posts.specterops.io Open in urlscan Pro
52.6.46.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Effective URL:
https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
Submission: On November 26 via api (November 26th 2019, 6:29:10 pm UTC) from US

Summary HTTP 86 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 86 HTTP transactions. The main IP is 52.6.46.142, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 2nd 2019. Valid for: a year.

This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	52.6.46.142 52.6.46.142	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	2606:4700::68... 2606:4700::6810:787f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2606:4700::68... 2606:4700::6810:7991	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
40	2606:4700::68... 2606:4700::6810:7691	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.224.197.33 13.224.197.33	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.41 13.225.78.41	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.158.46.6 54.158.46.6	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2600:9000:21f... 2600:9000:21f3:f400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2600:9000:21f... 2600:9000:21f3:5c00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	3.225.17.244 3.225.17.244	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
10	54.164.26.255 54.164.26.255	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
86	13

7 52.6.46.142 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-6-46-142.compute-1.amazonaws.com

posts.specterops.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:787f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6810:7991 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700::6810:7691 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.33 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-33.fra2.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.41 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-41.fra2.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.158.46.6 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-158-46-6.compute-1.amazonaws.com

srv-2019-11-26-18.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:5c00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.17.244 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-17-244.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.164.26.255 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-164-26-255.compute-1.amazonaws.com

collector-medium.lightstep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	1 MB
10	lightstep.com collector-medium.lightstep.com	2 KB
7	specterops.io 1 redirects posts.specterops.io	34 KB
4	branch.io cdn.branch.io api2.branch.io	23 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	81 KB
2	parsely.com srv-2019-11-26-18.pixel.parsely.com	765 B
1	app.link app.link	728 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	17 KB
86	9

	Domain	Requested by
40	miro.medium.com	posts.specterops.io cdn-client.medium.com
10	collector-medium.lightstep.com	cdn-client.medium.com
10	cdn-client.medium.com	posts.specterops.io cdn-client.medium.com
7	posts.specterops.io	1 redirects cdn-client.medium.com
6	glyph.medium.com	posts.specterops.io
3	api2.branch.io	cdn-client.medium.com
3	www.google-analytics.com	posts.specterops.io
2	errors.client.optimizely.com	cdn-client.medium.com
2	srv-2019-11-26-18.pixel.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	app.link	cdn.branch.io
1	cdn.branch.io	posts.specterops.io
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	cdn.optimizely.com	posts.specterops.io
1	medium.com	1 redirects
86	14

This site contains links to these domains. Also see Links.

Domain
medium.com
www.specterops.io
osquery.io
github.com
objective-see.com
attack.mitre.org
developer.apple.com
blog.malwarebytes.com
support.apple.com
www.okta.com
www.theverge.com
securityneversleeps.net
help.medium.com

Subject Issuer	Validity	Valid
posts.specterops.io Sectigo RSA Domain Validation Secure Server CA	`2019-04-02` - `2020-04-01`	a year	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-11-24` - `2020-02-23`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2018-07-31` - `2020-09-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2019-10-01` - `2019-12-30`	3 months	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
*.lightstep.com Let's Encrypt Authority X3	`2019-09-24` - `2019-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
Frame ID: EFF5A223D8DF253E736D1764D6668CBB
Requests: 90 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fhunting-fo... HTTP 302
https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

86
Requests

100 %
HTTPS

54 %
IPv6

9
Domains

14
Subdomains

13
IPs

3
Countries

1682 kB
Transfer

3376 kB
Size

11
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----22ef2b44c0aa----------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_page-----22ef2b44c0aa---------------------nav_reg-
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_page-----22ef2b44c0aa---------------------nav_reg-
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.specterops.io/?source=post_page-----22ef2b44c0aa----------------------
Title: specterops.io

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=-71641bec6012-------------------------follow_byline-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/p/22ef2b44c0aa/share/twitter?source=post_actions_header---------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/p/22ef2b44c0aa/share/linkedIn?source=post_actions_header---------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/p/22ef2b44c0aa/share/facebook?source=post_actions_header---------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_actions_header--------------------------bookmark_sidebar-

Search URL Search Domain Scan URL

URL: https://osquery.io/
Title: Osquery

Search URL Search Domain Scan URL

URL: https://github.com/EmpireProject/Empire
Title: Empire

Search URL Search Domain Scan URL

URL: https://objective-see.com/blog/blog_0x25.html
Title: Mac malware today

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/wiki/Mac_Technique_Matrix
Title: Mitre ATT&CK

Search URL Search Domain Scan URL

URL: https://developer.apple.com/library/content/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLaunchdJobs.html
Title: LaunchAgent or LaunchDaemon

Search URL Search Domain Scan URL

URL: https://osquery.io/schema/2.11.2
Title: schema

Search URL Search Domain Scan URL

URL: https://osquery.io/schema/2.11.2#launchd
Title: launchd

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/11/osx-proton-spreading-through-fake-symantec-blog/
Title: common

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/ht204899
Title: System Integrity Protection

Search URL Search Domain Scan URL

URL: https://objective-see.com/blog/blog_0x20.html
Title: Mughthesec

Search URL Search Domain Scan URL

URL: https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/
Title: this blog post

Search URL Search Domain Scan URL

URL: https://github.com/OktaSecurityLabs/CodeSigningSamples
Title: bash_adhoc

Search URL Search Domain Scan URL

URL: https://www.theverge.com/2018/4/12/17228374/apple-macos-32-bit-app-alert
Title: prioritized the use of x86_64 binaries

Search URL Search Domain Scan URL

URL: https://securityneversleeps.net/2018/06/25/hunting-for-bad-apples-part-1/
Title: securityneversleeps.net

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_sidebar--------------------------follow_sidebar-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_sidebar-----22ef2b44c0aa---------------------clap_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_actions_footer-----22ef2b44c0aa---------------------clap_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/p/22ef2b44c0aa/share/twitter?source=post_actions_footer---------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/p/22ef2b44c0aa/share/linkedIn?source=post_actions_footer---------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/p/22ef2b44c0aa/share/facebook?source=post_actions_footer---------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_actions_footer--------------------------bookmark_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=follow_footer-71641bec6012-------------------------follow_footer-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=follow_footer--------------------------follow_footer-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/p/22ef2b44c0aa/responses/show?source=follow_footer--------------------------follow_footer-
Title: See responses (1)

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_recirc-----bee58de48e05----0-----------------clap_preview-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_recirc-----ff74c39615ba----1-----------------clap_preview-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&source=post_recirc-----9a99a781fde7----2-----------------clap_preview-

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----22ef2b44c0aa----------------------
Title: Discover Medium

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----22ef2b44c0aa----------------------
Title: Make Medium yours

Search URL Search Domain Scan URL

URL: https://medium.com/membership?source=post_page-----22ef2b44c0aa----------------------
Title: Become a member

Search URL Search Domain Scan URL

URL: https://help.medium.com/?source=post_page-----22ef2b44c0aa----------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.com/policy/9db0094a1e0f?source=post_page-----22ef2b44c0aa----------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://medium.com/policy/f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa HTTP 302
https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hunting-for-bad-apples-part-1-22ef2b44c0aa Show response
posts.specterops.io/
Redirect Chain

https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa
https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

153 KB
31 KB

498ms
498ms

Document
text/html

52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-46-142.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4013e53c9b942ac7a901f461f2a52f3ed2ea310ed52beea6ae3ecfb4ec5d5702

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Tue, 26 Nov 2019 18:28:53 GMT
content-type: text/html; charset=utf-8
set-cookie: optimizelyEndUserId=lo_KrNKuYWUmqua; path=/; expires=Wed, 25 Nov 2020 18:28:52 GMT; secure uid=lo_KrNKuYWUmqua; path=/; expires=Wed, 25 Nov 2020 18:28:52 GMT; secure; httponly sid=1:C2oF+r1oGGD6XDP1kAo+TrShYHPpBzSDnpiIKUFUnxFJRfXXXgQxFbN9S3fNAPPa; path=/; expires=Wed, 25 Nov 2020 18:28:52 GMT; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; domain=posts.specterops.io; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; domain=.posts.specterops.io; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; domain=posts.specterops.io; secure; httponly, puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; domain=.posts.specterops.io; secure; httponly, puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; secure; httponly
sepia-upstream: production
x-frame-options: allow-from medium.com
medium-fulfilled-by: lite/master-20191125-224605-51e63bbbf9, rito/master-20191125-223833-747a39b34a, tutu/medium-39373
etag: W/"265e8-5Req5ASYZcIynkT1ELEESI/AsjM"
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 366

Redirect headers

status: 302
date: Tue, 26 Nov 2019 18:28:52 GMT
content-type: application/octet-stream
set-cookie: __cfduid=ddf8773b18710a99877ff0abc79b1f3821574792932; expires=Thu, 26-Dec-19 18:28:52 GMT; path=/; domain=.medium.com; HttpOnly uid=lo_KrNKuYWUmqua; Expires=Wed, 25-Nov-20 18:28:52 GMT; Domain=.medium.com; Path=/; Secure; HttpOnly optimizelyEndUserId=lo_KrNKuYWUmqua; path=/; expires=Wed, 25 Nov 2020 18:28:52 GMT; domain=.medium.com; secure sid=1:Nd7gxEX/P0sDWAPFA1LLvfleHGmDxAUvikNMcTOEeYuxBYJ6GWtsZlj/yZcjMHZL; path=/; expires=Wed, 25 Nov 2020 18:28:52 GMT; domain=.medium.com; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; domain=medium.com; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; domain=.medium.com; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; secure; httponly puid=; path=/; expires=Tue, 26 Nov 2019 18:28:51 GMT; domain=.medium.com; secure; httponly __cfruid=0bb3d1c873ee1246766d53d6afecdafad089775a-1574792932; path=/; domain=.medium.com; HttpOnly
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
x-powered-by: Medium
x-obvious-tid: 1574792932454:ee5efe62659a
x-obvious-info: 39375-da7f236,da7f2360fb6
link: <https://medium.com/humans.txt>; rel="humans"
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
pragma: no-cache
location: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3-23=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53bdecb378a8cba0-VIE

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 262 KB
81 KB 28ms
7ms Script
text/javascript 2a02:26f0:6c00:181::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5dbe1e0a5c960eedcec434d7064aca36286e0e421d5eed38d64ceaaf45ba9360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: a_S.xRj9ObfJSNm8WY2.Dy2bMWPk.zL_
content-encoding: gzip
x-amz-request-id: 1CBCEFD7DA7C150C
status: 200
access-control-max-age: 86400
date: Tue, 26 Nov 2019 18:28:53 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 81836
x-amz-id-2: xVQpzrXS+H/Zd2HGIpB1ose0gHQQm+/JXuGGKTLdVpLMuyGbNvmAQ62qwS936aLDsdHKZcP+FRQ=
last-modified: Fri, 22 Nov 2019 00:00:28 GMT
server: AmazonS3
etag: "252c1f5e4e7b4a81f706912f94f78562"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 585
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 m2.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 44 KB
29 KB 62ms
28ms Stylesheet
text/css 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2564
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
access-control-allow-credentials: true
cf-ray: 53bdecb80b62cb98-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Nov 2019 18:27:17 GMT

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/304/ 7 KB
7 KB 83ms
50ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/304/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1315659
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 6883
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb80bf459d6-VIE
expires: Fri, 06 Sep 2019 23:25:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6916
date: Tue, 26 Nov 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 26 Nov 2019 18:33:37 GMT

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 1*TbVj_NLClm8iJQJoCV5kUQ.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 149ms
148ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*TbVj_NLClm8iJQJoCV5kUQ.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

6b5fefc1a4274628904094489bdadd0877f05d62dc410f80afc378ea21ed6757

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3209-f49543a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 4189
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c4a59d6-VIE
expires: Thu, 12 Dec 2019 13:04:51 GMT

GET
H2 200 1*_gOVln5QufpqV_vkb0BNLA.png
miro.medium.com/max/60/ 1 KB
1 KB 210ms
208ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*_gOVln5QufpqV_vkb0BNLA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

35cf91249070ece57dd671e6bc2e2df47f649bd386b27e451fff8874aebf5c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 1200
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c4d59d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*qeu2J5KEMmjKvgLH4WME3w.png
miro.medium.com/max/60/ 2 KB
2 KB 251ms
249ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*qeu2J5KEMmjKvgLH4WME3w.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

6fb7a9d820c890ca0c384bb3c0719bbc6f658300a24394be9c3c12feb53caa96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 1560
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c4e59d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*_sbeT-v6isG6dY2Za8YA6g.png
miro.medium.com/max/60/ 2 KB
2 KB 250ms
248ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*_sbeT-v6isG6dY2Za8YA6g.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

0f8a6b669bde071952f75c4bf9507e1638d109be82099964b67565b694232eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 2256
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c4f59d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*bSbeRvnNixytTFeDcqilqw.png
miro.medium.com/max/60/ 4 KB
4 KB 196ms
195ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*bSbeRvnNixytTFeDcqilqw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

51e92e745bb5749eb3df180b30f27f1d7cf255cab03b0b3de667c6c177175189

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 3631
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5059d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*bj35JDAqYj4OrtcL6jjHSA.png
miro.medium.com/max/60/ 604 B
672 B 223ms
222ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*bj35JDAqYj4OrtcL6jjHSA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

ed321eeff299ab8882ff5408bb52a6407a39061dcc56dcb646592b978b7d5ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 604
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5159d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*Rn3lI63dh6vY1wO-KGHTBA.png
miro.medium.com/max/60/ 938 B
1 KB 175ms
174ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*Rn3lI63dh6vY1wO-KGHTBA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

7bae4a1c0f4de02ea87cd3deaf6246a265ae4cd4e72788d36f4370591e19ff2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 938
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5259d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*ifvUh_M4Iz_uIreAPEGzQA.png
miro.medium.com/max/60/ 474 B
542 B 457ms
456ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ifvUh_M4Iz_uIreAPEGzQA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

218648eb6ddd7af17caca91f8c9fb9866c5973709bc4112a44c23c653f7fc8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 474
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5359d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*xVgrXKXnK_zJ8IeMKea1bg.png
miro.medium.com/max/60/ 1 KB
1 KB 198ms
196ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*xVgrXKXnK_zJ8IeMKea1bg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

3380cfa8c92a582b7f959652f336978551d50e5e7a631dc68253ebab32a87827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 1116
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5559d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*d4OBC_3DFXi3znpfU0IVww.png
miro.medium.com/max/60/ 638 B
706 B 239ms
238ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*d4OBC_3DFXi3znpfU0IVww.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

82e0f89462af5a9abdcfa6ae952e34db8d8963884a3101f2780e8555b9a9592d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 638
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5659d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*jDbU3ztJAYCdsjQ9GPf5ow.png
miro.medium.com/max/60/ 665 B
733 B 250ms
249ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*jDbU3ztJAYCdsjQ9GPf5ow.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

7064792d647bb66608b7948b2dae4bcf0e885efe4f33db511755103456abc254

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 665
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5759d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*WeKDMS1oONB0lRPJWMD99g.png
miro.medium.com/max/60/ 723 B
791 B 252ms
251ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*WeKDMS1oONB0lRPJWMD99g.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

b5282433e799b2abcf1d4de31e3550ca33a583e4be20b5a7985e5580ba22d722

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 723
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5859d6-VIE
expires: Thu, 26 Dec 2019 18:28:53 UTC

GET
H2 200 1*TbVj_NLClm8iJQJoCV5kUQ.jpeg
miro.medium.com/fit/c/160/160/ 9 KB
9 KB 169ms
168ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*TbVj_NLClm8iJQJoCV5kUQ.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

7ca5ccdaa0651ac4fe84c3ef5a484464b951c451c0804955fb6170d47e86d109

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3213-c6eee31
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 9097
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5959d6-VIE
expires: Thu, 26 Dec 2019 10:05:59 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/160/160/ 6 KB
6 KB 31ms
31ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 492348
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 6539
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecb87c5a59d6-VIE
expires: Mon, 29 Jul 2019 06:07:59 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1318393958&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa%3Fgi%3D9844a3d87014&ul=en-us&de=UTF-8&dt=Hunting%20for%20Bad%20Apples%20%E2%80%94%20Part%201%20-%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1035136229&gjid=875034766&cid=2093043520.1574792933&tid=UA-24232453-2&_gid=18078558.1574792933&_r=1&z=1737031643

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Nov 2019 18:28:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 manifest.26031984.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 50ms
45ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.26031984.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

848ec83e1a1bb3118b22bcba65f27ce307e2adeb8bb84028b23659f1a0ead403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69627
cf-ray: 53bdecb8bddccb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: B1F61ABB405035BC
x-amz-id-2: jTHfp0tY2OGUI8w/F0kER6lmmV8FH4Bs5yf3PK12cQp2xCbnFCijSZ/r4TPQlRBYtrbVwDpzv9U=
last-modified: Mon, 25 Nov 2019 22:54:11 GMT
server: cloudflare
etag: W/"9e4d3337c7283116f9475897186fe9b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: UZg.CScbEsfvT5a_AkJkuZu2ej65_4Zc
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 vendors~main.f6d3d928.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 762 KB
199 KB 48ms
44ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e75928fa831f2ef79aa55d257fe5f683ef140daf66fa2eda24724e006a60d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84093
cf-ray: 53bdecb8bdd5cb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: 83EDA79CE3813EBF
x-amz-id-2: aOdJW8EGc0FzI8mdO9BqvE6JX/C5dWCIrhL/5AnU8HpxPh3BbaPRAEwSSBObBDO0UpSkg8Tppmw=
last-modified: Mon, 25 Nov 2019 18:08:57 GMT
server: cloudflare
etag: W/"4d3554645f6e84f6504579ee40e26c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: MEWKkonHLhZiK3TiQTaYnvi7jMu95UkE
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 main.2f78fd69.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 413 KB
95 KB 36ms
33ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.2f78fd69.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6005dbe3652c20af976b0a50fffcec45cd6c2e4de1311b373bbe18d0a057767f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74246
cf-ray: 53bdecb8bdd3cb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: 5A1F0400688A5620
x-amz-id-2: sTyOtdQqxsoeiXddFXL1AKYzGBsMmXLM7ZxAxJs793l0JRWh8mZ6YQpGiOtpZ/JWWKj5zVIlpis=
last-modified: Mon, 25 Nov 2019 21:42:27 GMT
server: cloudflare
etag: W/"0da578d5d07c89b3781d2b0474ca6dee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Bs.0Yr.Orycd88a90AArJ6HaVvEk2xy9
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 vendors~screen.collection.packageBuilder~screen.landingpages.pres45~screen.landingpages.tribute~scre~3e410f11.6e718f1d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 34 KB
15 KB 34ms
30ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~screen.collection.packageBuilder~screen.landingpages.pres45~screen.landingpages.tribute~scre~3e410f11.6e718f1d.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe8d2885e087ad5084fbf1ffb099334d9237ca321826c32453faaac1db174883

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85755
cf-ray: 53bdecb8bddacb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: FBC9F61AFB06C804
x-amz-id-2: ZFeFAiQpwnlsl0GPMp9ihF9/SuM/WDeMN0vBSdOK48Xb3BCpkVGvBPC52v4SQc85F2D+y5lIJNY=
last-modified: Mon, 28 Oct 2019 18:36:52 GMT
server: cloudflare
etag: W/"d8bc59018324ced37b32587074df59a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 7Rk7JBCnd4gxXreF2HH_vTNi7zNQVCDl
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 screen.collection.packageBuilder~screen.landingpages.pres45~screen.landingpages.tribute~screen.post~~73c4bb05.a1b4d916.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 136 KB
35 KB 39ms
36ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.collection.packageBuilder~screen.landingpages.pres45~screen.landingpages.tribute~screen.post~~73c4bb05.a1b4d916.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c13224744590becf192373db4a160c457b034eec7be04cae7eee6afb149b8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74246
cf-ray: 53bdecb8bdd9cb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: E9D7647AEC88F802
x-amz-id-2: VzQs3OQjnmvnypHko49yD71V5LZLM4vtzzbCiJbpBlLzpK2enQExTzHZsmHDedkTwMQdLfY1ds4=
last-modified: Mon, 25 Nov 2019 21:42:31 GMT
server: cloudflare
etag: W/"85bfb8685e5316af7efdc94f679c7d5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Ta9i6zEtcVfV88HD_3RXvT6NNR08UW5.
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.5b1f9621.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 49 KB
14 KB 34ms
31ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.5b1f9621.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f14d4838dddcbaa52775086da3171b0415acfbde9ab55d023a39e438fb0228a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 437669
cf-ray: 53bdecb8bdd6cb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: CD4D124F1FB9787E
x-amz-id-2: omSoBmz9HotsJR6EMX1UPoatAx3nXG31g47CXGDJveaihXMxXCiKjw2OfrTy5L6LgvFvtmyTg/k=
last-modified: Thu, 21 Nov 2019 16:44:31 GMT
server: cloudflare
etag: W/"c7ae9e898abeb6a0eadc11ba6552137b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: TTgegePN41K451GCOlngZCChhKLhFwr_
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 screen.collection.packageBuilder~screen.landingpages.pres45~screen.landingpages.tick~screen.landingp~ed90ee39.d45ebeed.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
5 KB 48ms
46ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.collection.packageBuilder~screen.landingpages.pres45~screen.landingpages.tick~screen.landingp~ed90ee39.d45ebeed.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5419b699ff4578da868df33219b44a65b2a719e309bd27c687c0557642aa55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74246
cf-ray: 53bdecb8fe8acb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: 4D3BD479A3FB4C3B
x-amz-id-2: eIEMPVHzFV5mXTAfTTe5/LppgLUtXRJ4XVAW/1/0EcmNJmyV9wi9Vfs4mtnRyJOf/OYD2F+Ytmg=
last-modified: Mon, 25 Nov 2019 21:42:30 GMT
server: cloudflare
etag: W/"2b6c6fece39039f5a749838a0d1bcda3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: OvAe5bz5CgpurMkAzw5drgBchG2xI7JK
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 screen.post.5378ca79.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 234 KB
55 KB 48ms
48ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/screen.post.5378ca79.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f40d61da7520555624ad409673addadefbaec5942ba84e06e05ce7248cca04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74246
cf-ray: 53bdecb8fe8bcb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: 6DB1704538E5A995
x-amz-id-2: IIOVxkJlgH2obHzPCiwOWj/T4sxGxWAgL/ecgTEYJnUgUjOO7q1ZC7IQxH09N8NQuOtjBxlRO00=
last-modified: Mon, 25 Nov 2019 21:42:32 GMT
server: cloudflare
etag: W/"645c3437ebd603bb40fd2ab14d75760c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: g9lOY6yzZzFIiGj4yzexJG9OuToblPzJ
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 598ms
564ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 53bdecb8f97c599a-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Feb 2020 00:10:43 GMT

GET
H2 200 marat-sans-300-italic.woff
glyph.medium.com/font/24e0824/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 72ms
38ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/24e0824/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/marat-sans-300-italic.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84a548a3f01f6d92045be9ae44e89520ed11505928139d831749385a36aee74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4915220
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 53bdecb8f982599a-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 26 Sep 2020 04:18:01 GMT

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
15 KB 71ms
37ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3030739
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 53bdecb8f980599a-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 15 Sep 2020 08:41:49 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 marat-sans-400-normal.woff
glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 14 KB
15 KB 62ms
39ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 359241
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 53bdecb8f97e599a-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 07 Nov 2020 10:21:30 GMT

POST
H2 200 client-ready Show response
posts.specterops.io/_/lite/performance/ 2 B
243 B 91ms
91ms Fetch
text/plain 52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/client-ready

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2f78fd69.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-46-142.compute-1.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
medium-fulfilled-by: lite/master-20191126-170522-bd428a423b
x-envoy-upstream-service-time: 1
content-length: 2

GET
H2 200 vendors~tracing.28033849.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 32ms
31ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~tracing.28033849.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.26031984.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e2c034706eef3ebf43d927f9219126e167a78c4d86b4994a06243800734056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 938047
cf-ray: 53bdecbbaf1bcb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: 19FBDD52FC2B1B71
x-amz-id-2: 6Lmk4l15XY3Q6wH8U9IM6/r6WDVBEFBSESCMeSD3rf+jx02kBdNfn7QLB48/uIeOXP2J8xG2LLc=
last-modified: Fri, 08 Nov 2019 07:05:09 GMT
server: cloudflare
etag: W/"902dcde18806a1e2b120b8bfe25956dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: uf_5rP058D6ePXUmqt1hAY3KIVOcMw0H
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

GET
H2 200 tracing.a9025c45.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 29ms
29ms Script
application/javascript 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/tracing.a9025c45.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.26031984.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

efcb4fd67352b26e679f0657831686822630c2b9ef81031b1979dd3da8af76b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 938047
cf-ray: 53bdecbbaf1ccb98-VIE
status: 200
alt-svc: h3-23=":443"; ma=86400
x-amz-request-id: 235FCFA356E8D201
x-amz-id-2: Mx4flrYXzEsTrvoYqLQH/U0y/hJp/ktm4hxNgsHak20Z0/kHTbvt/wdrty3asbVxSYh2kcC7fAk=
last-modified: Fri, 01 Nov 2019 21:45:25 GMT
server: cloudflare
etag: W/"7331a559d848298f31b75d6d2ac6a533"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: _zQqAJLuZIJOmMTEGNCl2ltzatNWz..c
vary: Accept-Encoding
cache-control: max-age=31536000
content-type: application/javascript

POST
H2 200 graphql Show response
posts.specterops.io/_/ 94 B
640 B 215ms
215ms Fetch
application/json 52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-46-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0dae47904a6e3fd9d9dd006122fdd974079948d65bd1c9bc8a8bcf09cff8b5f3

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Medium-Frontend-App: lite/master-20191125-224605-51e63bbbf9
apollographql-client-version: master-20191125-224605-51e63bbbf9

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
sepia-upstream: production
server: nginx
etag: W/"5e-kbyNV9l/lFQvA8QCCFec9aeVFEs"
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: rito/master-20191126-144320-a05edb50a5, tutu/medium-39373
x-envoy-upstream-service-time: 125
content-length: 94
x-request-received-at: 1574792933975

POST
H2 200 graphql Show response
posts.specterops.io/_/ 4 KB
2 KB 522ms
521ms Fetch
application/json 52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-46-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f7f4d05c2d0f89dd41b6f4d15f37bee34c8a2f85c76db9552c352dcf00223a51

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Graphql-Operation: PostRecircQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Medium-Frontend-App: lite/master-20191125-224605-51e63bbbf9
apollographql-client-version: master-20191125-224605-51e63bbbf9

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
content-encoding: gzip
sepia-upstream: production
server: nginx
etag: W/"1049-jUz699YlQNCWEYy4frzkT5h2Nxw"
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: rito/master-20191126-144320-a05edb50a5, tutu/medium-39373
x-envoy-upstream-service-time: 430
x-request-received-at: 1574792934134

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 41 KB
17 KB 19ms
6ms Script
application/x-javascript 13.224.197.33
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2f78fd69.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.33 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-33.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 58711bafae315df048e1bc0c36ae1dfd017810b34fd9b4b021f774694397baad

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 18:19:05 GMT
Content-Encoding: gzip
Age: 589
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Mon, 07 Oct 2019 18:17:48 GMT
Server: nginx
ETag: "5d9b814c-a469"
Content-Type: application/x-javascript
Via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: w11lSK0pupUubi1sfrIp5zMt_i6zDW5JEBMGkFemwul_bhpZx8RjSQ==
Expires: Wed, 27 Nov 2019 18:19:04 GMT

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/152/ 3 KB
3 KB 30ms
28ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/152/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

a57e16ea62acdc89a8b4e6defed5ac7097955913d59f667b8a0b6dc2866588c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 441265
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3203-7aaf868
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 3171
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea7559d6-VIE
expires: Wed, 16 Oct 2019 08:12:37 GMT

GET
H2 200 1*TbVj_NLClm8iJQJoCV5kUQ.jpeg
miro.medium.com/fit/c/48/48/ 2 KB
2 KB 161ms
158ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/48/48/1*TbVj_NLClm8iJQJoCV5kUQ.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

6f4f8e37a2faedf1a1ffced75f28cad6a587e3d792d4fcbdbe8f39639c02b802

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3213-c6eee31
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 1702
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea7959d6-VIE
expires: Wed, 25 Dec 2019 23:34:24 GMT

GET
H2 200 1*_gOVln5QufpqV_vkb0BNLA.png
miro.medium.com/max/30/ 333 B
401 B 541ms
538ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*_gOVln5QufpqV_vkb0BNLA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

2bf7d8cf421ebf056d4dd59f4847573096c1382fb6123d572c3c4165388c3794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 333
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea7a59d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*qeu2J5KEMmjKvgLH4WME3w.png
miro.medium.com/max/30/ 430 B
500 B 210ms
208ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*qeu2J5KEMmjKvgLH4WME3w.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

2eb5361b2fa92ef189fffa66b777437b620b7b54c77ea9ef3430837ada9bba59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 430
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea7c59d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*_sbeT-v6isG6dY2Za8YA6g.png
miro.medium.com/max/30/ 661 B
729 B 209ms
207ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*_sbeT-v6isG6dY2Za8YA6g.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

6164751ebec2d5e28bac90c88c9a22b625032e47e3b708e74a5c4e0de7e67e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 661
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea7e59d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*bSbeRvnNixytTFeDcqilqw.png
miro.medium.com/max/30/ 1012 B
1 KB 189ms
188ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*bSbeRvnNixytTFeDcqilqw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

a192e6bab34dfdd75287bce09a31a86c1efb6537f26a5bc8141021c860fb901b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 1012
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea7f59d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*bj35JDAqYj4OrtcL6jjHSA.png
miro.medium.com/max/30/ 228 B
295 B 207ms
205ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*bj35JDAqYj4OrtcL6jjHSA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

02db40856ab3f434c8303cd065d3a527a38b22a027f68f0cc297cfa98aa93891

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 228
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8059d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*Rn3lI63dh6vY1wO-KGHTBA.png
miro.medium.com/max/30/ 328 B
540 B 174ms
173ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*Rn3lI63dh6vY1wO-KGHTBA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

ef624140bc3fbd07b35068f3bde489bf9509ad70f456f8967852a6a4ced9b97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 328
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8159d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*ifvUh_M4Iz_uIreAPEGzQA.png
miro.medium.com/max/30/ 185 B
255 B 247ms
246ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*ifvUh_M4Iz_uIreAPEGzQA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

e2265b06d28908a165a9bfb1abb65b9ebfdc70d8a6cc83ba3f145a3aa6743349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 185
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8259d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*xVgrXKXnK_zJ8IeMKea1bg.png
miro.medium.com/max/30/ 375 B
443 B 205ms
203ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*xVgrXKXnK_zJ8IeMKea1bg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

dd0bd891e9ec30b2b489183c0f4ec06dc9ea61c02ab0f963bcdba2db7fde2ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 375
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8359d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*d4OBC_3DFXi3znpfU0IVww.png
miro.medium.com/max/30/ 252 B
319 B 207ms
205ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*d4OBC_3DFXi3znpfU0IVww.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

e757f2a79521e00ebc2af4e8bc8268a77c84885122c8d8c7a9058c1e5ef80462

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 252
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8659d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*jDbU3ztJAYCdsjQ9GPf5ow.png
miro.medium.com/max/30/ 221 B
288 B 189ms
188ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*jDbU3ztJAYCdsjQ9GPf5ow.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

2962f3cddb3c6778b33cbf9425ba7222cdd3e362d09b2c5bb518a17bd042bca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 221
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8859d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*WeKDMS1oONB0lRPJWMD99g.png
miro.medium.com/max/30/ 256 B
346 B 454ms
453ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/30/1*WeKDMS1oONB0lRPJWMD99g.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

52f70d418296c24e0b786eb13ac4aec4d7d6b800ad9dc45367b1e78bf7ec4dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3214-055879b
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 256
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8959d6-VIE
expires: Thu, 26 Dec 2019 18:28:54 UTC

GET
H2 200 1*TbVj_NLClm8iJQJoCV5kUQ.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 139ms
138ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*TbVj_NLClm8iJQJoCV5kUQ.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

31b9cbe3d751d5d54e72e1793d03a6f7f486d012eacbd824383d69cd90ad8ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3213-c6eee31
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 3204
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8b59d6-VIE
expires: Wed, 25 Dec 2019 19:34:07 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 36ms
35ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 441265
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3209-f49543a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 2735
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbeea8c59d6-VIE
expires: Thu, 12 Dec 2019 12:02:57 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
13ms Image
image/gif 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1318393958&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&ul=en-us&de=UTF-8&dt=Hunting%20for%20Bad%20Apples%20%E2%80%94%20Part%201%20-%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEDAAEAB~&jid=1826599501&gjid=1786387982&cid=2093043520.1574792933&tid=UA-102239211-2&_gid=18078558.1574792933&_r=1&z=763785717

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 34ms
12ms Script
text/javascript 13.225.78.41
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e013976876f923b5d747b79501cd38255f1876399c5e9b5a8f995dec0291ab7

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: z8HvpISR3mptTBbKeuNdWa0yABs8A72w
Content-Encoding: gzip
Last-Modified: Tue, 29 Oct 2019 00:06:03 GMT
Server: AmazonS3
Age: 54
ETag: "18c281260fef78c97f0b9613cfd9df40"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Tue, 26 Nov 2019 18:28:00 GMT
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Content-Length: 21884
X-Amz-Cf-Id: Yf1vmpZI6CyijioebZMeWLmIgHMZ4IuGnxYRZ61KE8GRhlqdwedQFA==

GET
H2 200 1*_sbeT-v6isG6dY2Za8YA6g.png
miro.medium.com/max/1248/ 308 KB
308 KB 144ms
144ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1248/1*_sbeT-v6isG6dY2Za8YA6g.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

d658e6fd7a36227976a0f27af2fda3659a1aa771a4cc85ddbd8e45a68b57d733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3213-c6eee31
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 315237
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbfab1959d6-VIE
expires: Thu, 26 Dec 2019 15:16:05 GMT

GET
H2 200 1*_gOVln5QufpqV_vkb0BNLA.png
miro.medium.com/max/1248/ 339 KB
339 KB 165ms
165ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1248/1*_gOVln5QufpqV_vkb0BNLA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

f5b62e65df67c2a0a9310a833bbf385aaded36cfd074a64f57834ca7470658c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3213-c6eee31
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 346734
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbfab1a59d6-VIE
expires: Thu, 26 Dec 2019 15:16:05 GMT

GET
H2 200 1*qeu2J5KEMmjKvgLH4WME3w.png
miro.medium.com/max/1193/ 71 KB
71 KB 829ms
828ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1193/1*qeu2J5KEMmjKvgLH4WME3w.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

f7a964a9f6481ddc4f3889565c8c29cb92a2a30859ec31926fd6cc653b3be76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3213-c6eee31
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 72716
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecbfab1b59d6-VIE
expires: Thu, 26 Dec 2019 15:16:05 GMT

GET
H/1.1 200
OK / Show response
srv-2019-11-26-18.pixel.parsely.com/start/ 77 B
380 B 349ms
86ms Script
application/json 54.158.46.6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2019-11-26-18.pixel.parsely.com/start/?rand=1574792934444&plid=95283379&idsite=medium.com&url=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&sref=&sts=1574792934431&slts=0&title=Hunting+for+Bad+Apples+%E2%80%94+Part+1+-+Posts+By+SpecterOps+Team+Members&date=Tue+Nov+26+2019+19%3A28%3A54+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&js=1&pvid=49718545&callback=parselyStartCallback
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.46.6 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-158-46-6.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ebebdea66a9c18e14f9da69a4053ec448ab839ca553e6338c1c7d2b3a288a1eb

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 18:28:54 GMT
Server: nginx
Connection: keep-alive
Content-Type: application/json
Content-Length: 77
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
728 B 221ms
174ms Script
text/javascript 2600:9000:21f3:f400:19:9934:6a80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.52.2&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:f400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

54664d792930bfe1ce04add361b2c3501189f551ae328b55a43edb18d7e6d985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 18:28:54 GMT
Via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA2-C2
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-jDUoKceRUCaYZm1XevHcjjw/F/E"
X-Amz-Cf-Id: UYzOUZGoH-nYUFNgLAZeYGkJqIvHdk78_OUE7ezzr3ZGHfnquW25Sw==

GET
H2 200 1*HUuIXzzmiLidwQHi6Hd3nw.jpeg
miro.medium.com/fit/c/40/40/ 1 KB
1 KB 29ms
29ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*HUuIXzzmiLidwQHi6Hd3nw.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

dcc0a191c6382c7f6cf4e206dc7397174d03e8402883f9bd699399107232f316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245502
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3209-f49543a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 1422
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecc20d1e59d6-VIE
expires: Thu, 12 Dec 2019 12:02:57 GMT

GET
H2 200 0*6mGXmQSDMYyKuVUK.jpg
miro.medium.com/fit/c/40/40/ 1 KB
2 KB 29ms
28ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/0*6mGXmQSDMYyKuVUK.jpg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

8adc9714b03a7fcf0893913cb5a9b828e093ae2caa2a555b0753f6d8c60fb2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 474124
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3210-6a9380d
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 1428
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecc20d2059d6-VIE
expires: Wed, 18 Dec 2019 09:08:55 GMT

GET
H2 200 1*9WbXEpOxOhaMq99CwG1ESQ.png
miro.medium.com/fit/c/40/40/ 3 KB
4 KB 27ms
27ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*9WbXEpOxOhaMq99CwG1ESQ.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

5f02985da4d4892097c8777c56606f2ba27a3114c534e19e659679661dc0841f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 381534
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 3547
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecc20d2159d6-VIE
expires: Fri, 19 Jul 2019 08:54:39 GMT

GET
H2 200 1*dy7MvBD79mkCTajDbSssBw.jpeg
miro.medium.com/max/328/ 21 KB
21 KB 29ms
29ms Image
image/jpeg 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/328/1*dy7MvBD79mkCTajDbSssBw.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

414da0483803cf8d292a313b5cbbe7bfcb09b7b75349402fd7ce218c0d913367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 540589
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 21466
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecc20d2859d6-VIE
expires: Sat, 20 Jul 2019 22:27:49 GMT

GET
H2 200 1*_yKdMthPwVpKYyHZnvrKJQ.png
miro.medium.com/max/328/ 56 KB
56 KB 44ms
44ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/328/1*_yKdMthPwVpKYyHZnvrKJQ.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

2704176598d62aee26360a6fdb451049b0e73431d6b158da7a2eb5ccc01a5473

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1220648
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3196-7da812a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 57184
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecc20d2959d6-VIE
expires: Wed, 11 Dec 2019 12:12:19 GMT

GET
H2 200 1*ezJx8ZEu1Va14iscq_h5Gg.png
miro.medium.com/max/328/ 11 KB
11 KB 44ms
44ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/328/1*ezJx8ZEu1Va14iscq_h5Gg.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

5f9fe35f3fdf604f7d71cd7a924898d6d031975a0bec5fc4d3e7ca1ac436cfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa?gi=9844a3d87014
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 124999
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3209-f49543a
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 11065
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecc21d2a59d6-VIE
expires: Thu, 12 Dec 2019 11:47:26 GMT

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 19 KB
19 KB 26ms
25ms Font
application/font-woff 2606:4700::6810:7991
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/fell-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

087316f29690e0a35f6642721fb9bf8d05bb9cbac3bbb30c822ba878ff7965d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 359236
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 53bdecc21a7a599a-VIE
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 09 Sep 2020 07:47:33 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
599 B 203ms
164ms XHR
application/json 2600:9000:21f3:5c00:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: d5cace1fc9d3c3f77318540f422d449029b54640a50341e9598b2b365e5c7b7b

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Nov 2019 18:28:54 GMT
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 312
x-amz-cf-id: j1nUCJxlt5q1BreggzVEz2eZRwUiHzWyR-fVXNt4U5NpG1vVy_t_5A==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
362 B 189ms
189ms XHR
application/json 2600:9000:21f3:5c00:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Nov 2019 18:28:55 GMT
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: ZXYUZeVR0oUEXalLWzVyVV1_mEKwyp8jpQm7tRq50PQmSU6NDREK-Q==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
361 B 176ms
175ms XHR
application/json 2600:9000:21f3:5c00:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Nov 2019 18:28:55 GMT
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: TlrrUeW3LgYq0rKskMqTih0KNWUtSMeLCvDQ7866xc9EamHiNGFqxA==

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
411 B 350ms
87ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 26 Nov 2019 18:28:55 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://posts.specterops.io
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

POST
H2 200 render Show response
posts.specterops.io/_/lite/performance/ 2 B
244 B 98ms
98ms Fetch
text/plain 52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/render

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2f78fd69.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-46-142.compute-1.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Nov 2019 18:28:55 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
medium-fulfilled-by: lite/master-20191125-224605-51e63bbbf9
x-envoy-upstream-service-time: 1
content-length: 2

GET
H2 200 1*qeu2J5KEMmjKvgLH4WME3w.png
miro.medium.com/max/1193/ 71 KB
71 KB 24ms
24ms Image
image/png 2606:4700::6810:7691
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1193/1*qeu2J5KEMmjKvgLH4WME3w.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

f7a964a9f6481ddc4f3889565c8c29cb92a2a30859ec31926fd6cc653b3be76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 18:28:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3213-c6eee31
status: 200
alt-svc: h3-23=":443"; ma=86400
content-length: 72716
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 53bdecc5181159d6-VIE
expires: Thu, 26 Dec 2019 15:16:05 GMT

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
174 B 306ms
88ms XHR
text/plain 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Tue, 26 Nov 2019 18:28:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
245 B 87ms
87ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://posts.specterops.io
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Tue, 26 Nov 2019 18:28:55 GMT
Content-Type: text/plain

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 88ms
87ms XHR
application/json 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: e7d4fc44acb5471e0ef52faedb85bdc3aca160e740701b4774b9ad53b705a0ad

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 26 Nov 2019 18:28:55 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
174 B 88ms
87ms XHR
text/plain 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Tue, 26 Nov 2019 18:28:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 88ms
88ms XHR
application/json 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: bbcba9d17f1882f54944f02ebcb9bc7749ceca68d6702386c1ec7264e483cf7c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 26 Nov 2019 18:28:56 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
174 B 88ms
87ms XHR
text/plain 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Tue, 26 Nov 2019 18:28:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 88ms
88ms XHR
application/json 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: 34ec062b46c806f98d30e2988c48a753046f29aea6576cf60b62b90ef534a118

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 26 Nov 2019 18:28:56 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
174 B 88ms
88ms XHR
text/plain 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Tue, 26 Nov 2019 18:28:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 88ms
88ms XHR
application/json 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: ed53063d1f3ad4b1988795bcfab47fb1e6323681c9ae9eeab97d7fa9eef79a9e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 26 Nov 2019 18:28:57 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

POST
H2 409 batch
posts.specterops.io/_/ 10 KB
0 122ms
122ms Fetch
text/html 52.6.46.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.2f78fd69.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.46.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-46-142.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://getpocket.com https://posts.specterops.io https://.posts.specterops.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options
X-Xss-Protection	1; mode=block

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://posts.specterops.io https://*.posts.specterops.io https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 39375-da7f236,da7f2360fb6
status: 409
content-length: 10152
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1574792938765:cd981c9bc750
server: nginx
date: Tue, 26 Nov 2019 18:28:58 GMT
x-frame-options
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

OPTIONS
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 0
174 B 87ms
87ms XHR
text/plain 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.f6d3d928.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://posts.specterops.io
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,lightstep-access-token

Response headers

status: 200
date: Tue, 26 Nov 2019 18:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 0
access-control-allow-methods: POST

POST
H2 200 reports Show response
collector-medium.lightstep.com/api/v0/ 113 B
311 B 88ms
88ms XHR
application/json 54.164.26.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-medium.lightstep.com/api/v0/reports
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-26-255.compute-1.amazonaws.com
Software: /
Resource Hash: 2a52e06dabcdfa1b6b72e394dc614ebf33278614fa74efcae6f7823771279434

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
Origin: https://posts.specterops.io
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 26 Nov 2019 18:28:59 GMT
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
content-length: 113

GET
H/1.1 200
OK /
srv-2019-11-26-18.pixel.parsely.com/event/ 43 B
385 B 87ms
87ms Image
image/gif 54.158.46.6
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2019-11-26-18.pixel.parsely.com/event/?rand=1574792944934&plid=95283379&idsite=medium.com&url=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fposts.specterops.io%2Fhunting-for-bad-apples-part-1-22ef2b44c0aa&sref=&sts=1574792944934&slts=0&date=Tue+Nov+26+2019+19%3A29%3A04+GMT%2B0100+(Central+European+Standard+Time)&action=heartbeat&inc=5&tt=4901&pvid=49718545&u=pid%3Df5e1e69e4e4276153aeffca0e94759f5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.46.6 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-158-46-6.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 18:29:04 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="CUR ADM OUR NOR STA NID"

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
posts.specterops.io/	1970-01-19 05:36:37	Name: lightstep_guid/lite-web Value: 63d1319f265ec2ea
.specterops.io/	1970-01-19 05:26:32	Name: _gat_tracker0 Value: 1
.specterops.io/	1970-01-19 14:55:56	Name: _parsely_visitor Value: {%22id%22:%22pid=f5e1e69e4e4276153aeffca0e94759f5%22%2C%22session_count%22:1%2C%22last_session_ts%22:1574792934431}
.specterops.io/	1970-01-19 05:26:34	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://posts.specterops.io/hunting-for-bad-apples-part-1-22ef2b44c0aa%22%2C%22sref%22:%22%22%2C%22sts%22:1574792934431%2C%22slts%22:0}
.specterops.io/	1970-01-19 05:26:32	Name: _gat Value: 1
posts.specterops.io/	1970-01-19 14:12:08	Name: uid Value: lo_KrNKuYWUmqua
.specterops.io/	1970-01-19 05:27:59	Name: _gid Value: GA1.2.18078558.1574792933
.specterops.io/	1970-01-19 22:57:44	Name: _ga Value: GA1.2.2093043520.1574792933
posts.specterops.io/	1970-01-19 14:12:08	Name: sid Value: 1:C2oF+r1oGGD6XDP1kAo+TrShYHPpBzSDnpiIKUFUnxFJRfXXXgQxFbN9S3fNAPPa
posts.specterops.io/	1970-01-19 05:36:37	Name: lightstep_session_id Value: 12bc5553256af422
posts.specterops.io/	1970-01-19 14:12:08	Name: optimizelyEndUserId Value: lo_KrNKuYWUmqua

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.2f78fd69.chunk.js(Line 1) Message: -+++++= .+++++= .+@@@@@+ #@@@@: .@@@@@= @@@@@ @+@@@@- =#@@@@@ @ +@@@@: :% @@@@@ @ @@@@-%: @@@@@ @ @@@@- @@@@@ -@- #@@+ :@@@@@: -#@@@#- ## =@@@@@@@= ....... .........
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.2f78fd69.chunk.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	allow-from medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
collector-medium.lightstep.com
d1z2jf7jlzjs58.cloudfront.net
errors.client.optimizely.com
glyph.medium.com
medium.com
miro.medium.com
posts.specterops.io
srv-2019-11-26-18.pixel.parsely.com
www.google-analytics.com
13.224.197.33
13.225.78.41
2600:9000:21f3:5c00:11:f728:3040:93a1
2600:9000:21f3:f400:19:9934:6a80:93a1
2606:4700::6810:7691
2606:4700::6810:787f
2606:4700::6810:7991
2a00:1450:4001:81c::200e
2a02:26f0:6c00:181::13b8
3.225.17.244
52.6.46.142
54.158.46.6
54.164.26.255
02db40856ab3f434c8303cd065d3a527a38b22a027f68f0cc297cfa98aa93891
087316f29690e0a35f6642721fb9bf8d05bb9cbac3bbb30c822ba878ff7965d8
087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6
0dae47904a6e3fd9d9dd006122fdd974079948d65bd1c9bc8a8bcf09cff8b5f3
0f8a6b669bde071952f75c4bf9507e1638d109be82099964b67565b694232eee
12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
218648eb6ddd7af17caca91f8c9fb9866c5973709bc4112a44c23c653f7fc8bb
2704176598d62aee26360a6fdb451049b0e73431d6b158da7a2eb5ccc01a5473
2962f3cddb3c6778b33cbf9425ba7222cdd3e362d09b2c5bb518a17bd042bca5
2a52e06dabcdfa1b6b72e394dc614ebf33278614fa74efcae6f7823771279434
2bf7d8cf421ebf056d4dd59f4847573096c1382fb6123d572c3c4165388c3794
2eb5361b2fa92ef189fffa66b777437b620b7b54c77ea9ef3430837ada9bba59
31b9cbe3d751d5d54e72e1793d03a6f7f486d012eacbd824383d69cd90ad8ba9
3380cfa8c92a582b7f959652f336978551d50e5e7a631dc68253ebab32a87827
34ec062b46c806f98d30e2988c48a753046f29aea6576cf60b62b90ef534a118
35cf91249070ece57dd671e6bc2e2df47f649bd386b27e451fff8874aebf5c0d
386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572
3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51
4013e53c9b942ac7a901f461f2a52f3ed2ea310ed52beea6ae3ecfb4ec5d5702
414da0483803cf8d292a313b5cbbe7bfcb09b7b75349402fd7ce218c0d913367
4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173
51e92e745bb5749eb3df180b30f27f1d7cf255cab03b0b3de667c6c177175189
52f70d418296c24e0b786eb13ac4aec4d7d6b800ad9dc45367b1e78bf7ec4dc7
54664d792930bfe1ce04add361b2c3501189f551ae328b55a43edb18d7e6d985
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58711bafae315df048e1bc0c36ae1dfd017810b34fd9b4b021f774694397baad
5dbe1e0a5c960eedcec434d7064aca36286e0e421d5eed38d64ceaaf45ba9360
5f02985da4d4892097c8777c56606f2ba27a3114c534e19e659679661dc0841f
5f9fe35f3fdf604f7d71cd7a924898d6d031975a0bec5fc4d3e7ca1ac436cfc9
6005dbe3652c20af976b0a50fffcec45cd6c2e4de1311b373bbe18d0a057767f
6164751ebec2d5e28bac90c88c9a22b625032e47e3b708e74a5c4e0de7e67e5b
6b5fefc1a4274628904094489bdadd0877f05d62dc410f80afc378ea21ed6757
6f4f8e37a2faedf1a1ffced75f28cad6a587e3d792d4fcbdbe8f39639c02b802
6fb7a9d820c890ca0c384bb3c0719bbc6f658300a24394be9c3c12feb53caa96
7064792d647bb66608b7948b2dae4bcf0e885efe4f33db511755103456abc254
7bae4a1c0f4de02ea87cd3deaf6246a265ae4cd4e72788d36f4370591e19ff2b
7ca5ccdaa0651ac4fe84c3ef5a484464b951c451c0804955fb6170d47e86d109
82e0f89462af5a9abdcfa6ae952e34db8d8963884a3101f2780e8555b9a9592d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848ec83e1a1bb3118b22bcba65f27ce307e2adeb8bb84028b23659f1a0ead403
84a548a3f01f6d92045be9ae44e89520ed11505928139d831749385a36aee74c
8adc9714b03a7fcf0893913cb5a9b828e093ae2caa2a555b0753f6d8c60fb2ef
8e75928fa831f2ef79aa55d257fe5f683ef140daf66fa2eda24724e006a60d3a
99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8
9e013976876f923b5d747b79501cd38255f1876399c5e9b5a8f995dec0291ab7
a192e6bab34dfdd75287bce09a31a86c1efb6537f26a5bc8141021c860fb901b
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a57e16ea62acdc89a8b4e6defed5ac7097955913d59f667b8a0b6dc2866588c2
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b5282433e799b2abcf1d4de31e3550ca33a583e4be20b5a7985e5580ba22d722
bbcba9d17f1882f54944f02ebcb9bc7749ceca68d6702386c1ec7264e483cf7c
c13224744590becf192373db4a160c457b034eec7be04cae7eee6afb149b8e60
c5419b699ff4578da868df33219b44a65b2a719e309bd27c687c0557642aa55c
c9e2c034706eef3ebf43d927f9219126e167a78c4d86b4994a06243800734056
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5cace1fc9d3c3f77318540f422d449029b54640a50341e9598b2b365e5c7b7b
d658e6fd7a36227976a0f27af2fda3659a1aa771a4cc85ddbd8e45a68b57d733
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcc0a191c6382c7f6cf4e206dc7397174d03e8402883f9bd699399107232f316
dd0bd891e9ec30b2b489183c0f4ec06dc9ea61c02ab0f963bcdba2db7fde2ea2
df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f
e2265b06d28908a165a9bfb1abb65b9ebfdc70d8a6cc83ba3f145a3aa6743349
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e757f2a79521e00ebc2af4e8bc8268a77c84885122c8d8c7a9058c1e5ef80462
e7d4fc44acb5471e0ef52faedb85bdc3aca160e740701b4774b9ad53b705a0ad
ebebdea66a9c18e14f9da69a4053ec448ab839ca553e6338c1c7d2b3a288a1eb
ed321eeff299ab8882ff5408bb52a6407a39061dcc56dcb646592b978b7d5ad6
ed53063d1f3ad4b1988795bcfab47fb1e6323681c9ae9eeab97d7fa9eef79a9e
ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3
ef624140bc3fbd07b35068f3bde489bf9509ad70f456f8967852a6a4ced9b97e
efcb4fd67352b26e679f0657831686822630c2b9ef81031b1979dd3da8af76b3
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f14d4838dddcbaa52775086da3171b0415acfbde9ab55d023a39e438fb0228a2
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
f5b62e65df67c2a0a9310a833bbf385aaded36cfd074a64f57834ca7470658c7
f5f40d61da7520555624ad409673addadefbaec5942ba84e06e05ce7248cca04
f7a964a9f6481ddc4f3889565c8c29cb92a2a30859ec31926fd6cc653b3be76e
f7f4d05c2d0f89dd41b6f4d15f37bee34c8a2f85c76db9552c352dcf00223a51
fe8d2885e087ad5084fbf1ffb099334d9237ca321826c32453faaac1db174883

posts.specterops.io Open in urlscan Pro 52.6.46.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

54 %IPv6

9 Domains

14 Subdomains

13 IPs

3 Countries

1682 kBTransfer

3376 kBSize

11 Cookies

46 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

posts.specterops.io Open in urlscan Pro
52.6.46.142 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

54 %
IPv6

9
Domains

14
Subdomains

13
IPs

3
Countries

1682 kB
Transfer

3376 kB
Size

11
Cookies

86 HTTP transactions
4 data transactions