blog.confiant.com Open in urlscan Pro
52.5.181.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-stea...
Effective URL:
https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-stea...
Submission: On September 19 via api (September 19th 2022, 2:38:54 pm UTC) from US — Scanned from DE

Summary HTTP 182 Redirects Links 99 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 182 HTTP transactions. The main IP is 52.5.181.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is blog.confiant.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 5th 2022. Valid for: a year.

This is the only time blog.confiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	52.5.181.79 52.5.181.79	14618 (AMAZON-AES) (AMAZON-AES)
1 150	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.38 13.225.78.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.45 108.138.17.45	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:b600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	34.204.155.126 34.204.155.126	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:210... 2600:9000:2104:ee00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
182	8

19 52.5.181.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-79.compute-1.amazonaws.com

blog.confiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

150 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-38.fra2.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-45.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:b600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.204.155.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-155-126.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2104:ee00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
150	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 9076 glyph.medium.com — Cisco Umbrella Rank: 19480 miro.medium.com — Cisco Umbrella Rank: 12118 cdn-client.medium.com — Cisco Umbrella Rank: 20348	5 MB
19	confiant.com 1 redirects blog.confiant.com	77 KB
7	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 16586 api.sprig.com — Cisco Umbrella Rank: 8445	70 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 950 api2.branch.io — Cisco Umbrella Rank: 621	25 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	app.link app.link — Cisco Umbrella Rank: 1757	595 B
182	6

	Domain	Requested by
97	miro.medium.com	blog.confiant.com cdn-client.medium.com
42	cdn-client.medium.com	blog.confiant.com cdn-client.medium.com
19	blog.confiant.com	1 redirects cdn-client.medium.com
10	glyph.medium.com	blog.confiant.com glyph.medium.com
6	api.sprig.com	cdn-client.medium.com
4	api2.branch.io	cdn-client.medium.com
2	www.google-analytics.com	blog.confiant.com cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	blog.confiant.com
1	cdn.sprig.com	blog.confiant.com
1	medium.com	1 redirects
182	11

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
lordx64.medium.com
mydramalist.com
unsplash.com
www.confiant.com
daomu-biji.fandom.com
moralis.io
twitter.com
github.com
www.cydiasubstrate.com
theos.dev
www.youtube.com
bat0san.medium.com
mbombard.medium.com
shiory602.medium.com
sailaway67.medium.com
foongminwong.medium.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com
o1labs.medium.com
blog.o1labs.org
sm4rty.medium.com
heliumfoundation.medium.com
officercia.medium.com
medium.statuspage.io
about.medium.com
blog.medium.com
knowable.fyi

Subject Issuer	Validity	Valid
blog.confiant.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-05` - `2023-07-05`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-08-25` - `2022-11-23`	3 months	crt.sh
api.sprig.com Amazon	`2022-09-16` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
app.sprig.com Amazon	`2022-03-01` - `2023-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
Frame ID: ECA93881668F9D14C69DDA1EE0C61ED0
Requests: 179 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How SeaFlower 藏海花 installs backdoors in iOS/Android web3 wallets to steal your seed phrase | by taha aka "lordx64" | Confiant

Page URL History Show full URLs

https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-... HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflowe... HTTP 302
https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

182
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

8
IPs

2
Countries

5318 kB
Transfer

7651 kB
Size

10
Cookies

99 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?$canonical_url=https%3A%2F%2Fmedium.com/p/d25f0ccdffce&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&source=post_page--------------------------nav_reg-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&source=post_page--------------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fnotifications&source=--------------------------notifications_sidenav-----------
Title: Notifications

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Flists&source=--------------------------lists_sidenav-----------
Title: Lists

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fstories%2Fdrafts&source=--------------------------stories_sidenav-----------
Title: Stories

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=--------------------------new_post_sidenav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://lordx64.medium.com/?source=post_page-----d25f0ccdffce--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F74f7de1013c&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&user=taha+aka+%22lordx64%22&userId=74f7de1013c&source=post_page-74f7de1013c----d25f0ccdffce---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fd25f0ccdffce&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&source=--------------------------bookmark_header-----------

Search URL Search Domain Scan URL

URL: https://mydramalist.com/56837-can-hai-hua
Title: 藏海花

Search URL Search Domain Scan URL

URL: https://unsplash.com/@stereophototyp?utm_source=medium&utm_medium=referral
Title: Sara Kurfeß

Search URL Search Domain Scan URL

URL: https://unsplash.com/?utm_source=medium&utm_medium=referral
Title: Unsplash

Search URL Search Domain Scan URL

URL: https://www.confiant.com/
Title: Confiant

Search URL Search Domain Scan URL

URL: https://daomu-biji.fandom.com/wiki/Zhang_Haike
Title: character

Search URL Search Domain Scan URL

URL: https://daomu-biji.fandom.com/wiki/Tibetan_Sea_Flower_(Zang_Hai_Hua)
Title: novel

Search URL Search Domain Scan URL

URL: https://moralis.io/what-is-a-web3-wallet-web3-wallets-explained/
Title: web3 wallets

Search URL Search Domain Scan URL

URL: https://twitter.com/CoinbaseWallet
Title: Coinbase Wallet

Search URL Search Domain Scan URL

URL: https://twitter.com/MetaMask
Title: MetaMask

Search URL Search Domain Scan URL

URL: https://twitter.com/TokenPocket_TP
Title: TokenPocket

Search URL Search Domain Scan URL

URL: https://twitter.com/imTokenOfficial
Title: imToken

Search URL Search Domain Scan URL

URL: https://github.com/AloneMonkey
Title: AloneMonkey

Search URL Search Domain Scan URL

URL: https://github.com/AloneMonkey/MonkeyDev-Xcode-Templates
Title: https://github.com/AloneMonkey/MonkeyDev-Xcode-Templates

Search URL Search Domain Scan URL

URL: https://github.com/omxcodec
Title: omxcodec

Search URL Search Domain Scan URL

URL: https://github.com/AloneMonkey/MonkeyDev-Xcode-Templates/blob/master/MonkeyAppLibrary.xctemplate/Trace/OCMethodTrace.h
Title: https://github.com/AloneMonkey/MonkeyDev-Xcode-Templates/blob/master/MonkeyAppLibrary.xctemplate/Trace/OCMethodTrace.h

Search URL Search Domain Scan URL

URL: http://www.cydiasubstrate.com/api/c/MSHookMessageEx/
Title: MSHookMessageEx

Search URL Search Domain Scan URL

URL: https://theos.dev/docs/
Title: Theos

Search URL Search Domain Scan URL

URL: https://github.com/facebook/react-native/blob/main/React/Base/RCTJavaScriptLoader.h
Title: RCTJavascriptLoader

Search URL Search Domain Scan URL

URL: https://github.com/xialun/RSAClass
Title: https://github.com/xialun/RSAClass

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=tX2lg59Wm7g
Title: Building JavaScript bundles for React Native

Search URL Search Domain Scan URL

URL: https://github.com/OWASP/owasp-mstg/blob/master/Document/0x06c-Reverse-Engineering-and-Tampering.md
Title: https://github.com/OWASP/owasp-mstg/blob/master/Document/0x06c-Reverse-Engineering-and-Tampering.md

Search URL Search Domain Scan URL

URL: https://twitter.com/lordx64?lang=en
Title: @lordx64

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fconfiant-blog%2Fd25f0ccdffce&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%25E8%2597%258F%25E6%25B5%25B7%25E8%258A%25B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&user=taha+aka+%22lordx64%22&userId=74f7de1013c&source=-----d25f0ccdffce---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fconfiant-blog%2Fd25f0ccdffce&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&collection=Confiant&collectionId=4423e6ce17be&source=post_page-----d25f0ccdffce---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@eliyastein?source=post_page-----d25f0ccdffce----0----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/web3?source=post_page-----d25f0ccdffce---------------web3-----------------
Title: Web 3

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F8628da0a9e38&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fa-whirlwind-tour-of-crypto-phishing-8628da0a9e38&source=-----d25f0ccdffce----0-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page_footer_cta_write-------------------------------------
Title: Write on Medium

Search URL Search Domain Scan URL

URL: https://medium.com/@eliyastein?source=post_page-----d25f0ccdffce----1----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/malware?source=post_page-----d25f0ccdffce---------------malware-----------------
Title: Malware

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F2e1fb310e8cd&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-file-hashes-fail-as-a-malware-detection-heuristic-2e1fb310e8cd&source=-----d25f0ccdffce----1-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://lordx64.medium.com/?source=post_page-----d25f0ccdffce----2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F9341838887b7&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fprofiling-hackers-using-the-malvertising-attack-matrix-by-confiant-9341838887b7&source=-----d25f0ccdffce----2-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@eliyastein?source=post_page-----d25f0ccdffce----3----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----d25f0ccdffce---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F3040dd3c4af1&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fmalvertising-threat-actor-yosec-exploits-browser-bugs-to-push-malware-cve-2021-1765-3040dd3c4af1&source=-----d25f0ccdffce----3-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@eliyastein?source=post_page-----d25f0ccdffce----4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F28ddc548463c&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Flooking-at-chrome-extensions-that-hijack-search-spread-via-malvertising-28ddc548463c&source=-----d25f0ccdffce----4-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://bat0san.medium.com/?source=post_internal_links---------0----------------------------

Search URL Search Domain Scan URL

URL: https://bat0san.medium.com/tomghost-tryhackme-263a691dfec4?source=post_internal_links---------0----------------------------
Title: tomghost — TryHackMe

Search URL Search Domain Scan URL

URL: https://mbombard.medium.com/?source=post_internal_links---------1----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/virima?source=post_internal_links---------1----------------------------
Title: Virima

Search URL Search Domain Scan URL

URL: https://medium.com/virima/is-your-it-ready-for-the-internet-of-things-c3e662163358?source=post_internal_links---------1----------------------------
Title: Is Your IT Ready for the Internet of Things?

Search URL Search Domain Scan URL

URL: https://shiory602.medium.com/?source=post_internal_links---------2----------------------------

Search URL Search Domain Scan URL

URL: https://shiory602.medium.com/cookies-and-session-2eec0789940f?source=post_internal_links---------2----------------------------
Title: Cookies and Session

Search URL Search Domain Scan URL

URL: https://medium.com/@ron_44427?source=post_internal_links---------3----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/gula-tech-adventures?source=post_internal_links---------3----------------------------
Title: Gula Tech Adventures

Search URL Search Domain Scan URL

URL: https://medium.com/gula-tech-adventures/while-visiting-rsa-2017-dont-forget-about-testing-security-controls-91c05a4562ec?source=post_internal_links---------3----------------------------
Title: While Visiting RSA 2017, Don’t Forget About Testing Security Controls

Search URL Search Domain Scan URL

URL: https://sailaway67.medium.com/?source=post_internal_links---------4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/technology-hits?source=post_internal_links---------4----------------------------
Title: Technology Hits

Search URL Search Domain Scan URL

URL: https://medium.com/technology-hits/apple-releases-update-to-fix-homekit-vulnerability-aka-doorlock-99d5421089ae?source=post_internal_links---------4----------------------------
Title: Apple releases update to fix HomeKit vulnerability, aka, DoorLock

Search URL Search Domain Scan URL

URL: https://medium.com/@imanog?source=post_internal_links---------5----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@imanog/kill-soc-toil-do-soc-eng-8ebf3cb126a3?source=post_internal_links---------5----------------------------
Title: Kill SOC Toil, Do SOC Eng

Search URL Search Domain Scan URL

URL: https://foongminwong.medium.com/?source=post_internal_links---------6----------------------------

Search URL Search Domain Scan URL

URL: https://foongminwong.medium.com/laptop-death-4a423e034d64?source=post_internal_links---------6----------------------------
Title: Laptop Death

Search URL Search Domain Scan URL

URL: https://medium.com/@aikdanai.s?source=post_internal_links---------7----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@aikdanai.s/welcome-to-the-world-of-web-3-0-d16b61235dc4?source=post_internal_links---------7----------------------------
Title: Welcome to the world of Web 3.0

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----d25f0ccdffce--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----d25f0ccdffce--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----d25f0ccdffce--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----d25f0ccdffce--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----d25f0ccdffce--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----d25f0ccdffce--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----d25f0ccdffce--------------------------------

Search URL Search Domain Scan URL

URL: https://lordx64.medium.com/

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F74f7de1013c&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&user=taha+aka+%22lordx64%22&userId=74f7de1013c&source=post_page-74f7de1013c-------------------------follow_profile-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fd88152812c7f&operation=register&redirect=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&newsletterV3=74f7de1013c&newsletterV3Id=d88152812c7f&user=taha+aka+%22lordx64%22&userId=74f7de1013c&source=--------------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://o1labs.medium.com/?source=read_next_recirc---------0---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------

Search URL Search Domain Scan URL

URL: https://blog.o1labs.org/?source=read_next_recirc---------0---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------
Title: o1labs

Search URL Search Domain Scan URL

URL: https://blog.o1labs.org/mina-zkps-and-the-ethereum-merge-ab4f547511b9?source=read_next_recirc---------0---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------
Title: Mina ZKPs and the Ethereum Merge

Search URL Search Domain Scan URL

URL: https://sm4rty.medium.com/?source=read_next_recirc---------1---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------

Search URL Search Domain Scan URL

URL: https://sm4rty.medium.com/roadmap-for-web3-smart-contract-hacking-2022-229e4e1565f9?source=read_next_recirc---------1---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------
Title: Roadmap for Web3/Smart Contract Hacking | 2022

Search URL Search Domain Scan URL

URL: https://heliumfoundation.medium.com/?source=read_next_recirc---------2---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------

Search URL Search Domain Scan URL

URL: https://medium.com/helium-foundation?source=read_next_recirc---------2---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------
Title: Helium Foundation

Search URL Search Domain Scan URL

URL: https://medium.com/helium-foundation/hip-70-evaluating-layer-1-blockchains-for-the-helium-network-15f81af6941c?source=read_next_recirc---------2---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------
Title: HIP-70: Evaluating Layer 1 Blockchains for the Helium Network

Search URL Search Domain Scan URL

URL: https://officercia.medium.com/?source=read_next_recirc---------3---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------

Search URL Search Domain Scan URL

URL: https://officercia.medium.com/blue-buttons-of-death-2fdb73c18c8a?source=read_next_recirc---------3---------------------6e0c87ff_d60f_43a2_824a_27c4654732c3-------
Title: Blue Buttons of Death

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1
Title: About

Search URL Search Domain Scan URL

URL: https://knowable.fyi/
Title: Knowable

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%25E8%2597%258F%25E6%25B5%25B7%25E8%258A%25B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce HTTP 302
https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

182 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce Show response
blog.confiant.com/
Redirect Chain

https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%25E8%2597%258F%25E6%25B5%25B7%25E8%258A%25B1-installs-backdoors-in-ios-android-web3-wallets-to-stea...
https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91

317 KB
65 KB

1225ms
1225ms

Document
text/html

52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2e1a5eeb02e130f736c9797331aae8dff46ee13ca8dc9bfeb82a6e49594c7473

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 14:38:45 GMT
etag: W/"4f5d9-i2EZRc5LISH6YL0/alyB5Q2FTu8"
medium-fulfilled-by: valencia/main-20220919-141804-9aa700c6a4, lite/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
medium-missing-time: 290
sepia-upstream: medium
server: nginx
vary: Accept-Encoding
x-envoy-upstream-service-time: 1114
x-request-received-at: 1663598324569

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74d311166e5c23df-ZRH
content-length: 0
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/plain;charset=UTF-8
date: Mon, 19 Sep 2022 14:38:44 GMT
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220919-061722-a8b86343c7
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 28
x-frame-options: sameorigin
x-obvious-info: 20220919-0958-root,fb85631e
x-obvious-tid: 1663598324346:d4b68864b00e
x-opentracing: {"ot-tracer-spanid":"78f906895541b293","ot-tracer-traceid":"727dfbc4a11106d6","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 unbound.css
glyph.medium.com/css/ 15 KB
1 KB 71ms
57ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1093
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 74d3111f9d7223df-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Mon, 19 Sep 2022 16:38:45 GMT

GET
H2 200 0*tDs1K27pjEbg6eDO
miro.medium.com/max/300/ 9 KB
9 KB 196ms
182ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/0*tDs1K27pjEbg6eDO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86b74ed53a1ab818246024beb9875537192d13707a04b151edba1285aeb4f005

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9053
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311204ead23df-ZRH
expires: Wed, 19 Oct 2022 14:38:45 GMT

GET
H2 200 1*5S2lTeGX-EguDErNKsRXrw.png
miro.medium.com/max/300/ 71 KB
71 KB 195ms
182ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*5S2lTeGX-EguDErNKsRXrw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

369562108a23ff06088814e84ed28e84ce4a10d9c93f74f61031de2ec59d4754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 75
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72835
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311204ea823df-ZRH
expires: Wed, 19 Oct 2022 14:38:45 GMT

GET
H2 200 1*RJv308iUcxqrr3o1GKB6zw.png
miro.medium.com/max/300/ 44 KB
44 KB 218ms
205ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*RJv308iUcxqrr3o1GKB6zw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e90904613706435d4e162ab9ea5aebb9bb41ab5edcf1d96c2e41f8b1fb6c8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 42
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45066
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311204ea523df-ZRH
expires: Wed, 19 Oct 2022 14:38:45 GMT

GET
H2 200 1*3I2j2cljA7VLzidIq7SImA.png
miro.medium.com/max/300/ 13 KB
13 KB 194ms
181ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*3I2j2cljA7VLzidIq7SImA.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f48d51be7a817814e257cb5a945dcbb3dfd2df71087069c2f6571648eaef3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12825
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311204eab23df-ZRH
expires: Wed, 19 Oct 2022 14:38:45 GMT

GET
H2 200 1*HSyCpLE_P8MkfSBt4QOcnQ.png
miro.medium.com/max/300/ 112 KB
112 KB 219ms
206ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*HSyCpLE_P8MkfSBt4QOcnQ.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb2f5f614e500c41a35771cf4ef7572fe425b7407a009d14a7eb821c57e47ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 95
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114672
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311204ea623df-ZRH
expires: Wed, 19 Oct 2022 14:38:45 GMT

GET
H2 200 1*wXGLqcEknComBbElp0BJ0g.png
miro.medium.com/max/300/ 104 KB
104 KB 170ms
158ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*wXGLqcEknComBbElp0BJ0g.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ae491b4f6d9aee2c559cc2245727f46d05b74405e153617f97f4db642db749

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 75
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106635
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311204ea323df-ZRH
expires: Wed, 19 Oct 2022 14:38:45 GMT

GET
H3 200 1*nwKT3u5BQGRctd1V7HBoGw.png
miro.medium.com/max/300/ 109 KB
109 KB 261ms
248ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*nwKT3u5BQGRctd1V7HBoGw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb8b6f43d4306086b39c0e3a5f48609e6705f5f5db126277b19177939189bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111450
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219ebccc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*i0OmYyMX6B8oRyLWuf5NtA.png
miro.medium.com/max/300/ 47 KB
48 KB 264ms
251ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*i0OmYyMX6B8oRyLWuf5NtA.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10daf19f76f4c3e3ea8f203056a42c8f6f34551b19849d7c4efd7892388be95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48431
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219ebecc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*kGXZDdJI9j4pul3LPRsqqA.png
miro.medium.com/max/300/ 102 KB
102 KB 270ms
257ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*kGXZDdJI9j4pul3LPRsqqA.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d163611a36fd66f799fc270b094e8eee950428efb5a812bf14f4d5958683ecad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104539
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219ec4cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*4pdsekVzBV4PMZCP4Amr1w.png
miro.medium.com/max/300/ 115 KB
115 KB 213ms
202ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*4pdsekVzBV4PMZCP4Amr1w.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d199dfc6c36639a5e64f12fe590cfebdd2bad96c8615d4ff82e1ba72cf778d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 95
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117654
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219eaccc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*sUNMwmpvyA6PfN6QQj2DIg.png
miro.medium.com/max/300/ 177 KB
177 KB 236ms
225ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*sUNMwmpvyA6PfN6QQj2DIg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb2b7e14e15721e261df31f3dfc17057b58a8fa2ec407926aca9a23f6408dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 76
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 181337
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219eafcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*DVzkASa6gfedGslFReCsZQ.png
miro.medium.com/max/300/ 36 KB
37 KB 256ms
243ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*DVzkASa6gfedGslFReCsZQ.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbb0472d5329a489c559cced60cdce46a041fabef67e569ce0928fef7477ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 593
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37226
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220909-160424-0ba4daf8b7
accept-ranges: bytes
cf-ray: 74d311219eb2cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*ujlpzXZfVscLVGzxHtULYg.png
miro.medium.com/max/300/ 12 KB
12 KB 259ms
247ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*ujlpzXZfVscLVGzxHtULYg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a30c24c996f2f70e25209faff5c7faad07d3d8fd6e4e793f5b7964cfb0e15c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 73
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11888
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219eb4cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*AQvpbNPfUXRG-W0XMscH6Q.png
miro.medium.com/max/300/ 7 KB
7 KB 260ms
247ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*AQvpbNPfUXRG-W0XMscH6Q.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be4b143c53941f82aba83e7470abc11e4a360fcc04411936b2807e66b3d90e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7180
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219eb8cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*dxqpKH8pRaQLDg4xUwD1_g.png
miro.medium.com/max/300/ 4 KB
4 KB 166ms
158ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*dxqpKH8pRaQLDg4xUwD1_g.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256fa2a1acd35b701c057c169fc0fb7a7682998d48083fe211fda52b72943bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4147
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e85cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*u9w1HnUhRgjICztF7Ms6-Q.png
miro.medium.com/max/300/ 20 KB
21 KB 185ms
177ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*u9w1HnUhRgjICztF7Ms6-Q.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99973b8fb3da1cef0d08d830cfc0f664694226c2e94c7d6f601ce8bbb9bf108d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20934
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e86cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*7MBHirxZRfSfmoWWNzfzZw.png
miro.medium.com/max/300/ 4 KB
4 KB 166ms
158ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*7MBHirxZRfSfmoWWNzfzZw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f6f053f5ce26957f05814baf4108f5d959e1b2df960d2b8e696c81eab0b22ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 82
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3868
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e88cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*YCj_ueQW67xsFiyZFFlomg.png
miro.medium.com/max/300/ 3 KB
3 KB 188ms
179ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*YCj_ueQW67xsFiyZFFlomg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de42e08a8c04365f35a625da3f26374020526d7c47490b1d85ba0de0741b6363

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2866
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e8acc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*vb8AHDm49ocZCw56E7Q7sg.png
miro.medium.com/max/300/ 14 KB
14 KB 212ms
203ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*vb8AHDm49ocZCw56E7Q7sg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb073c77530d24ed8a175a422461299a956cb6bf9404ec94ed03019af00faf50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14430
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e8ccc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*5eA0-X9VhrHfyFnkfc_2Uw.png
miro.medium.com/max/300/ 17 KB
17 KB 188ms
180ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*5eA0-X9VhrHfyFnkfc_2Uw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7db83ba455a5892496dcd2af0409c3df62251546363b0c99c90a773e2a97e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 68
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17399
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e90cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*BTqPV0mQgEGA902Efhjn-Q.png
miro.medium.com/max/300/ 16 KB
17 KB 189ms
180ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*BTqPV0mQgEGA902Efhjn-Q.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911bb17378b28876ed9592d36f2d162396e67aa57c21d313c01d38ff00cd8552

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16732
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e96cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*gqzYeSSythRnWDnW3uH82Q.png
miro.medium.com/max/300/ 25 KB
25 KB 275ms
264ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*gqzYeSSythRnWDnW3uH82Q.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cda6f0036a3b19a70e54033250880adc499ac02c551ba66f636b4b7beef136e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 59
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25505
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e97cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*IfNQjSv8ZxhHiAku75NhnA.png
miro.medium.com/max/300/ 36 KB
36 KB 192ms
181ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*IfNQjSv8ZxhHiAku75NhnA.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52a32cd5977136c7bc65551e16fa502a1a04f7dd055999f34479e62c7a8aaefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 66
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36776
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e99cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*p6-D9BXbLsHLtDW8RG5mzg.png
miro.medium.com/max/300/ 9 KB
9 KB 206ms
195ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*p6-D9BXbLsHLtDW8RG5mzg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2025f294041022f1f0eb1e0d84f1ee2f1bb50bd0ca1a7054e01c6c349ee57b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9152
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e9bcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 117ms
77ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28226760
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d3112088fd01f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 147ms
107ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28226760
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d31120890301f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
29 KB 149ms
109ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28226729
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d31120890501f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 121ms
81ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 884138
x-envoy-upstream-service-time: 52
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d31120890a01f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 162ms
122ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 884105
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d31120890b01f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 163ms
124ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 884105
x-envoy-upstream-service-time: 1475
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d31120890c01f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 source-serif-pro-700-italic.woff
glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
14 KB 163ms
124ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 884105
x-envoy-upstream-service-time: 1039
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d31120890f01f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 164ms
126ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28226760
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d31120891001f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 69ms
56ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.confiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19122111
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 74d3112088ff01f8-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 1*Gzx_yxzR1l1GX0h8J75gfQ.png
miro.medium.com/fit/c/64/64/ 3 KB
3 KB 214ms
177ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/64/64/1*Gzx_yxzR1l1GX0h8J75gfQ.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6178c50f15b663877daa8c8b21f796ee24dac9868698f7dd3b70a4432a2c60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 59
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2951
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 74d311219e84cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*CeV88vA72XwNGRvC79wSOg.png
miro.medium.com/fit/c/96/96/ 11 KB
11 KB 306ms
264ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*CeV88vA72XwNGRvC79wSOg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

284ac805203c161df7f8e189f59f0827b436308d1f9f43c2386df2cdd681eb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 62
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11240
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219ec7cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*HsR0pN83jRH2AmPMSqRsjA.png
miro.medium.com/max/300/ 9 KB
9 KB 246ms
239ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*HsR0pN83jRH2AmPMSqRsjA.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6b700236ebdf38df207868ccd6232c09b5165a93de4f6367e0082079491e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8902
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e79cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*S3GQbNegWI4-tgwZasQtyw.png
miro.medium.com/max/300/ 18 KB
19 KB 164ms
157ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*S3GQbNegWI4-tgwZasQtyw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e644fdc416cd19eb02fba643acf1739afe10b912dafd69628e4720b22729646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 53
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18791
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e7fcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H2 200 manifest.8c04b1eb.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 73ms
43ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.8c04b1eb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad7ac39533d4ba389215f0ba6d63d9a9e9ad4cae475997050776a848aded8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 233226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76E2ESRHJ93BJZMD
x-amz-id-2: fXBYzHQ7rzisje+o3MPEVoixKd5h+zxsEJBATJyE/+zRbHmMjz789+mTBj03f14OPfrPK2g3rKE=
last-modified: Fri, 16 Sep 2022 21:03:17 GMT
server: cloudflare
etag: W/"b665eba9b013c40dbc89218a705e562e"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: 0mQzvFItwioQ2g0rN00vo0cMdpZKdO2R
cf-ray: 74d31121587323df-ZRH
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H2 200 221.eb6d4e84.js Show response
cdn-client.medium.com/lite/static/js/ 691 KB
213 KB 98ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 436396
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: J2TVWCT1EY9N2ACT
x-amz-id-2: AdbnGoZITPw5AWsHgEIvXYgiPZgy5XVnPYvmDgCgX/9Y22m9b757aLHTZLskxG4TdBNklNLgyCM=
last-modified: Wed, 03 Aug 2022 13:07:29 GMT
server: cloudflare
etag: W/"8217b3c83342b21eef3049023dae74f7"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: eFYPkrNVdSEA2cbFUgGI5AL5fmJ6xhM1
cf-ray: 74d31121587723df-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H2 200 main.c15690f9.js Show response
cdn-client.medium.com/lite/static/js/ 734 KB
177 KB 77ms
51ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.c15690f9.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba7e30f3e51476ccd62839f6a48cb8ec18f155240fcb79f217c3e7cd2c0d1178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 233226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76EAKV9P02AP4NWR
x-amz-id-2: BljafTVEtfB28g4VpfxsWRBaUDPk39TRR5g1xFOWtTmzDmgTJ4UeVA/ARilirDOxZbhXcnKJKwk=
last-modified: Fri, 16 Sep 2022 21:03:10 GMT
server: cloudflare
etag: W/"7e846ee322bf12e9fca9bb916820cfb5"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: LK8vDntdOYNAMGv8vXRAjf0z.CHl39gm
cf-ray: 74d31121587623df-ZRH
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H2 200 instrumentation.c71f0248.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 91ms
65ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 854289
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DN80NP6MC45XWT2W
x-amz-id-2: XL/2Jb9u14qm8cCj//wgdYe0Ggn1t1G4gX21uBRkpd82xhiecCSbOyioU4BrWRYiv2q6edekGpo=
last-modified: Wed, 07 Sep 2022 22:21:02 GMT
server: cloudflare
etag: W/"1c4019035217766e8fa41b4d396c90c0"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: 5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
cf-ray: 74d31121587523df-ZRH
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H2 200 4800.e59c250c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 66 KB
19 KB 74ms
49ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4800.e59c250c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3096f776db540f092d5b89c571dec330a17892298fbe56cf967ebc1fbdc4ac37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1115807
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZAEQ2178FZARNC9R
x-amz-id-2: Z2rGicDRlOCRtI465NmyuzYlH4B89fFwUDXmJo6GNb6QRGwakTPGmnSwgD5nUsI3ihqGpMHRBt0=
last-modified: Fri, 02 Sep 2022 17:48:57 GMT
server: cloudflare
etag: W/"b2ed3fcac5c371195a1c612ab30ce081"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: IPlk3PH79eUfRSPfBVRWz4zVA.DkjpXa
cf-ray: 74d31121587b23df-ZRH
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H2 200 1490.25c8744f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
8 KB 71ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1490.25c8744f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e636d6b61d16ba8fa5d119a97b3dbba2483cd38fbc550a174951a31319ba7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 416379
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: REG1DNR5CTTCXN8A
x-amz-id-2: pyXc79PoctqYwDo7uVkZbiopW55N50UvChlpoveyKSrzt1lHc/8xEoSQiJfBUVnxE4sJ76MrH5M=
last-modified: Wed, 14 Sep 2022 16:28:00 GMT
server: cloudflare
etag: W/"17299bb4c9920ab89e899835d15867c5"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: c5qiTUTewTwmSs6kGw.YbBOcA99pZDDb
cf-ray: 74d31121587c23df-ZRH
expires: Tue, 19 Sep 2023 14:38:45 GMT

GET
H3 200 2837.7bf36ac5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 75ms
65ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2837.7bf36ac5.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 580003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: N5QPWAH5YESTA7PY
x-amz-id-2: pTts5V3fZqIikiFPC6BW/A3MOD4OnXKycVPrg721/MSCwCHv+ASP/tp9DZr5HHGf9ZFA3VS70ac=
last-modified: Mon, 12 Sep 2022 21:07:06 GMT
server: cloudflare
etag: W/"874ff76ff89f6785bac7273c52caa1cf"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: o1F2trFqCAwB_O69FIjcfeJyeffDoM30
cf-ray: 74d31121bed3cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 1473.402cd326.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 48 KB
14 KB 124ms
114ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1473.402cd326.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36050aaec3ecfa8286da5614ed907846ff186dda63d5c1d69c0a2cfce5aba6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 416380
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: REG75ZQD2NYN82FA
x-amz-id-2: dQT4IbJ0+8B2kyZKQBtyR6b2jsVDXTzUbonaxFKfNebwl3wfFUxFJHoD6Vf0TNfWg13p8ndGkeU=
last-modified: Tue, 13 Sep 2022 20:43:16 GMT
server: cloudflare
etag: W/"62c1f547499b5ad4fc01d3e5a4e4325b"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: tRglcTE_pax3ddqh_6RE.u5iKWb_0qPy
cf-ray: 74d31121bedccc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 AppLayout.942ff177.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 103 KB
20 KB 125ms
115ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AppLayout.942ff177.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f2f7a8874b34acba2f53828d8d2361f14d03b7884757d298f6d2a08ac5b0c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 241717
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B6BH3RKYKWERW8TM
x-amz-id-2: q7LMtPnFQKlXfJDONHmR/uPgaZ85IzJZC3z4lC5LU/E2X9+Rt18Eso7iBP9AoT3PtXaJAQ3Txig=
last-modified: Fri, 16 Sep 2022 18:49:45 GMT
server: cloudflare
etag: W/"9514edc6afa6c88cd68170e2ebfc8be4"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: X.nXy4OwM422jW9f1u00A8OFOoQlvedk
cf-ray: 74d31121bedfcc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 reporting.bbdcaa9d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 148ms
137ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1187918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2R4YTKBCDDS6HF3J
x-amz-id-2: hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified: Fri, 01 Jul 2022 00:11:40 GMT
server: cloudflare
etag: W/"72bc359fe3377069bd162b3be6ed3d05"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
cf-ray: 74d31121bee2cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 4270.c0f5b685.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
1 KB 78ms
67ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4270.c0f5b685.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 489319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C2ZN163S1S828YMM
x-amz-id-2: lN1VMVaeaxRA6JY7+jojWRuyaU3UMOhyF07ltDGS+YyWWVSyvqeb9ASTn/Hr82e9/OYyZQ+ZxgQ=
last-modified: Wed, 08 Jun 2022 01:57:01 GMT
server: cloudflare
etag: W/"ecb15ff3b96846c74bbdba0df72c6c69"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: KSkooLLVUmAEyr4Mvb9mqebbFmTOLR9I
cf-ray: 74d31121bee6cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
11 KB 148ms
137ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1114066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KZ14F4DJ39Z3KD31
x-amz-id-2: EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified: Tue, 25 May 2021 18:36:29 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
cf-ray: 74d31121bee8cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 7794.9590314e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 149ms
138ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 242178
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZZ2GZ8XPEV2XSK8Q
x-amz-id-2: ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified: Tue, 25 May 2021 18:36:34 GMT
server: cloudflare
etag: W/"fdb51abd005c8009b18f0a8ff313072f"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: edEnQQoOPA8J97QSUBTjXG.e16leDLA5
cf-ray: 74d31121beeacc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 8316.18f2a6aa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 79ms
68ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8316.18f2a6aa.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 242178
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CNHD5SFN5Y8TW45S
x-amz-id-2: hFIjAklPE8uAiFD3F+iWoIjr1hZAL+bvgJNwZvAJEZUDnYTo6ZgZ84z2QdIcyEiccMTz7/tDkuo=
last-modified: Thu, 14 Apr 2022 09:06:33 GMT
server: cloudflare
etag: W/"9fa67454adaeb385a3a70077ff7b7df1"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: QUYK47Sx_vLYH.MHyrUF8Ib7srVpusAN
cf-ray: 74d31121beedcc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 4330.1bf9fad7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 82ms
70ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4330.1bf9fad7.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbcda18e1943f0f75e8175a83e202f28fba2c0c47d32c7f754d8dd036ad81d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 254893
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Q3K8X89VWEQWFJFP
x-amz-id-2: 8rYXe8zduUzNNWU53wt/4/8VrtqKg4JdvbHF87JAX2bZJXzbcLDL1Zf5d8yG6G/0YOh8H//6un0=
last-modified: Fri, 19 Aug 2022 09:09:11 GMT
server: cloudflare
etag: W/"04ebdc2cf5ce5b3af61fb14aad72c9cf"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: rlLggrivkn9IZHyP5QRp3Psll4yBPofV
cf-ray: 74d31121bef6cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 2981.c8b67800.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 126ms
114ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2981.c8b67800.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 265472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GAQFSEGQ7ZX9WVAM
x-amz-id-2: JZ3QGAr3YDxzfAuaIsASsvJvN+RTmdc03eLiHotXzIYN053sc/z1HPnQtDrlr+KdJljcubb5W7Y=
last-modified: Fri, 19 Aug 2022 10:43:45 GMT
server: cloudflare
etag: W/"ae90acd9390e2e8ae30aa02c7d1d058e"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: TKbpTetPCYsKF3g5_IiCFHFhUDC2WY1y
cf-ray: 74d31121bef8cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 3115.e77db5e9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 126 KB
36 KB 96ms
84ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3115.e77db5e9.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1fb3cd39c47b8f999e2bda99acd0f995248ef7be54b1d2a0e8cd263915e0697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 349146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VT6T0ANZXJAREYWQ
x-amz-id-2: ase2pWGPOn8Rp9vVWPt4M8qtzjRlZ4UUYc6OfYko6RsAhg9tz+e/IuOf4741DgCW1a9YY0wYk88=
last-modified: Wed, 14 Sep 2022 17:19:07 GMT
server: cloudflare
etag: W/"135fcd11aa36a9cc1efcb8a65703f068"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: Z5_ZspBNWHav9z_8UfrDzTdRS2mRBoaL
cf-ray: 74d31121bef9cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 5472.5f6d4371.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
1 KB 265ms
253ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5472.5f6d4371.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 242178
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CNH8PTMK5AP330DM
x-amz-id-2: xGpOOu8UZAzsu1YWUtNuDaspxj3NnwdsbLl4CFr6mQNnuC5VgdmPYNonihLFzHPh0iUQuVnGPss=
last-modified: Thu, 14 Apr 2022 09:06:30 GMT
server: cloudflare
etag: W/"6adb8844d763f7d58b6ed49ab89899c7"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: M9BL7xv54wPjdaXSST5ko_cL9x0mMNwi
cf-ray: 74d31121befbcc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 4869.15af887a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
4 KB 266ms
253ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4869.15af887a.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 489322
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BVXG0076RV4B9JAP
x-amz-id-2: uKH8UQbmWp1mPmCPTJvTtTv1kuEn3ARbt5hpFXJtd9Q7grMGajh8gSczyhsbEk9PSu4/TmP63i8=
last-modified: Tue, 21 Jun 2022 18:46:21 GMT
server: cloudflare
etag: W/"461c7bfcd82063a67a77f584159505ce"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: zsasPIPj4VNjHd6lWz1Ablp9oC5jhxmA
cf-ray: 74d31121befccc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 9401.492bc814.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 266ms
253ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9401.492bc814.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 489322
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BVXT7BCCKH158FM3
x-amz-id-2: fmyPMPKPQeWvDtiHrQgX5CGXZTku+5n0vOfhSaA2QdzDZmCmY1RbWsXR1l8WR2n7FzWl5DH3jRU=
last-modified: Tue, 21 Jun 2022 18:46:28 GMT
server: cloudflare
etag: W/"1ddc9c0c19f0fe0be7a7d8a22ff4b327"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: o7qB8yuUJ2.ySHF37F8FxNhTjXdITIXy
cf-ray: 74d31121bf00cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 2307.b2a54ca4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 266ms
253ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2307.b2a54ca4.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 505828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4FNZA2AQ2HMAKR1P
x-amz-id-2: v5fjgekWKQBKHUWXtS38VUfIdGtrSZeJZbo9JFk0TafKXhvG12gQFQHCSmKuVupC91S9KgZ1su8=
last-modified: Tue, 30 Aug 2022 17:41:16 GMT
server: cloudflare
etag: W/"452a684fb8b71960fde058398549b560"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: uC58zPGNf1Kmzb_z_oSfu.TRqdXHy86R
cf-ray: 74d31121bf02cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 7070.94d1cda1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
8 KB 267ms
253ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7070.94d1cda1.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de48cb910621bf94185fc11bda005922bbb5e19141e2585e4b9d963b29191288

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 516912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ANHQFKKK3HM9ZZW1
x-amz-id-2: 2eSsykJAbq2iIxyRZSkrNpvNIri41QLwsDEEuAwdNskp26vBS8xdwKwbFxm9u1wvfwlyjGh/Eu0=
last-modified: Thu, 08 Sep 2022 16:34:08 GMT
server: cloudflare
etag: W/"3018997b2d895aadca3817869d506cee"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: ktJLO74K0xTbt9Ispkb0vmcViDu8.8pH
cf-ray: 74d31121bf04cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 9442.5291e270.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 267ms
254ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9442.5291e270.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 435339
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8NAYDQE9MQK743Q9
x-amz-id-2: Q+YMUo3f6jyml7SXk6SmWMrC+AY114aKXRjQlxqfefqQ7aN4c6PDcZ7B2XOvKqS3AdCjuSFaiK8=
last-modified: Wed, 06 Jul 2022 07:53:44 GMT
server: cloudflare
etag: W/"3edcd4d9e5942e997e7195e591b148c6"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: pCL2A.BoWSvPuskvdf9gJgCn0qWM.lXJ
cf-ray: 74d31121bf07cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 4483.0a43a5ce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 272ms
258ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4483.0a43a5ce.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1025166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: W3D8VPVQKPJHDC62
x-amz-id-2: ytI/ljuGLDtWZEwYKNhFOgDeD2WTPgxo05GxSQEDIon/zinlUDuR+/2Nyy0YzyZcgw8tUYCCnFU=
last-modified: Mon, 01 Aug 2022 21:57:50 GMT
server: cloudflare
etag: W/"bf55b6950792bc738fb0d12bda42e128"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: nXdB1pZcC2zXCHIpRf4DyB5qHFX0z_KH
cf-ray: 74d31121bf08cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 210.1b33e4a9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 32 KB
11 KB 273ms
259ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/210.1b33e4a9.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1176119
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: R9K4CT5HZKR9XB80
x-amz-id-2: bK9GrVt2RHKtpupDor4YEMRzj0iT9/K30lVIGBWPvzExxM1r7ZHTbRKVadGGdneEwMfPW+FNrAY=
last-modified: Mon, 22 Aug 2022 23:07:50 GMT
server: cloudflare
etag: W/"e21593b9b2665e2c028ec837b9b17a44"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: 6A1grWb2eI.v5FtaeGijF4bKOleB0EK_
cf-ray: 74d31121bf0ccc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 864.f280c412.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
4 KB 275ms
261ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/864.f280c412.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26ec082879145d9b18089e00681c8f194c34deef3ad489aec1d4e537420bf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 863613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TB3ABWZ72CRT9A9G
x-amz-id-2: mbZ2KRZUeRLPISp1W/9/80psPjzz+9vW0scC+rzpopos6kNM5vLpdpOpdX0jlQXuW6QMlOTrWJ4=
last-modified: Fri, 26 Aug 2022 08:09:06 GMT
server: cloudflare
etag: W/"bd3142585d9812445644e7c1277d3297"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: t_Vx1BIMyO4aRSG5jyQFxWxOkhSEzS4Y
cf-ray: 74d31121bf10cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 9841.1bb423da.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 276ms
261ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9841.1bb423da.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 435339
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8NAXTKXVT5YRHG8C
x-amz-id-2: 6RKhOlsS35C1DjFeoOeZMOD90SHxxnChKIQkQecxgi1FNFcL9Jw/77BJ3rP6obK3+XmQcVD4AV8=
last-modified: Wed, 06 Jul 2022 07:53:45 GMT
server: cloudflare
etag: W/"a438d4b84fc984bedab39eff52de7d1b"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: 1xI7YK_MjEYp2K.Qr19IRQM3SL0GPfHl
cf-ray: 74d31121bf13cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 3610.fcfa0e1c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
7 KB 276ms
262ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3610.fcfa0e1c.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c206b884da0783970fa403fc66def17bf89bb4986b5c98949e7b75a5db16cbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 516912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ANHH2E62E6RX251Y
x-amz-id-2: meVSuqcsYgzSvH0WPN2gRwIJI8XllV0bOTOODl1dZR2YUkuZ48bKw3/4shHFxqKuTF31bkaZoVM=
last-modified: Fri, 09 Sep 2022 19:41:33 GMT
server: cloudflare
etag: W/"8c1ecb719c418f4fc48dedcf9554b0ca"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: SvrIKziMjwkYIM75gFH6vJL0G_D45wAi
cf-ray: 74d31121bf15cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 1018.d5a0e022.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
6 KB 279ms
264ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1018.d5a0e022.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054db58c8dca063476febf9884746d831c832c29d0b02c3726f40d01d8ccf61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284496
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8TGQ1Q56EZ8N9TXX
x-amz-id-2: JMxfz2sR2QM7Bzd3GeSuU67sz+r8Tk96pkOA/vNnU/OAkB5t0NPfdhtv9zxibBETpqmPk+W3Cl4=
last-modified: Thu, 01 Sep 2022 13:43:22 GMT
server: cloudflare
etag: W/"22259d72fd836a943ab8e91bc8f255bd"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: vCq8iSLns8iWWtErAA9dUiVOJcdy_6hg
cf-ray: 74d31121bf17cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 9304.0cb94a81.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
2 KB 280ms
265ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9304.0cb94a81.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85680d3c77cd3614269bce280229fa6bebfe637c767374279107aa08ad2445b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 851326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PYBR1DKCN47BG4ZF
x-amz-id-2: P0QqCo9GiORu/1Uu4KnPQvcZS/Yrfpj/H8laqiPmaJvk8V0DTIp/P4sPencvBBmFDY7M96Wm670=
last-modified: Thu, 11 Aug 2022 23:41:35 GMT
server: cloudflare
etag: W/"35a365dd6d3637cc9e506a50fd80f196"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: EUbbSDBYtr6yy40B98WAsjnEFwTlEUsj
cf-ray: 74d31121bf21cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 763.3dd24340.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 281ms
266ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/763.3dd24340.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284496
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8TGJ1XETE0NY1ZG4
x-amz-id-2: 6iXFlhEzeicU7aJ8UbF6igParGUQqtaRkkp5G2WlBmS6AJF/WHGutadrfqBzSG8sE92+qrVVMAw=
last-modified: Thu, 01 Sep 2022 13:17:18 GMT
server: cloudflare
etag: W/"95c429bc01e6ab0aedece2277f3f41dd"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: goZsfOIuyppoMc0Onuw5TwPKffEVGUNf
cf-ray: 74d31121bf23cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 8051.c536c001.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 59 KB
14 KB 281ms
266ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8051.c536c001.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1176119
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: R9KF81087VD844WE
x-amz-id-2: ASyihAp1nF+SMXGApQv3rEubcbtNjRG0JqkLTfOMyQEA7BqHyJCgSgU6R8jkZ2S7R5xv2Uvx110=
last-modified: Mon, 22 Aug 2022 23:07:58 GMT
server: cloudflare
etag: W/"47343252b22a02ee0822f03f0be391ce"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: 5HJouVNr7TaNTnESG04IiNLbaSQMTDfM
cf-ray: 74d31121bf24cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 188.6d5882e3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 44 KB
12 KB 282ms
267ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/188.6d5882e3.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c700d2a6464ad47095114366947285d185052625472c72a4eeae4ac168f40ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 325949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 48TST91C4WJBA8YB
x-amz-id-2: 16fN3w2PMnUzOmGZibo/k8wdudr4aQlRSqHHucD0+u63BzXUYyjz1KUADGFLOajrdZQzU2IRzPM=
last-modified: Wed, 14 Sep 2022 15:35:31 GMT
server: cloudflare
etag: W/"9a2be6c4534467804dd3a8b4d8fa7cde"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: OGuPnTb4JqtMzZGIgC8BkKuu7NmPUx4G
cf-ray: 74d31121bf27cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 8621.c622eeb0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
6 KB 286ms
271ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8621.c622eeb0.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49eb43f08609e0ac8a4d0711f4e14dd56df16506a52ae3dcd66f002bbabf23d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 933639
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: WYKQN0VV0Q4DH97H
x-amz-id-2: NKCvlQFQr7e2bxqPoTivCEjr6YQUerlCf69Oq8SRg08DIShXVV59cMtiWWlM6pTIgaXI4FtDNTQ=
last-modified: Thu, 08 Sep 2022 00:17:00 GMT
server: cloudflare
etag: W/"7bba14b67d7f1246af988ae563f04c1a"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: ubNbVhkePxsM6RQMxuCRNriYWRUg15wB
cf-ray: 74d31121bf2ecc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 5754.6687b8d5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 287ms
272ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5754.6687b8d5.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 851314
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BABNVAC1BSV2C8K2
x-amz-id-2: JuAasHgUwNuFUAxgOmmPG+bBIkW5yXPNOZqk3r8KUPVeaUKAUHQjXw6QBt3GUwX6eWS+1+eA1Co=
last-modified: Fri, 20 May 2022 05:33:41 GMT
server: cloudflare
etag: W/"d8cccf81b0e959008ed590e4a91a1c61"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: jm4XNl7ULcgGCxMyZPfaouJSQOG7cvnF
cf-ray: 74d31121bf31cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 PostPage.MainContent.1cbe53c9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 114 KB
27 KB 288ms
272ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.1cbe53c9.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d638a902973b5eb1a3785c238b81d73145ee9ae33aeea5518ad147e29d14ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 233227
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3GVB0VGKXCBATSHA
x-amz-id-2: aac7+f/p4ImGZsvh4+95407hUaAjwgA/n96VSI/JmLuDIRZhtRxPJRu6FV31KXcKFbib/yz6VgE=
last-modified: Fri, 16 Sep 2022 17:03:26 GMT
server: cloudflare
etag: W/"dd76832892a85ad1607c3f55894633e1"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: 7reoUVMUm1yjhGC4y.yTGqmssF5uGSZ3
cf-ray: 74d31121bf35cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 1987.e87f9d80.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
3 KB 288ms
274ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1987.e87f9d80.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 323333
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E9ECF7NHXNH0HYA8
x-amz-id-2: tKLOWGSriv3Ultn4eLNFbNKM/gTHzGNs9zVwMjqNYCyLbYgGmDgqtuSG09J4Lq8R5AQQIImYNzM=
last-modified: Thu, 01 Sep 2022 18:26:19 GMT
server: cloudflare
etag: W/"5587b9535df6c9068c64661ba037ac8b"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: cBz4yUOPeuq85PbanD5Gb9jI.f0cdUtK
cf-ray: 74d31121bf51cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 8018.e68c241f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
6 KB 289ms
275ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8018.e68c241f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219134a64f5af860e09a64ed4e31f0ab90d6ba0393ba5b9a0aa64acb99d2bd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 580002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: N5QK3CHJXTKN814X
x-amz-id-2: F9Je6/vr3H3Z+Hc7BAjwIktwEFA1vXGNrhgh7J7ars4bWmbGR/1jBzFCDmRx4NfuKFJrLvX2k9g=
last-modified: Mon, 12 Sep 2022 21:07:13 GMT
server: cloudflare
etag: W/"f4662324c9a5ada8f2877973ba7a938e"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: yJHsFy_VZkkKt.YiapcbT11w_vTrdMMI
cf-ray: 74d31121bf56cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 PostPage.RightColumnContent.36293d9f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 35 KB
10 KB 289ms
275ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.36293d9f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4f3ef97718113dc7c0e0c645ae6956f3b975417bf279c90366f562ff3b13ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 926182
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 584J7BPPM5W148R8
x-amz-id-2: PFrsr5e2f293w+4eWDFb1PYrMpQOb72xuQDTfT9s3E4c0YKj/KqRVcSqcj6n7TRhsGovLW90tKo=
last-modified: Thu, 08 Sep 2022 19:23:38 GMT
server: cloudflare
etag: W/"924b58579850f914867bea70320780fd"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: 3XWtPCMZClDiRDqM2Ty9spCPnqSz4Flg
cf-ray: 74d31121bf59cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:46 GMT

GET
H3 200 1*CeV88vA72XwNGRvC79wSOg.png
miro.medium.com/fit/c/176/176/ 31 KB
31 KB 204ms
175ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/176/176/1*CeV88vA72XwNGRvC79wSOg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e5fd991374b64e003e80c25952f69136dd8b47e3d84a81b590350afea6337e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31330
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311219e82cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:46 GMT

GET
H3 200 1*ZF_yyr-yjlxhaO147kUU_w.png
miro.medium.com/max/300/ 19 KB
20 KB 174ms
173ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*ZF_yyr-yjlxhaO147kUU_w.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a60f7d9fd49a71b9ee7ff31ab9b7b101907e4cdd88c1a35dfc6e4864625393

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19947
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311276fb6cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*eGQYdkzn3uqJRcUx5v3Vaw.png
miro.medium.com/max/300/ 10 KB
11 KB 158ms
157ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*eGQYdkzn3uqJRcUx5v3Vaw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9860af0eaa929f47004027c0d37c36baa609911d583313d7d85588c3795a2646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10490
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311276fc4cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*IdR9ZAlqUm2iMpJ3cXK2Og.png
miro.medium.com/max/300/ 18 KB
19 KB 147ms
147ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*IdR9ZAlqUm2iMpJ3cXK2Og.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e62a5ece91dc60f1d41888dc2261a956481d2f0962fe840948c8a3f50e50be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18723
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311276fc6cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*awS53mp70WB16uF2k4Iq_w.png
miro.medium.com/max/300/ 29 KB
29 KB 161ms
161ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*awS53mp70WB16uF2k4Iq_w.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5247881b7199351f801c47ea450dfbfd8fb0879699a5237880671a49a8393f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 75
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29843
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311276fc9cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*uyNid5hqVTV2W7ypBHxEzQ.png
miro.medium.com/max/300/ 25 KB
25 KB 164ms
163ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*uyNid5hqVTV2W7ypBHxEzQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19be474bfdbc3fb09cbcd8df208ff2ee00531540ce769dcef10a556a7487c332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25507
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127a816cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*re1INx6R7k34pStpaGNFpQ.png
miro.medium.com/max/300/ 22 KB
23 KB 206ms
206ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*re1INx6R7k34pStpaGNFpQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d35e8ad79b9de8814f26c5fee6d42dc9ee0381d2b0c6a071c036d871365f8457

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22725
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127a818cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*Hcsu-CKuZhHEWc1U6-ekAw.png
miro.medium.com/max/300/ 6 KB
7 KB 148ms
147ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*Hcsu-CKuZhHEWc1U6-ekAw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b55f52175e632bcc946861d5a69c60873ec9583d07a322324aa78d626bbacab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6572
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127b82bcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*XLXdRe5UmpbxU9RGR4x1zw.png
miro.medium.com/max/300/ 13 KB
13 KB 161ms
161ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*XLXdRe5UmpbxU9RGR4x1zw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36dfd9093d408b40f3945789a4c689c4f8183172cb48031ebf7ea04fb43481e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13414
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127b838cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*EUfyhBV28NJ3Sj47OC8dEw.png
miro.medium.com/max/300/ 31 KB
32 KB 194ms
193ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*EUfyhBV28NJ3Sj47OC8dEw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a199f79edd413a057235815cde380727f198add7227e6ff5c386810f60379f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32176
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127c85bcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*a2KGZ1xme8O9f1dbYFJWwQ.png
miro.medium.com/max/300/ 32 KB
32 KB 159ms
158ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*a2KGZ1xme8O9f1dbYFJWwQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f210b0e418e72f39c52ed7db0b5304da789ab61204700a24b4b5d63df9bd5760

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32778
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127d865cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*hlfGJSH0JXVug8YairX23A.png
miro.medium.com/max/300/ 15 KB
15 KB 150ms
150ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*hlfGJSH0JXVug8YairX23A.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b0cc7b05fe6b268d6ea530737ffc235d1f8f85892cff30f0e0426d409e314b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 60
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15263
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127d86acc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*k4aiLvh3rOlbw479HsdRpw.png
miro.medium.com/max/300/ 52 KB
53 KB 180ms
180ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*k4aiLvh3rOlbw479HsdRpw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4840f5d54ec726aa9933b5b7fc81a0bd38acda4801b9c8b574c2a2f87af8706b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 53
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53544
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127d875cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*3EyCkQkNBNc9f8twc_dMzQ.png
miro.medium.com/max/300/ 32 KB
33 KB 154ms
154ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*3EyCkQkNBNc9f8twc_dMzQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651a7abf776f8d77bafc4e432771b9064e868e36fae3752faed98068dad888c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32990
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127e87dcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*XgXKQL_jVDgdPyUyJGyzrA.png
miro.medium.com/max/300/ 8 KB
8 KB 155ms
155ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*XgXKQL_jVDgdPyUyJGyzrA.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1abefedc7046cf2d98ea4c61a06200b244a7f9cacf775eda4990b1acc1c7e628

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7702
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127e881cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*f53LsSrQI0g1IctDDuiyRg.png
miro.medium.com/max/300/ 57 KB
57 KB 157ms
157ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*f53LsSrQI0g1IctDDuiyRg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd57314eb713f7ae46580de3fbc8db054172d85d4642adada2cd08c43cbf5366

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58476
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127f891cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*W5D_ck7oAgxu6Bczbaj8lg.png
miro.medium.com/max/300/ 34 KB
35 KB 178ms
177ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*W5D_ck7oAgxu6Bczbaj8lg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af2e68a9081918ea5fb1fab807c4286da4e588d6bf35bca7c4aa055cdd51a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34990
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127f8a0cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*ri9yBVw3M-h1vSYaFYY5sQ.png
miro.medium.com/max/300/ 8 KB
9 KB 153ms
153ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*ri9yBVw3M-h1vSYaFYY5sQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e82aca827aedbfb8a06fb7aaaed914765bbf00aeec8f52c47b26bb618ee615

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8539
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31127f8a6cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*v8_FwEupYhTqOSMNdUypoA.png
miro.medium.com/max/300/ 14 KB
15 KB 157ms
156ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*v8_FwEupYhTqOSMNdUypoA.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc76cc18985d7a3a01b59d43ebabedaa66007aeab88f531612aac361d145d4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 59
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14528
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112808b0cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*eX14WNo532LmVgnqjOP9lg.png
miro.medium.com/max/300/ 11 KB
11 KB 147ms
147ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*eX14WNo532LmVgnqjOP9lg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8610bd488ac9d82c3dd26dbc85490e2e552be5c5e3f6ed1aa999201d867df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11073
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112818bbcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*4h9y33nkWD2TjmXra-rzOQ.png
miro.medium.com/max/300/ 17 KB
17 KB 174ms
174ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*4h9y33nkWD2TjmXra-rzOQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2bb6c9a52aa7e31d1b4f14c30124a60d0e1dc947ec15a61ce7407c7ae86787a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17253
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112818bfcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*E7zSslV2Ia_lZQ487CE0FQ.png
miro.medium.com/max/300/ 21 KB
21 KB 156ms
156ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*E7zSslV2Ia_lZQ487CE0FQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

011b42479f5bb7716d8f5204f68207f3f2f94c5cf56f8a955e47fb94c98c4efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21069
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112828d5cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*tTrA5mnTsA8k_vT2N66nFQ.png
miro.medium.com/max/300/ 32 KB
32 KB 197ms
197ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*tTrA5mnTsA8k_vT2N66nFQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fadc33da02dedf4a9cb7640155b1b7ee02b9f29286959e1017d87359e5f81df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32333
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112828dbcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*wC3Ns4k_rDX9LUDYfiHV_g.png
miro.medium.com/max/300/ 59 KB
60 KB 139ms
139ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*wC3Ns4k_rDX9LUDYfiHV_g.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de4ca9cd341202474b4861cfc519eb9b4c9c4ce04a97343872701b376eef4b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 53
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60910
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112828dccc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*qMjWEHPbECRzTUa9wwbSoA.png
miro.medium.com/max/300/ 17 KB
18 KB 147ms
146ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*qMjWEHPbECRzTUa9wwbSoA.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

879d1e7bc4f325cea326d2f2232a8ee8d219a87fd378a0844372d6fa243a844c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17800
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112838f7cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*KJ9JywfzHhaMF2OFFFaafg.png
miro.medium.com/max/300/ 32 KB
32 KB 229ms
228ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*KJ9JywfzHhaMF2OFFFaafg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

481ecae0973350bccf865a8f926b8bcbe772c5c57e587aafb89c2aa7c1613506

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32841
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311283902cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*ZM5b0KSB9PxZuLFUZ3OQig.png
miro.medium.com/max/300/ 22 KB
23 KB 166ms
166ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*ZM5b0KSB9PxZuLFUZ3OQig.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f6742d876d142a15fadaf33b1b570edc8044cb828001596852deb738198e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22768
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31128490ecc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*tWRz8YxUU10RHYI8h_weLw.png
miro.medium.com/max/300/ 21 KB
21 KB 223ms
223ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*tWRz8YxUU10RHYI8h_weLw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f29e208a9a87686d998e3d9bbc5768c167f28474de48a9320cd58090707df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 72
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21046
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31128490fcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*5oTWdVBJEPy_U7yHX4is6w.png
miro.medium.com/max/300/ 30 KB
30 KB 146ms
146ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*5oTWdVBJEPy_U7yHX4is6w.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4afffc3015e8db73cfcc1b36b08fb8059987c7fd6b1d7fbd8f6d4f0ff306e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30333
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311284912cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*Ma11nVRr807MJpyn7wUSVw.png
miro.medium.com/max/300/ 21 KB
21 KB 213ms
213ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*Ma11nVRr807MJpyn7wUSVw.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe7d1d5a71a11be1e19cb285f8d981c5653c386bee3dcfa3e488437b73c9dcee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21028
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311284919cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*jVl-jMRzf1RlpY8ZB1NNdg.png
miro.medium.com/max/300/ 10 KB
10 KB 140ms
139ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*jVl-jMRzf1RlpY8ZB1NNdg.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f35f63e35d3b32de19d2b5da42381a81051738cc4f1939604bd065f1c7ade26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10108
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31128591fcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*pzFV2V-mc7fnt9OWCE1H9w.png
miro.medium.com/max/300/ 23 KB
24 KB 281ms
280ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*pzFV2V-mc7fnt9OWCE1H9w.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90bce0cfa1b6303bb4f055636aff3fb7bb17e6e3bd2f7d0533a3ad2b85480f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 87
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24047
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311285922cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*1e-WDICHpahRd1Hs4YZfWQ.png
miro.medium.com/max/300/ 13 KB
13 KB 223ms
223ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/300/1*1e-WDICHpahRd1Hs4YZfWQ.png

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b1b1891defe2ee33f8e462624b316d5d3fc9354e63d8f02bcfbab2d22add72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12885
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d311285927cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 PostGiveTipOnExternalPlatform.8f77b158.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 43ms
43ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.8f77b158.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.8c04b1eb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1025163
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AF3N7753DC5XQHW6
x-amz-id-2: +jmYCPeoPNLAPjqnBrcfyOcxcR/Zsc8Mzcobt2w+i+uriU2T6p15YXqwtxy/bdUu/V9fxYpFmqI=
last-modified: Mon, 29 Aug 2022 15:03:38 GMT
server: cloudflare
etag: W/"a8da66300dc20eb65b5ca5b255fb21bf"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: jOmB2cABPV60dTlglOANqba9eeq2SJ1k
cf-ray: 74d3112b1d6bcc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:47 GMT

GET
H3 200 0*tDs1K27pjEbg6eDO
miro.medium.com/max/700/ 35 KB
35 KB 157ms
156ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/0*tDs1K27pjEbg6eDO

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df3d6a25d4d1207b5be9c3a01e23e2fdeed639061c8b145b855d9b2e583779e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 57
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35441
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfeb1cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*HsR0pN83jRH2AmPMSqRsjA.png
miro.medium.com/max/700/ 33 KB
33 KB 209ms
204ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*HsR0pN83jRH2AmPMSqRsjA.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fdc3f01d4d768576b07724cb6b09c357608ca99c8f392f57c26fcdd1d831e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 76
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33420
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfeb8cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*S3GQbNegWI4-tgwZasQtyw.png
miro.medium.com/max/700/ 69 KB
69 KB 196ms
191ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*S3GQbNegWI4-tgwZasQtyw.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17452a6e6e9d50edbbc668ebb48c7ff426045f25fb6ef0967c1a3fb01d6acbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70556
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfebacc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*5S2lTeGX-EguDErNKsRXrw.png
miro.medium.com/max/333/ 84 KB
85 KB 154ms
149ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/333/1*5S2lTeGX-EguDErNKsRXrw.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19c0d7bc9c12fadedcb58f1c748a3bd97b00488613be4d5bec36422c916f6c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 80
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86347
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfebbcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*RJv308iUcxqrr3o1GKB6zw.png
miro.medium.com/max/334/ 52 KB
53 KB 159ms
154ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/334/1*RJv308iUcxqrr3o1GKB6zw.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3b54f3d80852457c9d60223126aa8120e5312dc9a7c4ec02a423d68ac671585

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 62
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53511
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfebdcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*3I2j2cljA7VLzidIq7SImA.png
miro.medium.com/max/334/ 15 KB
15 KB 176ms
172ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/334/1*3I2j2cljA7VLzidIq7SImA.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e839e7794ae818e633e5e3174071d9ef203fd287fd2dc1cf017960e9660253

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 90
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15488
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfebfcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*HSyCpLE_P8MkfSBt4QOcnQ.png
miro.medium.com/max/336/ 134 KB
134 KB 159ms
155ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/336/1*HSyCpLE_P8MkfSBt4QOcnQ.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a30bae712f4df88ff8afa78c884b48ce930e6fb41fd9706e2a719515a65d3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 74
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136894
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfec1cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*wXGLqcEknComBbElp0BJ0g.png
miro.medium.com/max/330/ 121 KB
121 KB 241ms
238ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/330/1*wXGLqcEknComBbElp0BJ0g.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fac5c28785af654033b9df8ef21237dcd914097945983bc05399396e65c087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 86
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 123932
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfec3cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*nwKT3u5BQGRctd1V7HBoGw.png
miro.medium.com/max/336/ 129 KB
129 KB 181ms
178ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/336/1*nwKT3u5BQGRctd1V7HBoGw.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a53e8b024a133e781d5099cc95b8f7729d07d4c0425b10c036b7cf8f288c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 95
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 132124
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfec5cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*i0OmYyMX6B8oRyLWuf5NtA.png
miro.medium.com/max/339/ 56 KB
56 KB 184ms
181ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/339/1*i0OmYyMX6B8oRyLWuf5NtA.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8736f60cc39e400e507a0d635182261b24d3da719191e31b8291161e4c215776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57310
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfec6cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*kGXZDdJI9j4pul3LPRsqqA.png
miro.medium.com/max/332/ 118 KB
118 KB 146ms
143ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/332/1*kGXZDdJI9j4pul3LPRsqqA.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de58a2ff7b9d0af3900ceaf8f4a5ebd81dc83de3065beefa98d269845b4febc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 82
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 120466
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfec9cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*4pdsekVzBV4PMZCP4Amr1w.png
miro.medium.com/max/331/ 135 KB
135 KB 167ms
164ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/331/1*4pdsekVzBV4PMZCP4Amr1w.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ef9c7b381abd610c10b24b633869235ea74b843973ef65076756f986838534

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 94
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 137832
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfecacc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*sUNMwmpvyA6PfN6QQj2DIg.png
miro.medium.com/max/700/ 804 KB
804 KB 195ms
193ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*sUNMwmpvyA6PfN6QQj2DIg.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56f965df2732f8221e1b269680dd2a598a7b3253a56fa50b90742e2d0166603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 823143
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfececc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*DVzkASa6gfedGslFReCsZQ.png
miro.medium.com/max/504/ 89 KB
90 KB 188ms
185ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/504/1*DVzkASa6gfedGslFReCsZQ.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

431a39f2e07747167f649e932b825d3ba16c353670a0bff5b42e0954f0956fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 94
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91464
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfecfcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*ujlpzXZfVscLVGzxHtULYg.png
miro.medium.com/max/497/ 25 KB
25 KB 161ms
158ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/497/1*ujlpzXZfVscLVGzxHtULYg.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd985cb40d8fff5cb58efb38f96a3a1069f3533e62b2adbfe32ebab206111e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25570
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfed3cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*AQvpbNPfUXRG-W0XMscH6Q.png
miro.medium.com/max/700/ 24 KB
24 KB 155ms
152ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*AQvpbNPfUXRG-W0XMscH6Q.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c8b97e2fdbaf899cd384780d61f37d9ead10b72fc6f479e1430147f234c17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24609
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfed6cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*dxqpKH8pRaQLDg4xUwD1_g.png
miro.medium.com/max/535/ 9 KB
10 KB 190ms
188ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/535/1*dxqpKH8pRaQLDg4xUwD1_g.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a729f41c80129619ecbd52b2035a42c69a5e39e945591676c53b71d6bb09bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9411
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfedacc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*u9w1HnUhRgjICztF7Ms6-Q.png
miro.medium.com/max/466/ 37 KB
38 KB 191ms
188ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/466/1*u9w1HnUhRgjICztF7Ms6-Q.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4f23dc15d2ca80cad4d66ab44203e65d317c5a503466a247d5bd1d385d459

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38076
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfedbcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*7MBHirxZRfSfmoWWNzfzZw.png
miro.medium.com/max/507/ 7 KB
8 KB 143ms
141ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/507/1*7MBHirxZRfSfmoWWNzfzZw.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7da84601c604be97f1be8f98b3560db6397d1d90b4c90dd2ee3277e9a4c366c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7445
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfedccc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*YCj_ueQW67xsFiyZFFlomg.png
miro.medium.com/max/494/ 6 KB
6 KB 204ms
202ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/494/1*YCj_ueQW67xsFiyZFFlomg.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e525a14f8d5cdbf318945d9de4559cb2fdc5d71d4383cb7fe1c159d20a0b24f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 38
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfee0cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*5eA0-X9VhrHfyFnkfc_2Uw.png
miro.medium.com/max/707/ 60 KB
60 KB 205ms
203ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/707/1*5eA0-X9VhrHfyFnkfc_2Uw.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0e4bf2be7c274d0634c552c21455cd30bfacb9e93f2d5490924c868a809e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 68
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61488
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfee1cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*BTqPV0mQgEGA902Efhjn-Q.png
miro.medium.com/max/700/ 51 KB
51 KB 207ms
205ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*BTqPV0mQgEGA902Efhjn-Q.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c40c5970a629a53ee33b2835a514f29814d1fefede1196ce91defec80bd1ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52016
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfee3cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*gqzYeSSythRnWDnW3uH82Q.png
miro.medium.com/max/485/ 49 KB
49 KB 208ms
206ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/485/1*gqzYeSSythRnWDnW3uH82Q.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f881a9f688918b22f2c8df14f7d6ac73239635742f92fd71ba0d7b588039225

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50220
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfee5cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*IfNQjSv8ZxhHiAku75NhnA.png
miro.medium.com/max/516/ 79 KB
79 KB 225ms
224ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/516/1*IfNQjSv8ZxhHiAku75NhnA.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e46be509e62fd56c341739ac6bf5eea8ca320a5dca0508ee9de97fdb81b1988a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 82
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80680
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfee7cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*p6-D9BXbLsHLtDW8RG5mzg.png
miro.medium.com/max/700/ 30 KB
31 KB 227ms
225ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*p6-D9BXbLsHLtDW8RG5mzg.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

130347049d5dcc56d15bc61695c4bf0d271570fb4fd6aaea76b684191b9faa90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31026
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfee9cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*Gzx_yxzR1l1GX0h8J75gfQ.png
miro.medium.com/fit/c/32/32/ 1 KB
1 KB 220ms
219ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/1*Gzx_yxzR1l1GX0h8J75gfQ.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a10b6b32c76b978149d7c0b85a57fe9aefd7c2ee7a84ec62973cd2620d1045b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1125
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 74d3112bfeebcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*CeV88vA72XwNGRvC79wSOg.png
miro.medium.com/fit/c/48/48/ 4 KB
4 KB 220ms
219ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/48/48/1*CeV88vA72XwNGRvC79wSOg.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f848bb1f4666193f0ba2be649d5ba6b9b27d01ebac5e175d0a53f63adba2611

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3662
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 74d3112bfeedcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

GET
H3 200 1*CeV88vA72XwNGRvC79wSOg.png
miro.medium.com/fit/c/88/88/ 10 KB
10 KB 220ms
218ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/88/88/1*CeV88vA72XwNGRvC79wSOg.png

Requested by

Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c1def67eac3dea9a9748338c7612334283d5afc099cd8540251c2d1c5e4da0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 42
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9863
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d3112bfeefcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:47 GMT

POST
H2 200 graphql Show response
blog.confiant.com/_/ 143 B
438 B 135ms
132ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ca240649cedbc106e6e69c29d9d6a5dfbaa2077636f8c8a80c7320256f2a411c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
sepia-upstream: medium
server: nginx
etag: W/"8f-dXnDMtwL7BDW6//b6eLvr40KZ8A"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a
x-envoy-upstream-service-time: 19
content-length: 143
x-xss-protection: 0
x-request-received-at: 1663598328051

POST
H2 200 graphql Show response
blog.confiant.com/_/ 1 KB
810 B 179ms
177ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

02991488a745496da54f160470fa49e894626d8967c97f5d79bd1cda86c50c54

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"4a1-C8HwWK3/KHU9O9WKovnjOwGbgm8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
x-envoy-upstream-service-time: 62
x-xss-protection: 0
x-request-received-at: 1663598328044

POST
H2 200 graphql Show response
blog.confiant.com/_/ 1 KB
1 KB 187ms
186ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

55e10d51e8f66564d0992e11cc90d3f96b39048fe14f4810e822e5db0644959d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: FloatingPostActionsQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"532-vcm73A8y3DHysF8dm4vSVoORXzA"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220916-201219-9a0996f10f
x-envoy-upstream-service-time: 73
x-xss-protection: 0
x-request-received-at: 1663598328047

POST
H2 200 graphql Show response
blog.confiant.com/_/ 210 B
532 B 274ms
273ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5c43b4871f670526400fc3939704d483a99132f1d699e2a40a389d6565fa851c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
sepia-upstream: medium
server: nginx
etag: W/"d2-TGlpxALaYS05syNdu5mtZsUtBw4"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
x-envoy-upstream-service-time: 57
content-length: 210
x-xss-protection: 0
x-request-received-at: 1663598328151

POST
H2 200 graphql Show response
blog.confiant.com/_/ 108 B
430 B 272ms
272ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: PostPageMeterQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
sepia-upstream: medium
server: nginx
etag: W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
x-envoy-upstream-service-time: 57
content-length: 108
x-xss-protection: 0
x-request-received-at: 1663598328149

POST
H2 200 graphql Show response
blog.confiant.com/_/ 2 KB
1 KB 335ms
335ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd5c81ece12c82abbd694ee0892cc1869ba743a90b7e0d15d9d5fd046b17ff30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: PublisherFollowersDialogUserQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"94a-t1XkX0KRFHZp226FaEAY0sLBw+8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
x-envoy-upstream-service-time: 119
x-xss-protection: 0
x-request-received-at: 1663598328151

POST
H2 200 graphql Show response
blog.confiant.com/_/ 5 KB
2 KB 336ms
335ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

64cbe21901d5a79d1d1c1c58675af22aad7ec933902044678ec6c71169ca4610

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: RecircSidebarQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"12f8-uHdda8R6hMFKEux/DNW2Wyp1R9Q"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220916-201219-9a0996f10f
x-envoy-upstream-service-time: 123
x-xss-protection: 0
x-request-received-at: 1663598328149

POST
H2 200 graphql Show response
blog.confiant.com/_/ 96 B
417 B 261ms
260ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

49cd8ec43cb86940a800f3324972bc7c3a43688443ea4eeef71f1838877c3a89

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
sepia-upstream: medium
server: nginx
etag: W/"60-KdoH5OomIvuRu2VZU2FPUf3S6Qo"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
x-envoy-upstream-service-time: 48
content-length: 96
x-xss-protection: 0
x-request-received-at: 1663598328152

POST
H2 200 graphql Show response
blog.confiant.com/_/ 103 B
399 B 244ms
243ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b4ddf15d96a74910f384e7df4913f8855f6a29729749db2665f16abef28d1de3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
sepia-upstream: medium
server: nginx
etag: W/"67-s7axOw4pKic8Xp3+T/QXFKTpBO0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a
x-envoy-upstream-service-time: 31
content-length: 103
x-xss-protection: 0
x-request-received-at: 1663598328152

POST
H2 200 graphql Show response
blog.confiant.com/_/ 80 B
374 B 175ms
173ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

184947646b4e0dbdd19d279c473d4000d57024c565b25aeb303e27aae0a03cca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
sepia-upstream: medium
server: nginx
etag: W/"50-MzqsDcEqvPlct3vHsVkbk3h6qi8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a
x-envoy-upstream-service-time: 24
content-length: 80
x-xss-protection: 0
x-request-received-at: 1663598328154

POST
H2 200 /
blog.confiant.com/_/clientele/reports/performance/ 0
0 116ms
116ms Fetch
application/octet-stream 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.confiant.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c15690f9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-181-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, clientele/main-20220917-011236-c1095c0fce
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
blog.confiant.com/_/clientele/reports/performance/ 0
0 124ms
124ms Fetch
application/octet-stream 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.confiant.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c15690f9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-181-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, clientele/main-20220917-011236-c1095c0fce
x-envoy-upstream-service-time: 12
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
blog.confiant.com/_/clientele/reports/performance/ 0
0 117ms
115ms Fetch
application/octet-stream 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.confiant.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c15690f9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-181-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 14:38:48 GMT
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, clientele/main-20220917-011236-c1095c0fce
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 shim.js Show response
cdn.sprig.com/ 193 KB
65 KB 79ms
20ms Script
application/javascript 13.225.78.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=WISfSM8eD3
Requested by: Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11d34469536d10e61ede4bf9b6b6273760ede1e44353dc7ee9b2e8b9df572597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:09:52 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 22:16:59 GMT
server: AmazonS3
age: 1737
etag: W/"d167fb6e7d983d4e5c21043c3f1ae5e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 70k_MvGp8zNdvij9WWg1r71Yr7pq862w
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: EUy-51bYgGg4xS622tLEWjOPQLYKL3zM274i7Hwy5t9NTXGl328xqw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5808
date: Mon, 19 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 15:02:00 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 76 KB
23 KB 69ms
20ms Script
text/javascript 108.138.17.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: blog.confiant.com
URL: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce?gi=814b4b973e91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: xpT8NSlkFRtFn0r3VTueOXydk4ItdRFJ
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 22:02:15 GMT
server: AmazonS3
age: 215
etag: "9a440767cf788fb1f7e43521d015d5ca"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 19 Sep 2022 14:35:13 GMT
x-amz-cf-pop: FRA56-P7
content-length: 23149
x-amz-cf-id: R7Vi797DwqoISkI2ZaYPyn8hCnAIrz4JLp_r1jk71hgwDUpzRSIYgQ==

GET
H3 200 1*bzm2aHLWJhWfFM3kp_-rHw.jpeg
miro.medium.com/fit/c/20/20/ 911 B
1 KB 187ms
187ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*bzm2aHLWJhWfFM3kp_-rHw.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91bf0ae9bed309f275dffd1cbf1cd41ee914dfcdb1f160cbbc503348df3ae75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 145
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 911
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 74d31134fbdfcc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 1*vUDDo_d7nvC4kRelKJUyzw.png
miro.medium.com/focal/56/56/50/50/ 2 KB
2 KB 439ms
438ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*vUDDo_d7nvC4kRelKJUyzw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb973e7c90baaa8edb1af21d0a627f28eabae3f1e6a94b0168a55b4b79496d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 260
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1768
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31134fbe1cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 1*UbumxxMVziEyp-wnutR8IA.jpeg
miro.medium.com/fit/c/20/20/ 827 B
1 KB 41ms
40ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*UbumxxMVziEyp-wnutR8IA.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60aee5737f8296666b70548f626d339f7cfade235a44a9d6a5a706023be3f6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9901
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 827
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 74d31134fbe2cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 0*l0GHS1UJJid2pQMm
miro.medium.com/focal/56/56/50/50/ 3 KB
3 KB 52ms
51ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*l0GHS1UJJid2pQMm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e237cf9830fd9dbec28f0417e41f7046003e1411d9aa72b085eef59800d5f369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9901
x-envoy-upstream-service-time: 64
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2916
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220901-135326-bed56e3fb4
accept-ranges: bytes
cf-ray: 74d31134fbe4cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 1*JgmX-5lcC4ZiISdmhcUtWQ.png
miro.medium.com/fit/c/20/20/ 761 B
1 KB 190ms
189ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*JgmX-5lcC4ZiISdmhcUtWQ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae8a1456e962aa386b9545907e837b11de06f7cbeb4e3249c4656f3469b8ee89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 60
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 761
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 74d31134fbe5cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 1*CQjITCVlynMZ38D8-rIGFQ.png
miro.medium.com/focal/56/56/50/50/ 2 KB
2 KB 146ms
145ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*CQjITCVlynMZ38D8-rIGFQ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1ae3f20d88f8435418ed0c285f50475a09e50fab52032560331d2ebc9839811

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 303
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1777
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31134fbe9cc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 1*PQtLK7b4hluME4YVXPdp5A.jpeg
miro.medium.com/fit/c/20/20/ 903 B
1 KB 138ms
137ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*PQtLK7b4hluME4YVXPdp5A.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

371f6316e4841ef6114718b84ba24047d01401d9b2cd238e32b095a00182891b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 81
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 903
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 74d31134fbeacc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 1*CQkgkOMRyF4lHj3k8YRKCQ.png
miro.medium.com/focal/56/56/50/50/ 7 KB
7 KB 149ms
148ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*CQkgkOMRyF4lHj3k8YRKCQ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74e6c20e33b95ce61785694f1bd4634b7070e9b498b430cd9641c9967eb6e6de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6843
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220912-192647-a63a7427a9
accept-ranges: bytes
cf-ray: 74d31134fbeccc4a-ZRH
expires: Wed, 19 Oct 2022 14:38:49 GMT

GET
H3 200 4560.63d6df84.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 44 KB
12 KB 56ms
56ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4560.63d6df84.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.8c04b1eb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f05f660db5ecbeff39cda5bd68bb358e9410f037cd4a6b2253fb3e172e066da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 856408
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: W99WG1DCCMJQCE5T
x-amz-id-2: YrG1tq7v35/PJS8q8IWnNykW0960hxv3u4q21+y0N/ro/xu5Rhy5k02oHv7xLpewm3rTBy3cGlE=
last-modified: Fri, 09 Sep 2022 16:07:03 GMT
server: cloudflare
etag: W/"cea3169262c644bcebea0fbe000df624"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: H3YJOEgqYlZjs0mt7sP5YaBn4t21Og4J
cf-ray: 74d31134fbeecc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:49 GMT

GET
H3 200 PostNextFiveStories.5ef18fff.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 44ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.5ef18fff.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.8c04b1eb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1025161
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6HYRPE56B03M9HZ0
x-amz-id-2: 371Blsw/iymLWs3ZYzse7ROVFRrRMZvvZssTOaA6DzeYUl9tNFU43LonSFAvaKjOz6oWJcdZTmk=
last-modified: Fri, 26 Aug 2022 22:24:21 GMT
server: cloudflare
etag: W/"5bc6ab68088c4531380f47520b82da55"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: exTCuGBa1y2uney1YBpz5JAAyr6r7o7e
cf-ray: 74d31134fbf0cc4a-ZRH
expires: Tue, 19 Sep 2023 14:38:49 GMT

GET
H2 200 _r Show response
app.link/ 91 B
595 B 356ms
195ms Script
text/javascript 2600:9000:2304:b600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.65.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:b600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

1d5c16888526994fa4178b06a919472e835a2ddbe7cbc9db053055bc13855323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: VIE50-P1
etag: W/"5b-0PARbyDUJjWJ4maHfLYaQEHdOm0"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: QZkaokxErQUemwt4_rgCAyNwPIyNkrCGlqM1kzD9XhPoYBHFfvjMMw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 78ms
27ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1210859917&t=pageview&_s=1&dl=https%3A%2F%2Fblog.confiant.com%2Fhow-seaflower-%25E8%2597%258F%25E6%25B5%25B7%25E8%258A%25B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce&ul=en-us&de=UTF-8&dt=How%20SeaFlower%20%E8%97%8F%E6%B5%B7%E8%8A%B1%20installs%20backdoors%20in%20iOS%2FAndroid%20web3%20wallets%20to%20steal%20your%20seed%20phrase%20%7C%20by%20taha%20aka%20%22lordx64%22%20%7C%20Confiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1580425563&gjid=1434263686&cid=832852612.1663598329&tid=UA-24232453-2&_gid=1062834405.1663598329&_r=1&_slc=1&z=2099628794

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:38:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.confiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/ 15 KB
3 KB 175ms
175ms Fetch
application/json 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 56a7e319beaf448089f236a6a86ce88efdca69980ea0eabab44414efdbeca691

Request headers

x-ul-visitor-id: ae4fc140-a78e-4651-97e4-28f2aa99a032
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
x-ul-sdk-version: 2.17.3
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
content-encoding: gzip
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"3b72-AZnED8Y+cFsrzwOxsiDvpPsa4wQ"
vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 24
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

POST
H2 200 graphql Show response
blog.confiant.com/_/ 83 B
405 B 181ms
181ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

001e167b5187649dc7f23876d959d0bbf9754aabca7759afc6dc318530408963

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
sepia-upstream: medium
server: nginx
etag: W/"53-Dz3brglrwJHNHbOHeSHy/TQkFsc"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
x-envoy-upstream-service-time: 71
content-length: 83
x-xss-protection: 0
x-request-received-at: 1663598329231

OPTIONS
H/1.1 200
OK config
api.sprig.com/sdk/1/environments/WISfSM8eD3/ 0
0 439ms
107ms Preflight 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://blog.confiant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Mon, 19 Sep 2022 14:38:49 GMT
vary: Origin

POST
H2 200 graphql Show response
blog.confiant.com/_/ 22 KB
4 KB 476ms
475ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

483c1b56006defa4fba0de7224bd816eda84f86b15e455a6a09720131dec4e1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 420998cfbc2fe47d
medium-frontend-path: /how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
graphql-operation: PostNextFiveStoriesCollection
content-type: application/json
accept: */*
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
medium-frontend-app: lite/main-20220919-061722-a8b86343c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
apollographql-client-version: main-20220919-061722-a8b86343c7
ot-tracer-spanid: 5310dcbf18296abc

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"597e-D0Qq5uxswDzL1abpahHMaXTUkXY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7, rito/main-20220919-122641-83f616406a, tutu/main-20220919-095605-fb85631e96
x-envoy-upstream-service-time: 260
x-xss-protection: 0
x-request-received-at: 1663598329535

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
677 B 432ms
181ms XHR
application/json 2600:9000:2104:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9d9ae48fe0544789bca555a21bec6df8160d0a45a3e1216e1a35c974788512f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 14:38:49 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 3124a388a7474c0482e0e98822589837-2022091914
content-length: 316
x-amz-cf-id: wNpIf_SZKiH_YBON92Ag2r4SPHysp9UTEwkC6Ie6K-NBWPPVtDQWWg==

OPTIONS
H/1.1 200
OK ae4fc140-a78e-4651-97e4-28f2aa99a032
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ 0
0 106ms
106ms Preflight 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ae4fc140-a78e-4651-97e4-28f2aa99a032
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://blog.confiant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Mon, 19 Sep 2022 14:38:49 GMT
vary: Origin

OPTIONS
H/1.1 200
OK attributes
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ae4fc140-a78e-4651-97e4-28f2aa99a032/ 0
0 212ms
105ms Preflight 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ae4fc140-a78e-4651-97e4-28f2aa99a032/attributes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-user-id,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://blog.confiant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Mon, 19 Sep 2022 14:38:49 GMT
vary: Origin

PUT
H/1.1 204
No Content ae4fc140-a78e-4651-97e4-28f2aa99a032 Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ 0
815 B 259ms
150ms Fetch 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ae4fc140-a78e-4651-97e4-28f2aa99a032
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id: sprig-anon-a316439e-75c6-4cbd-ac0a-b66d206c0c72
x-ul-visitor-id: ae4fc140-a78e-4651-97e4-28f2aa99a032
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
x-ul-sdk-version: 2.17.3
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Mon, 19 Sep 2022 14:38:50 GMT
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
x-ul-visitor-id: ae4fc140-a78e-4651-97e4-28f2aa99a032
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiJhZTRmYzE0MC1hNzhlLTQ2NTEtOTdlNC0yOGYyYWE5OWEwMzIiLCJpYXQiOjE2NjM1OTgzMzAsImV4cCI6MTY2Mzc3MTEzMH0.d6GURwN_oq6qCUmwVRNMw0j2v4c6u0PzXpphgdbs-F6eqIw1IXqZqCDEznEyUVpk1B294PYwuaDOYkAWIApZpw
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 40
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

PUT
H/1.1 204
No Content attributes Show response
api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ae4fc140-a78e-4651-97e4-28f2aa99a032/ 0
815 B 296ms
189ms Fetch 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/WISfSM8eD3/visitors/ae4fc140-a78e-4651-97e4-28f2aa99a032/attributes
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-user-id: sprig-anon-a316439e-75c6-4cbd-ac0a-b66d206c0c72
x-ul-visitor-id: ae4fc140-a78e-4651-97e4-28f2aa99a032
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
x-ul-sdk-version: 2.17.3
x-ul-environment-id: WISfSM8eD3
userleap-platform: web

Response headers

date: Mon, 19 Sep 2022 14:38:50 GMT
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
x-ul-visitor-id: ae4fc140-a78e-4651-97e4-28f2aa99a032
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IldJU2ZTTThlRDMiLCJ2aWQiOiJhZTRmYzE0MC1hNzhlLTQ2NTEtOTdlNC0yOGYyYWE5OWEwMzIiLCJpYXQiOjE2NjM1OTgzMzAsImV4cCI6MTY2Mzc3MTEzMH0.d6GURwN_oq6qCUmwVRNMw0j2v4c6u0PzXpphgdbs-F6eqIw1IXqZqCDEznEyUVpk1B294PYwuaDOYkAWIApZpw
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 81
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
613 B 188ms
187ms XHR
application/json 2600:9000:2104:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

3ee96e4c6f382ea9b199b29c7f087b91d66c21beb017efedb0bd9b197543e7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 14:38:50 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-powered-by: Express
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: e5601a2d160340ad8cfbd15124412ab3-2022091914
content-length: 183
etag: W/"b7-VZOt9jN3t3h7bdRPKmXrkVNI+do"
x-amz-cf-id: v7mbaKMbpk0p4up5TBFTfWSU_qbWrg23zjKScwvUNGtbPDTTR-JIqw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
433 B 284ms
284ms XHR
application/json 2600:9000:2104:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 14:38:50 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 454d7896813c420eb5d81124856ac9c0-2022091914
content-length: 28
x-amz-cf-id: Z1Ra_ATjKY7fshZvNZwDT4vXpxC60PnuQ6_3ii_m9-7FqNd4UbrO3w==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
432 B 195ms
194ms XHR
application/json 2600:9000:2104:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/221.eb6d4e84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 14:38:50 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: e24e5554353e4ba3be2f721f7ce6891b-2022091914
content-length: 28
x-amz-cf-id: 7gR-hlyKl3jqd6gaNM4rs7n3lAZJ5VpVw03-e2QqLflgCbNO7i540w==

POST
H2 200 oh-noes
blog.confiant.com/_/ 101 B
0 135ms
134ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.confiant.com/_/oh-noes

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c15690f9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.confiant.com https://.blog.confiant.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.confiant.com https://*.blog.confiant.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 20220919-0958-root,fb85631e
x-envoy-upstream-service-time: 19
content-length: 101
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
link: <https://medium.com/humans.txt>; rel="humans"
x-obvious-tid: 1663598332322:61111c2e7855
sepia-upstream: medium
server: nginx
date: Mon, 19 Sep 2022 14:38:52 GMT
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7
x-opentracing: {"ot-tracer-spanid":"46b499e45359c112","ot-tracer-traceid":"297eccf8a5f1da79","ot-tracer-sampled":"true"}
expires: Thu, 09 Sep 1999 09:09:09 GMT

POST
H2 200 batch Show response
blog.confiant.com/_/ 17 B
172 B 436ms
435ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.confiant.com/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c15690f9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-181-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://blog.confiant.com/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

date: Mon, 19 Sep 2022 14:38:52 GMT
medium-fulfilled-by: valencia/main-20220919-061722-a8b86343c7
x-envoy-upstream-service-time: 210
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.com/	1970-01-20 14:52:14	Name: sid Value: 1:C5VqB8KTYbfaQmOikxIimTZhSEh4VNYmQtHPYT4PjaIdgHaRAJ4U9Fl6E281phzv
.medium.com/	1970-01-20 14:52:14	Name: uid Value: lo_141790674e46
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: e6d965a21797538ab0ae2e48d49a8db996b62d57-1663598324
blog.confiant.com/	1970-01-20 14:52:14	Name: uid Value: lo_141790674e46
blog.confiant.com/	1970-01-20 14:52:14	Name: sid Value: 1:wKF3MD+GBoMdcNTGLI0By6U+Y98flTGgqYCNkkTsWZ0gFqEbEmpE94F/YhocFPOY
blog.confiant.com/	1970-01-20 06:06:39	Name: _dd_s Value: rum=0&expire=1663599227299
.confiant.com/	1970-01-20 15:42:38	Name: _ga Value: GA1.2.832852612.1663598329
.confiant.com/	1970-01-20 06:08:04	Name: _gid Value: GA1.2.1062834405.1663598329
.confiant.com/	1970-01-20 06:06:38	Name: _gat Value: 1
.app.link/	1970-01-20 14:52:14	Name: _s Value: dLb6vOx6HMkYDkeGsAfAtXZM%2Bnfz4YQGz18pxUf8CEjH924OzMJpqo4tWjDIyjSb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sprig.com
api2.branch.io
app.link
blog.confiant.com
cdn-client.medium.com
cdn.branch.io
cdn.sprig.com
glyph.medium.com
medium.com
miro.medium.com
www.google-analytics.com
108.138.17.45
13.225.78.38
2600:9000:2104:ee00:11:f728:3040:93a1
2600:9000:2304:b600:19:9934:6a80:93a1
2606:4700:7::a29f:9904
2a00:1450:4001:80f::200e
34.204.155.126
52.5.181.79
001e167b5187649dc7f23876d959d0bbf9754aabca7759afc6dc318530408963
011b42479f5bb7716d8f5204f68207f3f2f94c5cf56f8a955e47fb94c98c4efb
02991488a745496da54f160470fa49e894626d8967c97f5d79bd1cda86c50c54
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
054db58c8dca063476febf9884746d831c832c29d0b02c3726f40d01d8ccf61a
07ae491b4f6d9aee2c559cc2245727f46d05b74405e153617f97f4db642db749
07c8b97e2fdbaf899cd384780d61f37d9ead10b72fc6f479e1430147f234c17e
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0c40c5970a629a53ee33b2835a514f29814d1fefede1196ce91defec80bd1ae1
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0d8610bd488ac9d82c3dd26dbc85490e2e552be5c5e3f6ed1aa999201d867df0
0e90904613706435d4e162ab9ea5aebb9bb41ab5edcf1d96c2e41f8b1fb6c8db
10daf19f76f4c3e3ea8f203056a42c8f6f34551b19849d7c4efd7892388be95a
11d34469536d10e61ede4bf9b6b6273760ede1e44353dc7ee9b2e8b9df572597
130347049d5dcc56d15bc61695c4bf0d271570fb4fd6aaea76b684191b9faa90
17452a6e6e9d50edbbc668ebb48c7ff426045f25fb6ef0967c1a3fb01d6acbb3
184947646b4e0dbdd19d279c473d4000d57024c565b25aeb303e27aae0a03cca
19be474bfdbc3fb09cbcd8df208ff2ee00531540ce769dcef10a556a7487c332
19c0d7bc9c12fadedcb58f1c748a3bd97b00488613be4d5bec36422c916f6c50
1abefedc7046cf2d98ea4c61a06200b244a7f9cacf775eda4990b1acc1c7e628
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1d5c16888526994fa4178b06a919472e835a2ddbe7cbc9db053055bc13855323
2025f294041022f1f0eb1e0d84f1ee2f1bb50bd0ca1a7054e01c6c349ee57b07
219134a64f5af860e09a64ed4e31f0ab90d6ba0393ba5b9a0aa64acb99d2bd26
21f29e208a9a87686d998e3d9bbc5768c167f28474de48a9320cd58090707df7
256fa2a1acd35b701c057c169fc0fb7a7682998d48083fe211fda52b72943bbd
284ac805203c161df7f8e189f59f0827b436308d1f9f43c2386df2cdd681eb51
2e1a5eeb02e130f736c9797331aae8dff46ee13ca8dc9bfeb82a6e49594c7473
2e5fd991374b64e003e80c25952f69136dd8b47e3d84a81b590350afea6337e9
2f881a9f688918b22f2c8df14f7d6ac73239635742f92fd71ba0d7b588039225
3096f776db540f092d5b89c571dec330a17892298fbe56cf967ebc1fbdc4ac37
344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661
35e62a5ece91dc60f1d41888dc2261a956481d2f0962fe840948c8a3f50e50be
36050aaec3ecfa8286da5614ed907846ff186dda63d5c1d69c0a2cfce5aba6eb
369562108a23ff06088814e84ed28e84ce4a10d9c93f74f61031de2ec59d4754
371f6316e4841ef6114718b84ba24047d01401d9b2cd238e32b095a00182891b
3a10b6b32c76b978149d7c0b85a57fe9aefd7c2ee7a84ec62973cd2620d1045b
3af2e68a9081918ea5fb1fab807c4286da4e588d6bf35bca7c4aa055cdd51a49
3cda6f0036a3b19a70e54033250880adc499ac02c551ba66f636b4b7beef136e
3d199dfc6c36639a5e64f12fe590cfebdd2bad96c8615d4ff82e1ba72cf778d1
3e636d6b61d16ba8fa5d119a97b3dbba2483cd38fbc550a174951a31319ba7c7
3e644fdc416cd19eb02fba643acf1739afe10b912dafd69628e4720b22729646
3ee96e4c6f382ea9b199b29c7f087b91d66c21beb017efedb0bd9b197543e7c6
431a39f2e07747167f649e932b825d3ba16c353670a0bff5b42e0954f0956fc7
45e5b1673de64c85cd595f948d450a24077a632fdb55ab2e53bf120184f78cc8
481ecae0973350bccf865a8f926b8bcbe772c5c57e587aafb89c2aa7c1613506
483c1b56006defa4fba0de7224bd816eda84f86b15e455a6a09720131dec4e1e
4840f5d54ec726aa9933b5b7fc81a0bd38acda4801b9c8b574c2a2f87af8706b
49cd8ec43cb86940a800f3324972bc7c3a43688443ea4eeef71f1838877c3a89
49eb43f08609e0ac8a4d0711f4e14dd56df16506a52ae3dcd66f002bbabf23d2
4a30c24c996f2f70e25209faff5c7faad07d3d8fd6e4e793f5b7964cfb0e15c1
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
4b6b700236ebdf38df207868ccd6232c09b5165a93de4f6367e0082079491e00
4b7db83ba455a5892496dcd2af0409c3df62251546363b0c99c90a773e2a97e7
4f35f63e35d3b32de19d2b5da42381a81051738cc4f1939604bd065f1c7ade26
4fac5c28785af654033b9df8ef21237dcd914097945983bc05399396e65c087f
5247881b7199351f801c47ea450dfbfd8fb0879699a5237880671a49a8393f17
52a32cd5977136c7bc65551e16fa502a1a04f7dd055999f34479e62c7a8aaefc
55e10d51e8f66564d0992e11cc90d3f96b39048fe14f4810e822e5db0644959d
56a7e319beaf448089f236a6a86ce88efdca69980ea0eabab44414efdbeca691
5b55f52175e632bcc946861d5a69c60873ec9583d07a322324aa78d626bbacab
5c43b4871f670526400fc3939704d483a99132f1d699e2a40a389d6565fa851c
5cb8b6f43d4306086b39c0e3a5f48609e6705f5f5db126277b19177939189bb9
5da92ee22137b6da7c3ce0ea1d798d75b4c93c761243ad428103df02de5fe7bc
5eb2b7e14e15721e261df31f3dfc17057b58a8fa2ec407926aca9a23f6408dc5
5f48d51be7a817814e257cb5a945dcbb3dfd2df71087069c2f6571648eaef3ce
5f848bb1f4666193f0ba2be649d5ba6b9b27d01ebac5e175d0a53f63adba2611
60aee5737f8296666b70548f626d339f7cfade235a44a9d6a5a706023be3f6c3
64cbe21901d5a79d1d1c1c58675af22aad7ec933902044678ec6c71169ca4610
64ef18bc37b1ddc52eb8ec198ac27818854186b69b0da6f5066e864ec33d3653
651a7abf776f8d77bafc4e432771b9064e868e36fae3752faed98068dad888c5
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
6c4afffc3015e8db73cfcc1b36b08fb8059987c7fd6b1d7fbd8f6d4f0ff306e5
6c700d2a6464ad47095114366947285d185052625472c72a4eeae4ac168f40ea
6d638a902973b5eb1a3785c238b81d73145ee9ae33aeea5518ad147e29d14ebd
6f2f7a8874b34acba2f53828d8d2361f14d03b7884757d298f6d2a08ac5b0c68
70fe697fdf88d93c6293b94ea9a47b0e2997c9cde7f7c41fa19ff56dea38acca
74e6c20e33b95ce61785694f1bd4634b7070e9b498b430cd9641c9967eb6e6de
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338
7b0cc7b05fe6b268d6ea530737ffc235d1f8f85892cff30f0e0426d409e314b0
7c1def67eac3dea9a9748338c7612334283d5afc099cd8540251c2d1c5e4da0c
7da84601c604be97f1be8f98b3560db6397d1d90b4c90dd2ee3277e9a4c366c4
7f05f660db5ecbeff39cda5bd68bb358e9410f037cd4a6b2253fb3e172e066da
7f6f053f5ce26957f05814baf4108f5d959e1b2df960d2b8e696c81eab0b22ab
7fadc33da02dedf4a9cb7640155b1b7ee02b9f29286959e1017d87359e5f81df
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
85680d3c77cd3614269bce280229fa6bebfe637c767374279107aa08ad2445b7
86b74ed53a1ab818246024beb9875537192d13707a04b151edba1285aeb4f005
8736f60cc39e400e507a0d635182261b24d3da719191e31b8291161e4c215776
879d1e7bc4f325cea326d2f2232a8ee8d219a87fd378a0844372d6fa243a844c
89a53e8b024a133e781d5099cc95b8f7729d07d4c0425b10c036b7cf8f288c4f
8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c
8be4b143c53941f82aba83e7470abc11e4a360fcc04411936b2807e66b3d90e5
8c0e4bf2be7c274d0634c552c21455cd30bfacb9e93f2d5490924c868a809e16
8de58a2ff7b9d0af3900ceaf8f4a5ebd81dc83de3065beefa98d269845b4febc
911bb17378b28876ed9592d36f2d162396e67aa57c21d313c01d38ff00cd8552
92e4f23dc15d2ca80cad4d66ab44203e65d317c5a503466a247d5bd1d385d459
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
97d17150d84287d4638ab95a39d50f3072a64856114e985b613ff4cd8d34f478
9860af0eaa929f47004027c0d37c36baa609911d583313d7d85588c3795a2646
99973b8fb3da1cef0d08d830cfc0f664694226c2e94c7d6f601ce8bbb9bf108d
9a30bae712f4df88ff8afa78c884b48ce930e6fb41fd9706e2a719515a65d3a0
9a729f41c80129619ecbd52b2035a42c69a5e39e945591676c53b71d6bb09bca
9ad7ac39533d4ba389215f0ba6d63d9a9e9ad4cae475997050776a848aded8b7
9bb973e7c90baaa8edb1af21d0a627f28eabae3f1e6a94b0168a55b4b79496d3
9bcb6be7765b47eff522a9507a9b62aa31f6a38f9b65323a999792949c13797e
9d9ae48fe0544789bca555a21bec6df8160d0a45a3e1216e1a35c974788512f1
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ae3f20d88f8435418ed0c285f50475a09e50fab52032560331d2ebc9839811
a36dfd9093d408b40f3945789a4c689c4f8183172cb48031ebf7ea04fb43481e
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ad6eccec2f057cbf0d8e9ab1a3d7b71a4c53a23d1a6efe3089dddb50ccf26af1
ae8a1456e962aa386b9545907e837b11de06f7cbeb4e3249c4656f3469b8ee89
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b1e92c14799368b0d71e27852d5b17948e2d3afad881d404f25aa05550bb3f48
b3b54f3d80852457c9d60223126aa8120e5312dc9a7c4ec02a423d68ac671585
b4c2d3ac3573990d7b0d77e4a006d6d40bb259ce817b64d9223d7e117c259293
b4ddf15d96a74910f384e7df4913f8855f6a29729749db2665f16abef28d1de3
b56f965df2732f8221e1b269680dd2a598a7b3253a56fa50b90742e2d0166603
b6a199f79edd413a057235815cde380727f198add7227e6ff5c386810f60379f
b8a60f7d9fd49a71b9ee7ff31ab9b7b101907e4cdd88c1a35dfc6e4864625393
ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d
ba7e30f3e51476ccd62839f6a48cb8ec18f155240fcb79f217c3e7cd2c0d1178
bb073c77530d24ed8a175a422461299a956cb6bf9404ec94ed03019af00faf50
bb2f5f614e500c41a35771cf4ef7572fe425b7407a009d14a7eb821c57e47ccd
bbcda18e1943f0f75e8175a83e202f28fba2c0c47d32c7f754d8dd036ad81d4b
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
c206b884da0783970fa403fc66def17bf89bb4986b5c98949e7b75a5db16cbfb
c4ef9c7b381abd610c10b24b633869235ea74b843973ef65076756f986838534
c6178c50f15b663877daa8c8b21f796ee24dac9868698f7dd3b70a4432a2c60e
c9b1b1891defe2ee33f8e462624b316d5d3fc9354e63d8f02bcfbab2d22add72
ca240649cedbc106e6e69c29d9d6a5dfbaa2077636f8c8a80c7320256f2a411c
cbbb0472d5329a489c559cced60cdce46a041fabef67e569ce0928fef7477ecd
cd57314eb713f7ae46580de3fbc8db054172d85d4642adada2cd08c43cbf5366
cd985cb40d8fff5cb58efb38f96a3a1069f3533e62b2adbfe32ebab206111e3a
d163611a36fd66f799fc270b094e8eee950428efb5a812bf14f4d5958683ecad
d35e8ad79b9de8814f26c5fee6d42dc9ee0381d2b0c6a071c036d871365f8457
d5bd88cddcc2687687300d4f924faaa351ab74e36786d0f34b3e325c5dc62d83
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8
d8e839e7794ae818e633e5e3174071d9ef203fd287fd2dc1cf017960e9660253
d8f6742d876d142a15fadaf33b1b570edc8044cb828001596852deb738198e84
d90bce0cfa1b6303bb4f055636aff3fb7bb17e6e3bd2f7d0533a3ad2b85480f2
d9b271a0704c0769d9d4c43e4888575d36d13c7c7f0f4281965d90aed51d0a44
db7aaa9518df43e8aa4a3dafda34a811254894bcf4f322f0f25fba2477875e6e
de42e08a8c04365f35a625da3f26374020526d7c47490b1d85ba0de0741b6363
de48cb910621bf94185fc11bda005922bbb5e19141e2585e4b9d963b29191288
de4ca9cd341202474b4861cfc519eb9b4c9c4ce04a97343872701b376eef4b6a
df3d6a25d4d1207b5be9c3a01e23e2fdeed639061c8b145b855d9b2e583779e5
e237cf9830fd9dbec28f0417e41f7046003e1411d9aa72b085eef59800d5f369
e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46be509e62fd56c341739ac6bf5eea8ca320a5dca0508ee9de97fdb81b1988a
e525a14f8d5cdbf318945d9de4559cb2fdc5d71d4383cb7fe1c159d20a0b24f5
e5525c2674dc8c7329af1b841bed7f986168cb7a6b53e56e163ecf3f1d5f47cc
e5fdc3f01d4d768576b07724cb6b09c357608ca99c8f392f57c26fcdd1d831e5
e91bf0ae9bed309f275dffd1cbf1cd41ee914dfcdb1f160cbbc503348df3ae75
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f1fb3cd39c47b8f999e2bda99acd0f995248ef7be54b1d2a0e8cd263915e0697
f210b0e418e72f39c52ed7db0b5304da789ab61204700a24b4b5d63df9bd5760
f26ec082879145d9b18089e00681c8f194c34deef3ad489aec1d4e537420bf30
f2bb6c9a52aa7e31d1b4f14c30124a60d0e1dc947ec15a61ce7407c7ae86787a
f5d17ba49b5f0294f90d348d8f5892105fbfefbc0264d55eb82300cbf58c2ce0
f6e82aca827aedbfb8a06fb7aaaed914765bbf00aeec8f52c47b26bb618ee615
fc4f3ef97718113dc7c0e0c645ae6956f3b975417bf279c90366f562ff3b13ba
fc76cc18985d7a3a01b59d43ebabedaa66007aeab88f531612aac361d145d4d4
fd5c81ece12c82abbd694ee0892cc1869ba743a90b7e0d15d9d5fd046b17ff30
fe7d1d5a71a11be1e19cb285f8d981c5653c386bee3dcfa3e488437b73c9dcee

blog.confiant.com Open in urlscan Pro 52.5.181.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

100 %HTTPS

50 %IPv6

6 Domains

11 Subdomains

8 IPs

2 Countries

5318 kBTransfer

7651 kBSize

10 Cookies

99 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.confiant.com Open in urlscan Pro
52.5.181.79 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

8
IPs

2
Countries

5318 kB
Transfer

7651 kB
Size

10
Cookies

182 HTTP transactions
0 data transactions