f38f16949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 0*7XZQgCET-WfKmQ6P
miro.medium.com/max/720/ 63 KB
63 KB 85ms
73ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*7XZQgCET-WfKmQ6P

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5c2408e788a199fd971127ce0f1ddb40ef3fe9f0ceedff56a2863b7c0f66f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50112
x-envoy-upstream-service-time: 250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64351
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d502f38ec6949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/176/176/ 9 KB
9 KB 83ms
72ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/176/176/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb889c1cb1f8aa32011e8ecadf4982471cd8cf659e1676a5cbc62b7bdffc6380

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74556
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9114
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 752d502f38e86949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H2 200 manifest.ecd55c88.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 36ms
27ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.ecd55c88.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de07c408b86796925f472579564ab89fbc82191c0c2fbd7946349837dc3ce50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 6Usss9bTu317b7xcvpBbmTyVxVQnCwzw
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J624WT5BHF8YTVN2
age: 13102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tnXMb8Cuw/J0jN3MW0Un0+1JOTFmXOgoih5xVfJGZgcp+bCCp0tHJZB9qU9qO6yv0hdFDonAjTI=
last-modified: Fri, 30 Sep 2022 09:24:35 GMT
server: cloudflare
etag: W/"a82e506dd0fc6d72e533ba7445174b4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502f8b379a3b-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H2 200 221.eb6d4e84.js Show response
cdn-client.medium.com/lite/static/js/ 691 KB
213 KB 51ms
41ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: eFYPkrNVdSEA2cbFUgGI5AL5fmJ6xhM1
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J2TVWCT1EY9N2ACT
age: 173651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: AdbnGoZITPw5AWsHgEIvXYgiPZgy5XVnPYvmDgCgX/9Y22m9b757aLHTZLskxG4TdBNklNLgyCM=
last-modified: Wed, 03 Aug 2022 13:07:29 GMT
server: cloudflare
etag: W/"8217b3c83342b21eef3049023dae74f7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502f8b439a3b-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H2 200 main.9e1d1880.js Show response
cdn-client.medium.com/lite/static/js/ 736 KB
177 KB 34ms
25ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.9e1d1880.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7930b87a3f31eb4f181294c10c1bd3a541e15c7e76a2b5f9f0b8f6974ce1f76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 9lUxF9K4smKLVpwKTIswpnwtxaEEW2Sc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TCPM3HGM4QS5J04Y
age: 47622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: wfnO3+dhYwSfUiSGK3XuyL1ftUVCQV5rntfSJu04fu2ILR+s1QNzmak7N04bkBsIc5HcKTZJPFA=
last-modified: Fri, 30 Sep 2022 00:11:00 GMT
server: cloudflare
etag: W/"7e3d5d1c2c0eb943296f520d671ac182"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502f8b3b9a3b-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H2 200 instrumentation.c71f0248.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 45ms
36ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DN80NP6MC45XWT2W
age: 591480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XL/2Jb9u14qm8cCj//wgdYe0Ggn1t1G4gX21uBRkpd82xhiecCSbOyioU4BrWRYiv2q6edekGpo=
last-modified: Wed, 07 Sep 2022 22:21:02 GMT
server: cloudflare
etag: W/"1c4019035217766e8fa41b4d396c90c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502f8b3d9a3b-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H2 200 4800.b97019a4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 66 KB
19 KB 39ms
30ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4800.b97019a4.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718c21c54c22368449ebeafd73dbc663738e4dc0f668ff581cf04a7049764e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: Pi1n8E4Ms1X56g03fobJVGJ0O7tggnc_
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNGBGFW7CCN1A9H8
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RWop0tBEjn1hbwGKGeC8qHg0gQvQXBNFBXW1tGddjSJb8GJ6hVallTgDD7nFgJkweLk6zhJnO3A=
last-modified: Fri, 23 Sep 2022 22:08:57 GMT
server: cloudflare
etag: W/"2aa4d7c3babdc88eeabdd9cfa8a20aa2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502f8b3f9a3b-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H2 200 7371.4a3c1218.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
7 KB 31ms
23ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7371.4a3c1218.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1950c7280b74b029c73a0b0ed1f4e77b62b6f620ead144285a0bc83ea28c7153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: ZgNlieNTl7_oC7QUU6YmKWuVvR0u2dl7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S9WV5BEE8VQ35TFJ
age: 158502
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RUXaKinQylzW1iCX4Uuk4+aRNYqI03Ss1YCQxy3ZiM+wehKVDUWKO6LUNOErLlBRbLnEi/YOvqE=
last-modified: Tue, 27 Sep 2022 22:13:05 GMT
server: cloudflare
etag: W/"e903565a339cec66b6a32a9599611f55"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502f8b479a3b-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 9282.ec2603ec.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 61 KB
17 KB 36ms
27ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9282.ec2603ec.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39380fe01c2df546b384833f729e7c2265cb467cfca3c4bc5d2e85b123ae88ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: f9rHmSQaljoFAznKpwf9hYc4W9FXpDMA
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TCPH0MAD5T4HH6H6
age: 47622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qbcCa3qhcIAuJ4ELPBaz+p9ey8krGEZkwx6+/Ul5ZTtwY9Dd1MDUwKvy6Emlyegok0cgjobfZpY=
last-modified: Fri, 30 Sep 2022 00:10:27 GMT
server: cloudflare
etag: W/"cc663080b41f7a5677ede3486e8c0c5d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca106949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 2837.7bf36ac5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 47ms
38ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2837.7bf36ac5.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: o1F2trFqCAwB_O69FIjcfeJyeffDoM30
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N5QPWAH5YESTA7PY
age: 317795
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pTts5V3fZqIikiFPC6BW/A3MOD4OnXKycVPrg721/MSCwCHv+ASP/tp9DZr5HHGf9ZFA3VS70ac=
last-modified: Mon, 12 Sep 2022 21:07:06 GMT
server: cloudflare
etag: W/"874ff76ff89f6785bac7273c52caa1cf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca136949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 AppLayout.b4a5b0ec.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 101 KB
20 KB 44ms
35ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AppLayout.b4a5b0ec.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9bcad9a1633d8b6d24692ee67b1644f42631a7d256cb98844783b084975488d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: f.CLirdm3HUHatWw.MHYRGj4mAbcJyOJ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 94NNS0XXHBC65A1J
age: 14927
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3ezTxkzbvxLAh7UNKVu4yiCWqYs3t8gvs67BtY6IhzsnlV04jdeGxsieVhqsOUU3Tsdz2YeT13w=
last-modified: Fri, 30 Sep 2022 09:10:31 GMT
server: cloudflare
etag: W/"cd988c2eb2683d2ef48339a45a33ebca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca196949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 reporting.bbdcaa9d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 73ms
64ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2R4YTKBCDDS6HF3J
age: 925718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified: Fri, 01 Jul 2022 00:11:40 GMT
server: cloudflare
etag: W/"72bc359fe3377069bd162b3be6ed3d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca1c6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 4270.c0f5b685.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
1 KB 36ms
27ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4270.c0f5b685.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: KSkooLLVUmAEyr4Mvb9mqebbFmTOLR9I
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: C2ZN163S1S828YMM
age: 227141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lN1VMVaeaxRA6JY7+jojWRuyaU3UMOhyF07ltDGS+YyWWVSyvqeb9ASTn/Hr82e9/OYyZQ+ZxgQ=
last-modified: Wed, 08 Jun 2022 01:57:01 GMT
server: cloudflare
etag: W/"ecb15ff3b96846c74bbdba0df72c6c69"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca1f6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
11 KB 40ms
34ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KZ14F4DJ39Z3KD31
age: 877710
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified: Tue, 25 May 2021 18:36:29 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca226949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 7794.9590314e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 30ms
23ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: edEnQQoOPA8J97QSUBTjXG.e16leDLA5
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZZ2GZ8XPEV2XSK8Q
age: 1188684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified: Tue, 25 May 2021 18:36:34 GMT
server: cloudflare
etag: W/"fdb51abd005c8009b18f0a8ff313072f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca256949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 8316.18f2a6aa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 32ms
26ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8316.18f2a6aa.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: QUYK47Sx_vLYH.MHyrUF8Ib7srVpusAN
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CNHD5SFN5Y8TW45S
age: 1188684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hFIjAklPE8uAiFD3F+iWoIjr1hZAL+bvgJNwZvAJEZUDnYTo6ZgZ84z2QdIcyEiccMTz7/tDkuo=
last-modified: Thu, 14 Apr 2022 09:06:33 GMT
server: cloudflare
etag: W/"9fa67454adaeb385a3a70077ff7b7df1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca296949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 5472.5f6d4371.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
1 KB 49ms
43ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5472.5f6d4371.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: M9BL7xv54wPjdaXSST5ko_cL9x0mMNwi
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CNH8PTMK5AP330DM
age: 1188684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xGpOOu8UZAzsu1YWUtNuDaspxj3NnwdsbLl4CFr6mQNnuC5VgdmPYNonihLFzHPh0iUQuVnGPss=
last-modified: Thu, 14 Apr 2022 09:06:30 GMT
server: cloudflare
etag: W/"6adb8844d763f7d58b6ed49ab89899c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca2d6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 4330.73510d98.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
7 KB 40ms
34ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4330.73510d98.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b1f4a654515e6718e96a6ef5ca1c2612c384ee76a9fffc113bf7936398b529

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: gaO9i4g_WJfSIkahOEBED62Hd2PF3jN.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG8M44J0DXWCZRY
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: e3L2M0SK+KXTy9FmYbmAhbCaQggo8V2rrXfqKWckd+NFe4mmjA6dnZiHSkSLbZb5d54ypN6Q0Ho=
last-modified: Fri, 23 Sep 2022 22:08:56 GMT
server: cloudflare
etag: W/"9f468563337263a84a8e448effec8cfc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca2e6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 2981.c8b67800.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 33ms
26ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2981.c8b67800.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: TKbpTetPCYsKF3g5_IiCFHFhUDC2WY1y
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GAQFSEGQ7ZX9WVAM
age: 346298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JZ3QGAr3YDxzfAuaIsASsvJvN+RTmdc03eLiHotXzIYN053sc/z1HPnQtDrlr+KdJljcubb5W7Y=
last-modified: Fri, 19 Aug 2022 10:43:45 GMT
server: cloudflare
etag: W/"ae90acd9390e2e8ae30aa02c7d1d058e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca316949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 3115.38ecb46c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 126 KB
36 KB 48ms
41ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3115.38ecb46c.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2f41ca7aa3bb0e3241ba079c8cc866ec35788c30f2835fbb5665332397523a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 7flG.m10YzEiRobRS3Ivk4Dpll1FW6HF
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: XH51ES2616ZDJZ72
age: 588457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZCii+QL+F7EWUgUSqSgYG2ytQsOV9buUPhaHA6WJDLw8LYIOsWRVYNG3a482Fi6qJJeKRb4YjrU=
last-modified: Fri, 23 Sep 2022 14:32:46 GMT
server: cloudflare
etag: W/"82978dafd1ac1db919ee7665b6f1bb2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca376949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 5758.4d052c2f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
2 KB 34ms
27ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5758.4d052c2f.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9b076f650f3530b44d3f99c581cb806a86d51ec91fe55cb9cd85bc48b135d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: gt_SJcOubU_dOS.haXYGewc4icbw4Hyj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG51J9P0YEAZ77C
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qkVrdfiZXNyapPBMXHd6fakFRBLi3L7foXwy6eMlpoooaUFOxNB9X/SKcM5jePUGZUPF1q+ni4M=
last-modified: Fri, 23 Sep 2022 22:08:58 GMT
server: cloudflare
etag: W/"d9935bdb71077ea91b9c9f793a918600"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca396949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 4869.15af887a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
4 KB 38ms
31ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4869.15af887a.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: zsasPIPj4VNjHd6lWz1Ablp9oC5jhxmA
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BVXG0076RV4B9JAP
age: 227252
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uKH8UQbmWp1mPmCPTJvTtTv1kuEn3ARbt5hpFXJtd9Q7grMGajh8gSczyhsbEk9PSu4/TmP63i8=
last-modified: Tue, 21 Jun 2022 18:46:21 GMT
server: cloudflare
etag: W/"461c7bfcd82063a67a77f584159505ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca3c6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 9401.492bc814.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 71ms
64ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9401.492bc814.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: o7qB8yuUJ2.ySHF37F8FxNhTjXdITIXy
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BVXT7BCCKH158FM3
age: 227252
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fmyPMPKPQeWvDtiHrQgX5CGXZTku+5n0vOfhSaA2QdzDZmCmY1RbWsXR1l8WR2n7FzWl5DH3jRU=
last-modified: Tue, 21 Jun 2022 18:46:28 GMT
server: cloudflare
etag: W/"1ddc9c0c19f0fe0be7a7d8a22ff4b327"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca3f6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 2307.b2a54ca4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 46ms
39ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2307.b2a54ca4.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: uC58zPGNf1Kmzb_z_oSfu.TRqdXHy86R
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4FNZA2AQ2HMAKR1P
age: 346298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: v5fjgekWKQBKHUWXtS38VUfIdGtrSZeJZbo9JFk0TafKXhvG12gQFQHCSmKuVupC91S9KgZ1su8=
last-modified: Tue, 30 Aug 2022 17:41:16 GMT
server: cloudflare
etag: W/"452a684fb8b71960fde058398549b560"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca426949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 7070.94d1cda1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
8 KB 60ms
53ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7070.94d1cda1.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de48cb910621bf94185fc11bda005922bbb5e19141e2585e4b9d963b29191288

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: ktJLO74K0xTbt9Ispkb0vmcViDu8.8pH
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ANHQFKKK3HM9ZZW1
age: 254712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2eSsykJAbq2iIxyRZSkrNpvNIri41QLwsDEEuAwdNskp26vBS8xdwKwbFxm9u1wvfwlyjGh/Eu0=
last-modified: Thu, 08 Sep 2022 16:34:08 GMT
server: cloudflare
etag: W/"3018997b2d895aadca3817869d506cee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca446949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 9442.5291e270.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 57ms
50ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9442.5291e270.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: pCL2A.BoWSvPuskvdf9gJgCn0qWM.lXJ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8NAYDQE9MQK743Q9
age: 172581
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Q+YMUo3f6jyml7SXk6SmWMrC+AY114aKXRjQlxqfefqQ7aN4c6PDcZ7B2XOvKqS3AdCjuSFaiK8=
last-modified: Wed, 06 Jul 2022 07:53:44 GMT
server: cloudflare
etag: W/"3edcd4d9e5942e997e7195e591b148c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca466949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 4483.0a43a5ce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 59ms
52ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4483.0a43a5ce.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: nXdB1pZcC2zXCHIpRf4DyB5qHFX0z_KH
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W3D8VPVQKPJHDC62
age: 762396
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ytI/ljuGLDtWZEwYKNhFOgDeD2WTPgxo05GxSQEDIon/zinlUDuR+/2Nyy0YzyZcgw8tUYCCnFU=
last-modified: Mon, 01 Aug 2022 21:57:50 GMT
server: cloudflare
etag: W/"bf55b6950792bc738fb0d12bda42e128"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca476949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 210.1b33e4a9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 32 KB
11 KB 63ms
56ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/210.1b33e4a9.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 6A1grWb2eI.v5FtaeGijF4bKOleB0EK_
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: R9K4CT5HZKR9XB80
age: 913337
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bK9GrVt2RHKtpupDor4YEMRzj0iT9/K30lVIGBWPvzExxM1r7ZHTbRKVadGGdneEwMfPW+FNrAY=
last-modified: Mon, 22 Aug 2022 23:07:50 GMT
server: cloudflare
etag: W/"e21593b9b2665e2c028ec837b9b17a44"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca496949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 864.dc58ca67.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
4 KB 60ms
53ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/864.dc58ca67.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1bbfbd6071831b2ff691ec6b9496a968663008078867fc284318644cef803d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: _13YWGk4m_2cdhVw9e_kaqVd2sou9n_x
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNGFVVEW7PGG9YEM
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: f+b8sgM9JUrsTLOuhGjWrz8Sh97pk9INvjRwPRF8pSwootUBCTlBJvtZQWP3E3GIxU+6bpnWX8E=
last-modified: Fri, 23 Sep 2022 22:09:03 GMT
server: cloudflare
etag: W/"8132d360ea9d611d92078a70603dd23b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca4d6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 9841.1bb423da.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 59ms
52ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9841.1bb423da.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 1xI7YK_MjEYp2K.Qr19IRQM3SL0GPfHl
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8NAXTKXVT5YRHG8C
age: 172579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6RKhOlsS35C1DjFeoOeZMOD90SHxxnChKIQkQecxgi1FNFcL9Jw/77BJ3rP6obK3+XmQcVD4AV8=
last-modified: Wed, 06 Jul 2022 07:53:45 GMT
server: cloudflare
etag: W/"a438d4b84fc984bedab39eff52de7d1b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca4e6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 3610.fcfa0e1c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
7 KB 43ms
35ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3610.fcfa0e1c.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c206b884da0783970fa403fc66def17bf89bb4986b5c98949e7b75a5db16cbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: SvrIKziMjwkYIM75gFH6vJL0G_D45wAi
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ANHH2E62E6RX251Y
age: 254712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: meVSuqcsYgzSvH0WPN2gRwIJI8XllV0bOTOODl1dZR2YUkuZ48bKw3/4shHFxqKuTF31bkaZoVM=
last-modified: Fri, 09 Sep 2022 19:41:33 GMT
server: cloudflare
etag: W/"8c1ecb719c418f4fc48dedcf9554b0ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca4f6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 1018.3d424dd7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
6 KB 44ms
37ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1018.3d424dd7.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54bdf228c7a517eb862d683fea710837b6134d9399826803104e8fb1709a2750

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: wsEivFZJ80.8q67Y.g4rlVOMV58uSqJ4
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: THHCJEXA160XVYBP
age: 864149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MFKO8CrU3InddHsLhYZPAGn9EzGKiSNY154vNB90PaLU9R72DyO3JRvdXHq2oCtgZ5yZ6v9GO50=
last-modified: Mon, 19 Sep 2022 15:53:23 GMT
server: cloudflare
etag: W/"886236e23480793d25fe6271214d1f15"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca506949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 9304.78e04611.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
2 KB 45ms
37ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9304.78e04611.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66eb60a7fdc9831cf6ad759153bb6212616a33587085e5258f2b11b877609856

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: XDBaX6XKHnNFSwpvKayMa.sNOC1hcaLl
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG67HTECN3C6TXV
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: aFise8ajUBpU7qgQd2gJgXPrvwjeGFn0z2ZLiO1h3bVNsp+BLgHIrYkUEfahVV3mhR8DUzrN1gc=
last-modified: Fri, 23 Sep 2022 22:09:03 GMT
server: cloudflare
etag: W/"4e6f30dbe08ace2ef331214677bc3aa1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca516949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 763.3dd24340.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 65ms
57ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/763.3dd24340.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: goZsfOIuyppoMc0Onuw5TwPKffEVGUNf
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8TGJ1XETE0NY1ZG4
age: 21713
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6iXFlhEzeicU7aJ8UbF6igParGUQqtaRkkp5G2WlBmS6AJF/WHGutadrfqBzSG8sE92+qrVVMAw=
last-modified: Thu, 01 Sep 2022 13:17:18 GMT
server: cloudflare
etag: W/"95c429bc01e6ab0aedece2277f3f41dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca526949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 8051.c536c001.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 59 KB
14 KB 60ms
53ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8051.c536c001.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 5HJouVNr7TaNTnESG04IiNLbaSQMTDfM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: R9KF81087VD844WE
age: 913337
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ASyihAp1nF+SMXGApQv3rEubcbtNjRG0JqkLTfOMyQEA7BqHyJCgSgU6R8jkZ2S7R5xv2Uvx110=
last-modified: Mon, 22 Aug 2022 23:07:58 GMT
server: cloudflare
etag: W/"47343252b22a02ee0822f03f0be391ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca546949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 9241.75bfe1e3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 41 KB
12 KB 43ms
35ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9241.75bfe1e3.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ac4a3c12bb0b08c0ae9b05365825828c08851a699a832c913e2afb1c3580ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: thKnoib30J58SR5F9wQhy7xUOSqm8Pq6
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNGF6JC0P97CC9MH
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4NoiPoz2uXueiUJovmLDy5DypSPCwY8hlctXNVO5o64Zy9LBg9gGUO2dh+ohOuzn9fULSUfsfzA=
last-modified: Fri, 23 Sep 2022 22:09:03 GMT
server: cloudflare
etag: W/"956b129002f049bcd12e3c5b0a64f5f4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca556949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 5887.72e8677c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
6 KB 62ms
55ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5887.72e8677c.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60f8d09b143ba5268b8a2e746dffb002750508518d4ade7b7624f4fa1d908255

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 7rY1b1kzpxeiA.jpGsxhdeL3hIjhJh.9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNGDRMS3A30SBXPM
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Olony0WTmFoJpb2DVYnDGYNrCBnUv7RxvMmq6Kb1bNejvGKFcapOybmyZMaFoDb4zip6FWr7TC0=
last-modified: Fri, 23 Sep 2022 22:08:59 GMT
server: cloudflare
etag: W/"a88ff40c5b6a2ab2411a8b0d79f93b85"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca576949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 5754.6687b8d5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 70ms
62ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5754.6687b8d5.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: jm4XNl7ULcgGCxMyZPfaouJSQOG7cvnF
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BABNVAC1BSV2C8K2
age: 589088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JuAasHgUwNuFUAxgOmmPG+bBIkW5yXPNOZqk3r8KUPVeaUKAUHQjXw6QBt3GUwX6eWS+1+eA1Co=
last-modified: Fri, 20 May 2022 05:33:41 GMT
server: cloudflare
etag: W/"d8cccf81b0e959008ed590e4a91a1c61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca586949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 PostPage.MainContent.1bf466a7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 112 KB
27 KB 58ms
50ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.1bf466a7.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4526126fec9641f63ed1a140507f42a071a39ab8cf9e7258765318e4ebbfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: uQyw6v1fPahRkNtHOQIVcEyL4pi9zMl9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNGAZRT9K7DSRVWZ
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NCG1y9It2ZlXAuaXyXmfYgR0YQt29LjV6AQLIvIHt+3RZLsM3e0ENYcr24HDmRDDjYO89c4utRo=
last-modified: Fri, 23 Sep 2022 22:09:20 GMT
server: cloudflare
etag: W/"c8ed23dafc0026e284264de47be7f76c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca596949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 1987.e87f9d80.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
3 KB 77ms
69ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1987.e87f9d80.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: cBz4yUOPeuq85PbanD5Gb9jI.f0cdUtK
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E9ECF7NHXNH0HYA8
age: 61105
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tKLOWGSriv3Ultn4eLNFbNKM/gTHzGNs9zVwMjqNYCyLbYgGmDgqtuSG09J4Lq8R5AQQIImYNzM=
last-modified: Thu, 01 Sep 2022 18:26:19 GMT
server: cloudflare
etag: W/"5587b9535df6c9068c64661ba037ac8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca5c6949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 8237.1eb3b71c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
3 KB 46ms
38ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8237.1eb3b71c.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4edc203436e639704759a0b22466343483791d9f0bff5ac587ef25f8c7202546

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: dxiPIalaMFBcJ6bndxlKAhUvQhDPAi29
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG2GE4SZ1K8S5J0
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: r4d1cVQf8adJjJWwXVtv/SJVZPQxvcNoH3eHVrE+r8z1XMOmCpVFuVgiXL3rn7HYoFCR79W4XHo=
last-modified: Fri, 23 Sep 2022 22:09:02 GMT
server: cloudflare
etag: W/"ed71bc5d2a871a459349806dc92e2372"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca606949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 7994.20fdadc7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
5 KB 69ms
61ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7994.20fdadc7.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0a3092a83a7ac2a6d9a67302e1c0b622d243d6192836c550081afafd8e9ff12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: I.gDFCTh_ggFQHbPiMZH7SjdFB2PibD1
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7ZPX3KK1XAHGVQC8
age: 47622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: rkNC/S07C0M1f5KKmXp7EXdVi47LVTJ7rai8XNLgyryHqRzK0YFtjMTuFmzOnLGHObMI0ze8Q84=
last-modified: Wed, 28 Sep 2022 23:25:05 GMT
server: cloudflare
etag: W/"d58c2efe8b246225abd782338419bdf6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca636949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

GET
H3 200 PostPage.RightColumnContent.0f35592e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 34 KB
9 KB 62ms
53ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.0f35592e.chunk.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a885a06c6a1e5288df4869c5bb14fcd5ac22728b80400893894a43b9cc643a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
x-amz-version-id: 8S3aE_z3f1QeCidswhWcPSr.qH7w4_sQ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BNG7GQQ9CDK15P80
age: 241539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6IQttwhupVctxmAGZEY/U6hMVIOOQCS5FM8iHCbV0ye6O88XtM1Gl+aldSWc3Hkm2xRl5IumsYM=
last-modified: Fri, 23 Sep 2022 22:09:21 GMT
server: cloudflare
etag: W/"049e3985257cb5e121b8b223bd1eb2a7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d502fca666949-FRA
expires: Sat, 30 Sep 2023 13:30:27 GMT

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0 334ms
94ms Preflight 2600:1f18:24e6:b901:8229:c2bb:8e4c:3667
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:8229:c2bb:8e4c:3667 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
content-length: 0
date: Fri, 30 Sep 2022 13:30:28 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff

GET
H3 200 0*PHZXNa19OkzAjKq4
miro.medium.com/max/720/ 39 KB
40 KB 106ms
106ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*PHZXNa19OkzAjKq4

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e0c7393357848d9741e07f7426f58396da2c85a9b7b94e21a3c0f3e156eed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50112
x-envoy-upstream-service-time: 420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40298
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d50345bdb6949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 0*c5R-mNI774IqryzT
miro.medium.com/max/720/ 60 KB
60 KB 26ms
26ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/0*c5R-mNI774IqryzT

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24aba2bc191d7d301e8ed851d045f0f00a174af524dc7f07f9f77016edbf5555

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50001
x-envoy-upstream-service-time: 179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60997
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d50345be36949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 1*48R4OwM2KL6q4Prw0fJDhg.png
miro.medium.com/max/720/ 46 KB
46 KB 21ms
20ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*48R4OwM2KL6q4Prw0fJDhg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed94a03a7b2235760adc5913caedfe3b9094bd9151a4c7e2586d1757c642d818

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50112
x-envoy-upstream-service-time: 344
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47011
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d50345bfa6949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

GET
H3 200 1*rzHWpGJI2DB0B-tBgYVJNw.png
miro.medium.com/max/720/ 69 KB
70 KB 25ms
25ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/720/1*rzHWpGJI2DB0B-tBgYVJNw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

497337300a5bbcfff088d450bb9cf80b81779b6f206be832ad62f1c062472b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50001
x-envoy-upstream-service-time: 321
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71110
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d50345c016949-FRA
expires: Sun, 30 Oct 2022 13:30:27 GMT

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
182 B 134ms
134ms Fetch
application/json 2600:1f18:24e6:b901:8229:c2bb:8e4c:3667
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9e1d1880.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:8229:c2bb:8e4c:3667 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 30 Sep 2022 13:30:28 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H3 200 PostGiveTipOnExternalPlatform.8f77b158.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 36ms
35ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.8f77b158.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ecd55c88.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:28 GMT
x-amz-version-id: jOmB2cABPV60dTlglOANqba9eeq2SJ1k
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AF3N7753DC5XQHW6
age: 762382
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +jmYCPeoPNLAPjqnBrcfyOcxcR/Zsc8Mzcobt2w+i+uriU2T6p15YXqwtxy/bdUu/V9fxYpFmqI=
last-modified: Mon, 29 Aug 2022 15:03:38 GMT
server: cloudflare
etag: W/"a8da66300dc20eb65b5ca5b255fb21bf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d50361fcb6949-FRA
expires: Sat, 30 Sep 2023 13:30:28 GMT

GET
H3 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/32/32/ 1 KB
1 KB 30ms
29ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5662822283419524d975e985628a750612de365972df3f8a7e3e92d25550691f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81292
x-envoy-upstream-service-time: 74
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1153
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 752d5036a97b6949-FRA
expires: Sun, 30 Oct 2022 13:30:28 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/48/48/ 2 KB
2 KB 24ms
23ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/48/48/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fbb7049ad12606310dcd8e51de98ecc0e1685e6cdde00e7a999644797e8713d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81292
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1768
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220303-000533-8c0cdff0ab
accept-ranges: bytes
cf-ray: 752d5036a97f6949-FRA
expires: Sun, 30 Oct 2022 13:30:28 GMT

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/88/88/ 4 KB
4 KB 40ms
40ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/88/88/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e6610f624debb1f77669186e644eef7f43bd336b3cfe1297a4108d2b5c50b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74556
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3871
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 752d5036a9846949-FRA
expires: Sun, 30 Oct 2022 13:30:28 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 143 B
439 B 112ms
112ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

50b68ddea3d96dc04d33264f05462a0f6764a3a715a6bacb7ae18f0b596ad9c9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"8f-/uMnnv3gHeBSKIFaXmmH+zrz9d8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7
x-envoy-upstream-service-time: 15
content-length: 143
x-xss-protection: 0
x-request-received-at: 1664544628481

POST
H2 200 graphql Show response
doublepulsar.com/_/ 1 KB
848 B 156ms
156ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9ef910176df10eee1a29d915e5e870b872f61ef3b602d5f5494165db6939b9fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"559-ZCXTa/d/3HbnYI6RY2u9Xp1mWzM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 61
x-xss-protection: 0
x-request-received-at: 1664544628478

POST
H2 200 graphql Show response
doublepulsar.com/_/ 1 KB
987 B 182ms
182ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b94873a057505b7f6e6f294672d1b113d5748124d151331c154b2ed0fbb74b7c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: FloatingPostActionsQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"50d-KBkyuF01Aha24d9vyiZJqNoBGCs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 88
x-xss-protection: 0
x-request-received-at: 1664544628477

POST
H2 200 graphql Show response
doublepulsar.com/_/ 210 B
532 B 525ms
525ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7de7aa55fe235883be233e085f584609bd56bc79cc453a2ce7753ba4d8887f1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"d2-cjdMUEAYFEPmi3l+sc4HtIcoTvQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 338
content-length: 210
x-xss-protection: 0
x-request-received-at: 1664544628606

POST
H2 200 graphql Show response
doublepulsar.com/_/ 210 B
531 B 237ms
237ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

27f61f8566dffc952908e56cf38b183a35bd51e3c9f2b4d737ebe9238195e4b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"d2-Scxrj1lsU5bTzNnRdUQih1M51yE"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 53
content-length: 210
x-xss-protection: 0
x-request-received-at: 1664544628575

POST
H2 200 graphql Show response
doublepulsar.com/_/ 122 B
443 B 258ms
258ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

687b200c21d0489d1317df38901138a20919b1d331637e567c32b242470841b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PostPageMeterQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"7a-Anj6kLKPTl7dYRRc0vntDac3O3s"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 75
content-length: 122
x-xss-protection: 0
x-request-received-at: 1664544628568

POST
H2 200 graphql Show response
doublepulsar.com/_/ 2 KB
1 KB 280ms
280ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ace0c7a9f1be07353c8505538311244c7af740d9d453a15f6be561ec6eea46c7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PublisherFollowersDialogUserQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"9ff-BjNEyWJGVdmVm11CumJgZHZLOq8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 96
x-xss-protection: 0
x-request-received-at: 1664544628573

POST
H2 200 graphql Show response
doublepulsar.com/_/ 5 KB
2 KB 377ms
377ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d8e102322d07a2de45477e216a9e258dcd72c029e1aa01386d4a84f4df99040f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: RecircSidebarQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"12f7-kxz6nz7lekNVVmJ33ChIuQBLtNs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220929-171219-1c763f9d68
x-envoy-upstream-service-time: 193
x-xss-protection: 0
x-request-received-at: 1664544628574

POST
H2 200 graphql Show response
doublepulsar.com/_/ 78 B
398 B 224ms
224ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"4e-oZRptXabGmg8T9fhH50MI993LtI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 42
content-length: 78
x-xss-protection: 0
x-request-received-at: 1664544628569

POST
H2 200 graphql Show response
doublepulsar.com/_/ 102 B
398 B 194ms
194ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

19283d021d02a5200743f93dd62757494d3f54d9a07aad514a743969c2d24399

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"66-eAASeTFg+sSf+8Qyobwog4NvV6c"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7
x-envoy-upstream-service-time: 19
content-length: 102
x-xss-protection: 0
x-request-received-at: 1664544628569

POST
H2 200 graphql Show response
doublepulsar.com/_/ 81 B
374 B 170ms
170ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
sepia-upstream: medium
server: nginx
etag: W/"51-T0kabmH8r91amHAHqjii15hhpe8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7
x-envoy-upstream-service-time: 19
content-length: 81
x-xss-protection: 0
x-request-received-at: 1664544628570

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 865ms
864ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9e1d1880.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, clientele/main-20220922-195915-7e52245d5a
x-envoy-upstream-service-time: 769
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 109ms
109ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9e1d1880.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, clientele/main-20220922-195915-7e52245d5a
x-envoy-upstream-service-time: 13
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 106ms
106ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9e1d1880.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Sep 2022 13:30:26 GMT
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, clientele/main-20220922-195915-7e52245d5a
x-envoy-upstream-service-time: 9
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 shim.js Show response
cdn.sprig.com/ 193 KB
65 KB 39ms
8ms Script
application/javascript 108.138.17.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=WISfSM8eD3
Requested by: Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-33.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf57366bd55298c814cedbb050f84cb0a1253820b5f5c1ab1c4ce216eb3bed5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 17:38:41 GMT
x-amz-version-id: 4Nnr_qAaJL_aGYPPkZGROODY__Y.W9FI
content-encoding: br
last-modified: Tue, 27 Sep 2022 20:14:20 GMT
server: AmazonS3
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"ae2766997c89d8c8569d782ac1bbddb4"
age: 71507
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dklVp0CwFryE948XRQFmbHwNF5OYP5Sm1fEyimKmVCqSlCaqBzg6oQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Sep 2022 13:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 1709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 30 Sep 2022 15:01:59 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 76 KB
23 KB 73ms
20ms Script
text/javascript 99.86.240.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=e53af5bf044b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-122.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: xpT8NSlkFRtFn0r3VTueOXydk4ItdRFJ
content-encoding: gzip
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
date: Fri, 30 Sep 2022 13:30:25 GMT
last-modified: Tue, 13 Sep 2022 22:02:15 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
age: 4
etag: "9a440767cf788fb1f7e43521d015d5ca"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 23149
x-amz-cf-id: 7XYL89lFnySsk_peI2qk290wpxZRMK-R72l3IxfnTB67aVG4KrAtKQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1732901266&t=pageview&_s=1&dl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&ul=en-us&de=UTF-8&dt=ProxyNotShell%E2%80%94%20the%20story%20of%20the%20claimed%20zero%20days%20in%20Microsoft%20Exchange%20%7C%20by%20Kevin%20Beaumont%20%7C%20Sep%2C%202022%20%7C%20DoublePulsar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1166148061&gjid=937538858&cid=1812458368.1664544629&tid=UA-24232453-2&_gid=1108261287.1664544629&_r=1&_slc=1&z=170459004

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 13:30:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doublepulsar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 91 B
595 B 240ms
185ms Script
text/javascript 2600:9000:2304:d200:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.65.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

72aa3e34ac7027393414ce717ba7043d04b0633b69c5cf6f0403c135d3fa0b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6c38ff4c7648bbb26bea641498fdefb0.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: VIE50-P1
etag: W/"5b-hxONP/ZvJaME86YGQq1Pds34n5Q"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: 454tQnWbVcsPLQgsA9-5-vaDq9usgUDKt_3wEIo338MnPa8o7LVBXw==

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/ 15 KB
3 KB 146ms
146ms Fetch
application/json 54.86.227.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.227.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-227-14.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 56a7e319beaf448089f236a6a86ce88efdca69980ea0eabab44414efdbeca691

Request headers

x-ul-visitor-id: a07ece99-6afe-4d1c-8d12-94013b04863e
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version: 2.17.5
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
content-encoding: gzip
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"3b72-AZnED8Y+cFsrzwOxsiDvpPsa4wQ"
Transfer-Encoding: chunked
vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

OPTIONS
H/1.1 200
OK config
api.sprig.com/sdk/1/environments/WISfSM8eD3/ 0
0 397ms
96ms Preflight 54.86.227.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.227.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-227-14.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Sep 2022 13:30:29 GMT
vary: Origin

GET
H3 200 4560.797148c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 22ms
22ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4560.797148c8.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ecd55c88.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf803319c36aa71faacf7697319f06ac9933ca3e7a8fc0e74cacdd181f1a6239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
x-amz-version-id: Z7SHTutg2G4kHOFJhOz6Xxw6u59VS670
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5X9GVKRFSPQKGJD2
age: 241485
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YhxC9U9kTkFx0D3XAJRxmTUz3odWvUf3ZIHHqf2il8f4gQlvVK7nQBZ3x4il/11H8S40NtzeA14=
last-modified: Fri, 23 Sep 2022 22:08:57 GMT
server: cloudflare
etag: W/"3433382da36e684d93fbb7e115304304"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d503c0d016949-FRA
expires: Sat, 30 Sep 2023 13:30:29 GMT

GET
H3 200 PostNextFiveStories.5ef18fff.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.5ef18fff.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ecd55c88.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
x-amz-version-id: exTCuGBa1y2uney1YBpz5JAAyr6r7o7e
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6HYRPE56B03M9HZ0
age: 762385
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 371Blsw/iymLWs3ZYzse7ROVFRrRMZvvZssTOaA6DzeYUl9tNFU43LonSFAvaKjOz6oWJcdZTmk=
last-modified: Fri, 26 Aug 2022 22:24:21 GMT
server: cloudflare
etag: W/"5bc6ab68088c4531380f47520b82da55"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 752d503c0d026949-FRA
expires: Sat, 30 Sep 2023 13:30:29 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 84 B
379 B 116ms
116ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

57a2574f78adff93cbab3412a8c27ffa58085074741dd1dcaa3ba4642be41dc6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
sepia-upstream: medium
server: nginx
etag: W/"54-liNfhtaYkGOPfoB5iGEI/lE+TG0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7
x-envoy-upstream-service-time: 21
content-length: 84
x-xss-protection: 0
x-request-received-at: 1664544629237

GET
H3 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/20/20/ 987 B
1 KB 84ms
82ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33a0132ce32847448fe1cd33c60c68dd471ab7c3f0f72e395f1a56ae18581b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 94123
x-envoy-upstream-service-time: 142
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 987
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 752d503c8da86949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

GET
H3 200 1*Ds9WyKKWltmJkGJzVnCDvg.png
miro.medium.com/focal/56/56/50/50/ 7 KB
7 KB 24ms
23ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*Ds9WyKKWltmJkGJzVnCDvg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83a554312e1b49dfabc27ef6d443f5234d0cc573ffdd1ce8fa2e04f86babef10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74557
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6730
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220922-201131-d35e310393
accept-ranges: bytes
cf-ray: 752d503c8daf6949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

GET
H3 200 0*6v0mhe0d4F3a_TEv.jpg
miro.medium.com/fit/c/20/20/ 335 B
686 B 23ms
22ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/0*6v0mhe0d4F3a_TEv.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2e39eaf1d2594381979c1ce0e1116860d4a8a3d0a9b2c2ee85beed8a83a489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11348
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 335
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220923-182944-2f1209e24b
accept-ranges: bytes
cf-ray: 752d503c8db26949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

GET
H3 200 1*JMJbZDTSoD0Cp7w87ZE3yw.jpeg
miro.medium.com/focal/56/56/50/50/ 3 KB
3 KB 33ms
32ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*JMJbZDTSoD0Cp7w87ZE3yw.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b939daa99012fe88968564988df5686984cf075b277aa82cacaba3e170e5c9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11348
x-envoy-upstream-service-time: 81
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2600
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220923-182944-2f1209e24b
accept-ranges: bytes
cf-ray: 752d503c8db36949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

GET
H3 200 1*6g6sWeOzruzLd-7jotXC9A.png
miro.medium.com/fit/c/20/20/ 1 KB
1 KB 53ms
52ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*6g6sWeOzruzLd-7jotXC9A.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

959e76671129a8b35aa54f73e1b9e0a029d869a59936e75e7ea26d55783d8c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23601
x-envoy-upstream-service-time: 59
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1135
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220923-182944-2f1209e24b
accept-ranges: bytes
cf-ray: 752d503c8db76949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

GET
H3 200 1*7aj7KWFwwR3xmUxW5UoMGw.jpeg
miro.medium.com/focal/56/56/50/50/ 3 KB
3 KB 33ms
32ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*7aj7KWFwwR3xmUxW5UoMGw.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b88293006629e9d2d0dc75f88eb03210be91b829aad93513ac5abfce0342a5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11348
x-envoy-upstream-service-time: 319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3034
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220927-191243-5273a104f0
accept-ranges: bytes
cf-ray: 752d503c8dba6949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

GET
H3 200 2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/20/20/ 1017 B
1 KB 31ms
30ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/2*G-LlqSNRGI8wIrjrYRzWdA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17ba205f01f96d24929f466a9629fe37bd08c9d05dcdeb1fb80b7fbfdf23c153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21030
x-envoy-upstream-service-time: 122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1017
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 752d503c8dbc6949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

GET
H3 200 0*_G2iHCJz0R1E4Jws
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 34ms
33ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*_G2iHCJz0R1E4Jws

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88dd76c913743869952074998a448778cefe852dc9dae7d9799922b9ae293c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11348
x-envoy-upstream-service-time: 68
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2366
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 752d503c8dbd6949-FRA
expires: Sun, 30 Oct 2022 13:30:29 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 210 B
531 B 139ms
139ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7de7aa55fe235883be233e085f584609bd56bc79cc453a2ce7753ba4d8887f1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
sepia-upstream: medium
server: nginx
etag: W/"d2-cjdMUEAYFEPmi3l+sc4HtIcoTvQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 44
content-length: 210
x-xss-protection: 0
x-request-received-at: 1664544629294

POST
H2 200 graphql Show response
doublepulsar.com/_/ 24 KB
5 KB 248ms
248ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4e413e708866aba7083cf55ca0b864a460d9c1c4ffee2aa4a5e395b3262b0ed5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62befd817f22ef08
medium-frontend-path: /proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation: PostNextFiveStoriesCollection
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app: lite/main-20220930-093257-1588d16c94
apollographql-client-version: main-20220930-093257-1588d16c94
ot-tracer-spanid: 6845e8c736dda723

Response headers

date: Fri, 30 Sep 2022 13:30:27 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"5efc-iyAFMImZL94728Z6RPe8321jJlE"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2, rito/main-20220930-092834-d3a59e5aa7, tutu/main-20220930-094130-1588d16c94
x-envoy-upstream-service-time: 136
x-xss-protection: 0
x-request-received-at: 1664544629381

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
677 B 208ms
164ms XHR
application/json 2600:9000:2491:3800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:3800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b53e4f85060d98123c1484abf54d2c7676162164c05704c2d2538651d5eec853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: cc71d7618cc943e38a5399b051d41cb3-2022093013
content-length: 316
x-amz-cf-id: r2nD4BVX747SfoyAV__6C_TU1bPW7oHU5Yu9oUv-EBhaLFyr6qp3MA==

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
612 B 170ms
169ms XHR
application/json 2600:9000:2491:3800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:3800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a291258f4b63c2b7673718373eaa88785e95e4e8c0ed451786cf9f8a6217091c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"b7-TOx26WUI6XyTmU+bHhZOdSV/R74"
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: b0dde757dae24cf1bd01aa6feb635bc5-2022093013
content-length: 183
x-amz-cf-id: ha-Y307Os0hPu-xhAK7Mx1di4lHtl7tsOuwMz1AOevpGeCf4xM2EKg==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
436 B 192ms
192ms XHR
application/json 2600:9000:2491:3800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:3800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Sep 2022 13:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 0d7dc892548e4a0c989c783b5f0895c9-2022093013
content-length: 28
x-amz-cf-id: xSEoH8u3PxFfM4hYqvRHrsixHFYlv4vVkITYuqDoWDO5t989pQN7nQ==

PUT
H/1.1 204
No Content a07ece99-6afe-4d1c-8d12-94013b04863e Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ 0
816 B 465ms
369ms Fetch 54.86.227.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/a07ece99-6afe-4d1c-8d12-94013b04863e
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.227.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-227-14.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id: sprig-anon-8369ccf6-ec57-4399-8891-0431e6fd9664
x-ul-visitor-id: a07ece99-6afe-4d1c-8d12-94013b04863e
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version: 2.17.5
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Fri, 30 Sep 2022 13:30:30 GMT
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
x-ul-visitor-id: a07ece99-6afe-4d1c-8d12-94013b04863e
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiJhMDdlY2U5OS02YWZlLTRkMWMtOGQxMi05NDAxM2IwNDg2M2UiLCJpYXQiOjE2NjQ1NDQ2MzAsImV4cCI6MTY2NDcxNzQzMH0.UMhi-d8zwdgDeH2gedmDrpZQ6zOD9tl5WY9HeV3B24kLu67QXpe8ECxvdGTCToBRchQ1k32PdzWDfuHto0hPnA
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 271
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

PUT
H/1.1 204
No Content attributes Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/a07ece99-6afe-4d1c-8d12-94013b04863e/ 0
815 B 212ms
132ms Fetch 54.86.227.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/a07ece99-6afe-4d1c-8d12-94013b04863e/attributes
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.227.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-227-14.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id: sprig-anon-8369ccf6-ec57-4399-8891-0431e6fd9664
x-ul-visitor-id: a07ece99-6afe-4d1c-8d12-94013b04863e
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-ul-sdk-version: 2.17.5
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Fri, 30 Sep 2022 13:30:30 GMT
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
x-ul-visitor-id: a07ece99-6afe-4d1c-8d12-94013b04863e
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiJhMDdlY2U5OS02YWZlLTRkMWMtOGQxMi05NDAxM2IwNDg2M2UiLCJpYXQiOjE2NjQ1NDQ2MzAsImV4cCI6MTY2NDcxNzQzMH0.UMhi-d8zwdgDeH2gedmDrpZQ6zOD9tl5WY9HeV3B24kLu67QXpe8ECxvdGTCToBRchQ1k32PdzWDfuHto0hPnA
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 38
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

OPTIONS
H/1.1 200
OK a07ece99-6afe-4d1c-8d12-94013b04863e
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ 0
0 98ms
98ms Preflight 54.86.227.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/a07ece99-6afe-4d1c-8d12-94013b04863e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.227.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-227-14.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Sep 2022 13:30:29 GMT
vary: Origin

OPTIONS
H/1.1 200
OK attributes
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/a07ece99-6afe-4d1c-8d12-94013b04863e/ 0
0 194ms
95ms Preflight 54.86.227.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/a07ece99-6afe-4d1c-8d12-94013b04863e/attributes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.227.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-227-14.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://doublepulsar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Sep 2022 13:30:29 GMT
vary: Origin

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
434 B 175ms
175ms XHR
application/json 2600:9000:2491:3800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:3800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Sep 2022 13:30:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 7ef4fae3229a40a888f78795c662df1f-2022093013
content-length: 28
x-amz-cf-id: LsPY72BxAbO43qRei0UlwavRG3rw0ZrxC26Qg5RRzXZYO3f19AW_LQ==

POST
H2 200 oh-noes
doublepulsar.com/_/ 101 B
0 119ms
118ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/oh-noes

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9e1d1880.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://doublepulsar.com https://.doublepulsar.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Fri, 30 Sep 2022 13:30:30 GMT
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://doublepulsar.com https://*.doublepulsar.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 20220930-0942-root,1588d16c
x-envoy-upstream-service-time: 22
content-length: 101
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1664544633110:677c29b058b6
sepia-upstream: medium
server: nginx
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2
link: <https://medium.com/humans.txt>; rel="humans"
x-opentracing: {"ot-tracer-spanid":"270162305f5572c1","ot-tracer-traceid":"19bff7c7562627d7","ot-tracer-sampled":"true"}
expires: Thu, 09 Sep 1999 09:09:09 GMT

POST
H2 200 batch Show response
doublepulsar.com/_/ 17 B
173 B 361ms
360ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9e1d1880.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Fri, 30 Sep 2022 13:30:31 GMT
medium-fulfilled-by: valencia/main-20220930-130348-2aa93fd5a2
x-envoy-upstream-service-time: 179
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.com/	1970-01-20 15:08:00	Name: sid Value: 1:Gr4+EQqoe9UGhHXqHkvRJmQI2drPXVv1Wq3SCY5ACQ38Np+ykNoMdArQeoj7K3IR
.medium.com/	1970-01-20 15:08:00	Name: uid Value: lo_c468f3a65a62
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: f8d722dc9fc859607126617c9f562e7682f29e28-1664544626
doublepulsar.com/	1970-01-20 15:08:00	Name: uid Value: lo_c468f3a65a62
doublepulsar.com/	1970-01-20 15:08:00	Name: sid Value: 1:gUQoO0TcXZiJqtUZtO5lTizYx2TNZujfFfX4EcZjwsY392cLYE87rGRCC6Vhd2Cx
doublepulsar.com/	1970-01-20 06:22:25	Name: _dd_s Value: rum=0&expire=1664545528085
.doublepulsar.com/	1970-01-20 15:58:24	Name: _ga Value: GA1.2.1812458368.1664544629
.doublepulsar.com/	1970-01-20 06:23:51	Name: _gid Value: GA1.2.1108261287.1664544629
.doublepulsar.com/	1970-01-20 06:22:24	Name: _gat Value: 1
.app.link/	1970-01-20 15:08:00	Name: _s Value: 6qDXbo90bO%2Bs7zfMJDgCHlhC6%2BB%2F1ybyvtTpNyaXetXLPMD6pbxP9K1HJwxHsoH4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sprig.com
api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.sprig.com
doublepulsar.com
glyph.medium.com
medium.com
miro.medium.com
www.google-analytics.com
108.138.17.33
2600:1f18:24e6:b901:8229:c2bb:8e4c:3667
2600:9000:2304:d200:19:9934:6a80:93a1
2600:9000:2491:3800:11:f728:3040:93a1
2606:4700:7::a29f:9804
2a00:1450:4001:80e::200e
52.1.119.170
54.86.227.14
99.86.240.122
011fde0b027062771524c604be95e7538912dd0402efeeaaba4c4d32faacf9b1
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0c4526126fec9641f63ed1a140507f42a071a39ab8cf9e7258765318e4ebbfc5
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
12e0c7393357848d9741e07f7426f58396da2c85a9b7b94e21a3c0f3e156eed5
17ba205f01f96d24929f466a9629fe37bd08c9d05dcdeb1fb80b7fbfdf23c153
19283d021d02a5200743f93dd62757494d3f54d9a07aad514a743969c2d24399
1950c7280b74b029c73a0b0ed1f4e77b62b6f620ead144285a0bc83ea28c7153
24aba2bc191d7d301e8ed851d045f0f00a174af524dc7f07f9f77016edbf5555
27f61f8566dffc952908e56cf38b183a35bd51e3c9f2b4d737ebe9238195e4b8
33a0132ce32847448fe1cd33c60c68dd471ab7c3f0f72e395f1a56ae18581b04
344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661
39380fe01c2df546b384833f729e7c2265cb467cfca3c4bc5d2e85b123ae88ed
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
3de07c408b86796925f472579564ab89fbc82191c0c2fbd7946349837dc3ce50
3e2e39eaf1d2594381979c1ce0e1116860d4a8a3d0a9b2c2ee85beed8a83a489
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443284f640afd32b1532789657bc8f182c11b0f5599e49b70793c6de80655d64
45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8
497337300a5bbcfff088d450bb9cf80b81779b6f206be832ad62f1c062472b15
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
4e413e708866aba7083cf55ca0b864a460d9c1c4ffee2aa4a5e395b3262b0ed5
4edc203436e639704759a0b22466343483791d9f0bff5ac587ef25f8c7202546
50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93
50b68ddea3d96dc04d33264f05462a0f6764a3a715a6bacb7ae18f0b596ad9c9
54bdf228c7a517eb862d683fea710837b6134d9399826803104e8fb1709a2750
5662822283419524d975e985628a750612de365972df3f8a7e3e92d25550691f
56a7e319beaf448089f236a6a86ce88efdca69980ea0eabab44414efdbeca691
57a2574f78adff93cbab3412a8c27ffa58085074741dd1dcaa3ba4642be41dc6
5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc
5e6610f624debb1f77669186e644eef7f43bd336b3cfe1297a4108d2b5c50b5e
60b1f4a654515e6718e96a6ef5ca1c2612c384ee76a9fffc113bf7936398b529
60f8d09b143ba5268b8a2e746dffb002750508518d4ade7b7624f4fa1d908255
64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
66eb60a7fdc9831cf6ad759153bb6212616a33587085e5258f2b11b877609856
687b200c21d0489d1317df38901138a20919b1d331637e567c32b242470841b8
6b9b076f650f3530b44d3f99c581cb806a86d51ec91fe55cb9cd85bc48b135d1
70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca
718c21c54c22368449ebeafd73dbc663738e4dc0f668ff581cf04a7049764e13
72aa3e34ac7027393414ce717ba7043d04b0633b69c5cf6f0403c135d3fa0b77
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338
7930b87a3f31eb4f181294c10c1bd3a541e15c7e76a2b5f9f0b8f6974ce1f76c
7de7aa55fe235883be233e085f584609bd56bc79cc453a2ce7753ba4d8887f1e
7fbb7049ad12606310dcd8e51de98ecc0e1685e6cdde00e7a999644797e8713d
83a554312e1b49dfabc27ef6d443f5234d0cc573ffdd1ce8fa2e04f86babef10
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
88dd76c913743869952074998a448778cefe852dc9dae7d9799922b9ae293c01
8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c
959e76671129a8b35aa54f73e1b9e0a029d869a59936e75e7ea26d55783d8c23
959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478
9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
9ef910176df10eee1a29d915e5e870b872f61ef3b602d5f5494165db6939b9fd
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a291258f4b63c2b7673718373eaa88785e95e4e8c0ed451786cf9f8a6217091c
a2ac4a3c12bb0b08c0ae9b05365825828c08851a699a832c913e2afb1c3580ba
a2f41ca7aa3bb0e3241ba079c8cc866ec35788c30f2835fbb5665332397523a6
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a885a06c6a1e5288df4869c5bb14fcd5ac22728b80400893894a43b9cc643a06
ace0c7a9f1be07353c8505538311244c7af740d9d453a15f6be561ec6eea46c7
ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48
b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293
b53e4f85060d98123c1484abf54d2c7676162164c05704c2d2538651d5eec853
b88293006629e9d2d0dc75f88eb03210be91b829aad93513ac5abfce0342a5e2
b939daa99012fe88968564988df5686984cf075b277aa82cacaba3e170e5c9e7
b94873a057505b7f6e6f294672d1b113d5748124d151331c154b2ed0fbb74b7c
ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
bf803319c36aa71faacf7697319f06ac9933ca3e7a8fc0e74cacdd181f1a6239
c206b884da0783970fa403fc66def17bf89bb4986b5c98949e7b75a5db16cbfb
c25fa752260dab146cbb9bc0dc8a23fad476a7107a1d02f1c089c5f1612bba4f
c2aba4d59dbb00af771b35ea962de7f13f0099d894886b663cc453f891fca6ac
cf57366bd55298c814cedbb050f84cb0a1253820b5f5c1ab1c4ce216eb3bed5c
d0a3092a83a7ac2a6d9a67302e1c0b622d243d6192836c550081afafd8e9ff12
d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83
d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8
d8e102322d07a2de45477e216a9e258dcd72c029e1aa01386d4a84f4df99040f
d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44
db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e
de48cb910621bf94185fc11bda005922bbb5e19141e2585e4b9d963b29191288
e0f48e61e92da05bcd3476626002787278609a64c4acfd22a160fb5bf67b5fc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d98921ea92f67eab9a08aa38bf26cccf84ec38f90a700a89ceb0d2f08a6d2
e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc
e5c2408e788a199fd971127ce0f1ddb40ef3fe9f0ceedff56a2863b7c0f66f60
e9bcad9a1633d8b6d24692ee67b1644f42631a7d256cb98844783b084975488d
ed94a03a7b2235760adc5913caedfe3b9094bd9151a4c7e2586d1757c642d818
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0
fb889c1cb1f8aa32011e8ecadf4982471cd8cf659e1676a5cbc62b7bdffc6380
fc1bbfbd6071831b2ff691ec6b9496a968663008078867fc284318644cef803d
fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce

doublepulsar.com Open in urlscan Pro 52.1.119.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

100 %HTTPS

56 %IPv6

7 Domains

12 Subdomains

9 IPs

2 Countries

1739 kBTransfer

4016 kBSize

10 Cookies

88 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

12
Subdomains

9
IPs

2
Countries

1739 kB
Transfer

4016 kB
Size

10
Cookies

111 HTTP transactions
0 data transactions