Submitted URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4
Effective URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Submission: On April 14 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 136 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 5th 2022. Valid for: a year.
This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 52.1.119.170 14618 (AMAZON-AES)
1 114 2606:4700:7::... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.6 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
4 2600:9000:206... 16509 (AMAZON-02)
136 6
Apex Domain
Subdomains
Transfer
114 medium.com
medium.com — Cisco Umbrella Rank: 9117
glyph.medium.com — Cisco Umbrella Rank: 20233
miro.medium.com — Cisco Umbrella Rank: 12387
cdn-client.medium.com — Cisco Umbrella Rank: 21615
3 MB
15 specterops.io
posts.specterops.io
73 KB
5 branch.io
cdn.branch.io — Cisco Umbrella Rank: 969
api2.branch.io — Cisco Umbrella Rank: 564
26 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 app.link
app.link — Cisco Umbrella Rank: 1703
563 B
136 5
Domain Requested by
54 miro.medium.com posts.specterops.io
50 cdn-client.medium.com posts.specterops.io
cdn-client.medium.com
15 posts.specterops.io 1 redirects cdn-client.medium.com
9 glyph.medium.com posts.specterops.io
glyph.medium.com
4 api2.branch.io cdn-client.medium.com
3 www.google-analytics.com posts.specterops.io
cdn-client.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io posts.specterops.io
1 medium.com 1 redirects
136 9
Subject Issuer Validity Valid
posts.specterops.io
Sectigo RSA Domain Validation Secure Server CA
2022-01-05 -
2023-01-05
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2022-02-26 -
2022-05-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
appipv4.link
Amazon
2021-06-24 -
2022-07-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Frame ID: CB116F24507985EC2B7E4CB95FE388BE
Requests: 136 HTTP requests in this frame

Screenshot

Page Title

Coercing NTLM Authentication from SCCM | by Chris Thompson | Apr, 2022 | Posts By SpecterOps Team Members

Page URL History Show full URLs

  1. https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3... HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fcoercing-n... HTTP 302
    https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

136
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

9
Subdomains

6
IPs

2
Countries

3282 kB
Transfer

5750 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4 HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fcoercing-ntlm-authentication-from-sccm-e6e23ea8260a%3Fsource%3Drss----f05f8696e3cc---4 HTTP 302
    https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

136 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request coercing-ntlm-authentication-from-sccm-e6e23ea8260a
posts.specterops.io/
Redirect Chain
  • https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4
  • https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fcoercing-ntlm-authentication-from-sccm-e6e23ea8260a%3Fsource%3Drss----f05f8696e3cc---4
  • https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
321 KB
64 KB
Document
General
Full URL
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fd1533fbd019b224275f1f3798191ecb461f087174812b3b5f7ce7a322cad1d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://medium.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://medium.com
content-type
text/html; charset=utf-8
date
Thu, 14 Apr 2022 12:52:25 GMT
etag
W/"504f9-mk7/PfkLyKLghDhYSlgcgQKgB00"
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, lite/main-20220413-141743-e52432c31a, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
medium-missing-time
498
sepia-upstream
medium
server
nginx
vary
Accept-Encoding
x-envoy-upstream-service-time
1010
x-request-received-at
1649940711129

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fbc93429ea40f86-MXP
content-length
0
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type
text/plain;charset=UTF-8
date
Thu, 14 Apr 2022 12:51:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 09 Sep 1999 09:09:09 GMT
link
<https://medium.com/humans.txt>; rel="humans"
location
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
medium-fulfilled-by
edgy/8.3.0, valencia/main-20220412-152242-c4e5d177ed
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
2
x-content-type-options
nosniff
x-envoy-upstream-service-time
47
x-frame-options
sameorigin
x-obvious-info
20220414-0328-root,3709fce1
x-obvious-tid
1649940710925:7d5a499216fc
x-opentracing
{"ot-tracer-spanid":"1c18b7921347ba60","ot-tracer-traceid":"17d9cc54da8c7984","ot-tracer-sampled":"true"}
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block
unbound.css
glyph.medium.com/css/
12 KB
1 KB
Stylesheet
General
Full URL
https://glyph.medium.com/css/unbound.css
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2038
x-envoy-upstream-service-time
27
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200
access-control-allow-credentials
true
cf-ray
6fbc934b6f160f86-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Thu, 14 Apr 2022 14:51:52 GMT
1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/64/64/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/64/64/1*D-FDlfkqivRBQZoESrwtqw.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbe6871b13980a0c8d28ad8267ab8827abb9a9eb1f80691d0e91ffb57a8a51b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
537521
x-envoy-upstream-service-time
37
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2399
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220303-000533-8c0cdff0ab
accept-ranges
bytes
cf-ray
6fbc934bbfe20f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
0*VB1kJkW5uCVpMaQ8
miro.medium.com/fit/c/96/96/
3 KB
3 KB
Image
General
Full URL
https://miro.medium.com/fit/c/96/96/0*VB1kJkW5uCVpMaQ8
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e8910911961536f171a7cedc64ece14cdf7b257d1549dec555dc0fc204079af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
26403
x-envoy-upstream-service-time
49
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3005
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934bbfe80f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*FuTjEG0wWkWuRTYlq5Ucbg.png
miro.medium.com/max/964/
51 KB
51 KB
Image
General
Full URL
https://miro.medium.com/max/964/1*FuTjEG0wWkWuRTYlq5Ucbg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42527389e7be93aa12a8edf57e8601e62be23e9a8bfdc103c9419162bfd7ffe1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79835
x-envoy-upstream-service-time
53
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51823
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934bbfeb0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*tOUNkybIYiSt-XxdMMMGxA.png
miro.medium.com/max/918/
121 KB
121 KB
Image
General
Full URL
https://miro.medium.com/max/918/1*tOUNkybIYiSt-XxdMMMGxA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba9fc4ca3124e2b5306e76d5cfcbba33bf32847dcb45d6b5fc4d747161ab7ce3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
59
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
123503
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934bbfed0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*gAypu4906FHUcJpXSMBTQA.png
miro.medium.com/max/960/
78 KB
78 KB
Image
General
Full URL
https://miro.medium.com/max/960/1*gAypu4906FHUcJpXSMBTQA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da87c6b6210833c660b6bd9febc41ffbf62db5b3d28728f15beb62ddc5c4d66f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
89
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79693
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934bbff00f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*Puf6_BM8wSQ8P_0Ck27HJg.png
miro.medium.com/max/954/
97 KB
97 KB
Image
General
Full URL
https://miro.medium.com/max/954/1*Puf6_BM8wSQ8P_0Ck27HJg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8c017e9190797348405fba3b394a96961e2f9c93cd4908d925fba2dddbb1644
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
26403
x-envoy-upstream-service-time
95
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99490
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934bbff30f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*lxMr1VyXBxtodV0AGxCd4A.png
miro.medium.com/max/1400/
75 KB
76 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*lxMr1VyXBxtodV0AGxCd4A.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9dc0008dcb4e07c8e0a217621c33e58c8eec0c418c52096b84e3cb96ad26a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
74
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77163
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18640f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*ASLxqfNVVVFSbde9vauaPA.png
miro.medium.com/max/1400/
93 KB
94 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*ASLxqfNVVVFSbde9vauaPA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e32fc6a926608e98a8973c0fa53d4554713f956bdac07db8c51a2f4df5966ffe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
93
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95731
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18670f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*_vYvxQQIDC0GbDiPq4Wrzw.png
miro.medium.com/max/1400/
84 KB
85 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*_vYvxQQIDC0GbDiPq4Wrzw.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
084f8a6ce0661cd17f84beaefab30a40770265b8558a608cfa083d1652740202
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
81
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
86457
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c186a0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*ANnx6S9t9iQIzXWJw9Is7w.png
miro.medium.com/max/1400/
90 KB
90 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*ANnx6S9t9iQIzXWJw9Is7w.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb66f22fe7b46b57dcb24d5960f8f6d4712bacacb6b4495d1a0300074ccd06d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
27406
x-envoy-upstream-service-time
71
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
91654
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18790f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*NjR9Bx2tmHH9Z3FrOP5e9Q.png
miro.medium.com/max/1400/
101 KB
101 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*NjR9Bx2tmHH9Z3FrOP5e9Q.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720406cfb37bb4c3ca2b813c1f179177c6eabdcf4504ce859808a8f1a42b6143
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
61
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
103539
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c187e0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*bAECU-o7UWiA6w-2SSLkfA.png
miro.medium.com/max/1400/
148 KB
148 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*bAECU-o7UWiA6w-2SSLkfA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
733fea3388fe61639cef8be8b9a45cdb7f6080bef88bd3be7588d954e815a871
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
113
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
151297
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18800f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*kcIbbaZoJkWI3Lxhz1LkBg.png
miro.medium.com/max/1400/
80 KB
80 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*kcIbbaZoJkWI3Lxhz1LkBg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58a85374f35528e4d3f0a4ba46c957293f896b9fab6c0ce7e05aee13730f779
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79834
x-envoy-upstream-service-time
96
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82170
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18810f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*t9q9iHD5s7faXGgv6X0uCQ.png
miro.medium.com/max/1400/
128 KB
128 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*t9q9iHD5s7faXGgv6X0uCQ.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba68d49adca6e9924ef690fb87b34c0ce2536fc63a1105aadcfcc79e113f66e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
134
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
131269
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18860f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*yQgvG6YfwCGOykgHfLQwtg.png
miro.medium.com/max/1400/
134 KB
134 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*yQgvG6YfwCGOykgHfLQwtg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ebf939ada9e5fb4737d83061d0bbc8852bd2f802a2fe795b52ae917968435b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
27406
x-envoy-upstream-service-time
125
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
137421
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18880f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*oDXSC6lU9rI8vx56gHdzaw.png
miro.medium.com/max/1400/
253 KB
253 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*oDXSC6lU9rI8vx56gHdzaw.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d5d7a2010ac4f4aa803e3e4cda40fcb4086664d1c5b2c4c351692916d198bf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
72
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
258726
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c188a0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*NZR5AG1pssN7Z85AEtac3Q.png
miro.medium.com/max/1400/
52 KB
52 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*NZR5AG1pssN7Z85AEtac3Q.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
502e69efb70250520e48f694389c62c8fc21c01ceb1003e7788cc62e99b6656e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
41
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53440
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c188c0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*VpX0VVNIFlSik29QHf7bfw.png
miro.medium.com/max/1400/
115 KB
115 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*VpX0VVNIFlSik29QHf7bfw.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c10277c6b5481bfbfb3d0e6b1db67bde9b00a25ce5bd0cc7b5f9a518362cbba0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
86
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
118008
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c18900f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*y0AO6M3U4e-udCNQ6jmXWg.png
miro.medium.com/max/1400/
89 KB
90 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*y0AO6M3U4e-udCNQ6jmXWg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c15e404b6e1453f8ca887758cc4a692588b318ac748b06b732f1fb3a63c17f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
65
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
91624
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38ba0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*ajpnC5dojdJdmOc9PJJ2Uw.png
miro.medium.com/max/1400/
98 KB
98 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*ajpnC5dojdJdmOc9PJJ2Uw.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46499f9058d4ffea6a4e1e225ce506082b80347ca7b22125f4ecc68f37501a23
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
125
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100574
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38bd0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*JzZG2-IHA7UGL42bjAz3uQ.png
miro.medium.com/max/1400/
100 KB
100 KB
Image
General
Full URL
https://miro.medium.com/max/1400/1*JzZG2-IHA7UGL42bjAz3uQ.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0becf21e0bc6cb2cf81b65e12517c33e8fa8d55ec9c32fd857e5bf04e92f28a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
77
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102303
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38c10f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
0*VB1kJkW5uCVpMaQ8
miro.medium.com/fit/c/176/176/
6 KB
6 KB
Image
General
Full URL
https://miro.medium.com/fit/c/176/176/0*VB1kJkW5uCVpMaQ8
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a00354f9666bbcbaed50f7ee08aac0f9e269cd1d38680883bb264a39d3942c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79833
x-envoy-upstream-service-time
41
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5874
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38c50f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*c11g6W_9fHvZ2URmsSc_JQ.jpeg
miro.medium.com/fit/c/40/40/
1 KB
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*c11g6W_9fHvZ2URmsSc_JQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40d6a89ccded6a11812810ebde6961aa8b0346f6e5aa0d04b43ccf6724894d54
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
78314
x-envoy-upstream-service-time
58
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1333
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38c70f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
0*Aymvr-itUS85f26r.jpeg
miro.medium.com/focal/112/112/50/50/
6 KB
6 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/0*Aymvr-itUS85f26r.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5594d5f5d259bb3638f6c3125616d1404f9284f7262b598153841bbbaa1abe6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
59329
x-envoy-upstream-service-time
193
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5999
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38c80f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*xSeHInZpthXL-F4ilXE7dg.png
miro.medium.com/fit/c/40/40/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*xSeHInZpthXL-F4ilXE7dg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f249636e89b187bd4589a37e7ab052722ee6484ab9f4466771b4b67a18d1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
80391
x-envoy-upstream-service-time
56
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3970
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38ca0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*JxBCboNipG4Z-kia4xJfpA.png
miro.medium.com/focal/112/112/50/50/
28 KB
28 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/1*JxBCboNipG4Z-kia4xJfpA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eda148e2b71f4ba332be125d148b87b5048e3d3de45a7f42f5791a0f9761ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
80391
x-envoy-upstream-service-time
196
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28224
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38ce0f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
0*fW0NwqxJTyEvWoCn.jpg
miro.medium.com/fit/c/40/40/
499 B
736 B
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/0*fW0NwqxJTyEvWoCn.jpg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d15ed268cdfa810128964f369a2317ca3d8222f15ecee3dcea14a8d1e75ddca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
13995
x-envoy-upstream-service-time
49
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
499
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38d10f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*XVL9Q3MNvWkwiQ2WhqdPbA.png
miro.medium.com/focal/112/112/50/50/
11 KB
11 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/1*XVL9Q3MNvWkwiQ2WhqdPbA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732db499feb8554512ccf8876dcf249f0b7457670891d37b5379aa2c620fb9f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
13995
x-envoy-upstream-service-time
56
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11472
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38d50f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*BV3RW8RRhxKFhjkAKWFoBw.jpeg
miro.medium.com/fit/c/40/40/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*BV3RW8RRhxKFhjkAKWFoBw.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a84867d36c9a69a23989158d062e0276bd5dfb9b31ab6bf05a448f877523f1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
13995
x-envoy-upstream-service-time
63
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1775
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38d70f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
1*sLVq_hO8B2Ydv9EWdGirKA.png
miro.medium.com/focal/112/112/50/50/
18 KB
18 KB
Image
General
Full URL
https://miro.medium.com/focal/112/112/50/50/1*sLVq_hO8B2Ydv9EWdGirKA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b41aa037892aa0656066ada1313d0b13e0ad418e5c386afd9ffa02a14666c44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
13995
x-envoy-upstream-service-time
162
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18778
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc934c38d90f86-MXP
expires
Sat, 14 May 2022 12:51:52 GMT
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
14569152
x-envoy-upstream-service-time
37
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc934c594383a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:52 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
14569151
x-envoy-upstream-service-time
16
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc934c493f83a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:52 GMT
charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
15 KB
16 KB
Font
General
Full URL
https://glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
14569152
x-envoy-upstream-service-time
35
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc934c597683a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:52 GMT
charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
15 KB
16 KB
Font
General
Full URL
https://glyph.medium.com/font/f50d520/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ce1a0eb9bac0aa8342c79eb85406443b8eb32db4c4532ec5cfc107f5226b3c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
11443480
x-envoy-upstream-service-time
31
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc934c597a83a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:52 GMT
charter-700-italic.woff
glyph.medium.com/font/77a0c0c/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
16 KB
17 KB
Font
General
Full URL
https://glyph.medium.com/font/77a0c0c/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe9ef0ee727afa5d449bcd76ebe42bdcb04b448a1c6d2d7dccfb6c08efbfb61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
14569152
x-envoy-upstream-service-time
47
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc934c598b83a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:52 GMT
charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
16 KB
17 KB
Font
General
Full URL
https://glyph.medium.com/font/81d2bf1/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7121b47a89c0f8c46fc497009d41ebd3f25601b5485753d11bc366050a8e0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
14569149
x-envoy-upstream-service-time
39
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc934c59af83a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:52 GMT
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
18 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5492498
x-envoy-upstream-service-time
31
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc934c594f83a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:52 GMT
manifest.ac3743ca.js
cdn-client.medium.com/lite/static/js/
18 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dde40f7ab85884e8e881d9e0243864168c93fc325ea9ea6ab8290dab4c7d552
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
79488
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7ES0F2KM719403V
x-amz-id-2
1C8ob24y1hiNY7dg7ptzl816pTKE2Ke9DSVrMOqhFYZbcmiDJ5xZJaNUKW/icukdqFTL4EWby3c=
last-modified
Wed, 13 Apr 2022 12:23:35 GMT
server
cloudflare
etag
W/"7c331c08c6971e5d861c7ab09363caeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Qtu6R1610sNgxM378lKderXSMjtf4J6c
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d3a8b0f86-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
5786.c3b0a09f.js
cdn-client.medium.com/lite/static/js/
694 KB
214 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934d7e200b71a84e54fdd59a026d5c03a22af607126a4ea812e929e513502df6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
505540
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0FWSZV7YTAYCEZV2
x-amz-id-2
RcRAiZ/gm2bRUd+R/1Nsgf59Ab6FARj3zbtTpSHFXmnu4inI7T1lmluyu/iMaoYrFLGGZGqF0E0=
last-modified
Wed, 06 Apr 2022 18:47:49 GMT
server
cloudflare
etag
W/"bc1b7ebb70263caa5c46ba8315a89f5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
cxm1VB71plWQopJehAbW9cWhI.exx6nj
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d3a9a0f86-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
main.d00d76b9.js
cdn-client.medium.com/lite/static/js/
758 KB
187 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/main.d00d76b9.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8997366cf42d8de8dab65c740dc26621b1bcf899b3e30671be03e51b6a15cccd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
162251
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6EHK96AJMSFRFD3T
x-amz-id-2
OjDVaF5qJwcqF68astoLWVYD963iGfgGPVgLbzcJwsZpKKecdyV+o18PCf1V53y6ISHnGO5U6co=
last-modified
Tue, 12 Apr 2022 15:17:50 GMT
server
cloudflare
etag
W/"764206a7383d9f7ad20dbfe4c9b3714e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
6BYjVm_PdrCAigR_o3usVpGwWwWj2_pY
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d3a950f86-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
45573.4354ed57.chunk.js
cdn-client.medium.com/lite/static/js/
62 KB
16 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/45573.4354ed57.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc001c0ba3d95353f2c8d38764e28c442347c6dadddea149097ce0b7699f2f94
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
788959
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5Y52RH89SSH2XCFV
x-amz-id-2
uSKZPTAjtnaN7avFVqdyaJpMWtAtVhIx8QoDXqGBmPdSSXi2NZwzhPCQhQlStVTpGkpWC3Tl7aM=
last-modified
Mon, 04 Oct 2021 08:07:06 GMT
server
cloudflare
etag
W/"6a81d283b5003925b4a970b292bfcc5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
V72xGN9kaRcaybYuNsFR7RB7.fBonGvn
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d3a990f86-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
instrumentation.2147e77b.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/instrumentation.2147e77b.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc493c7b8e589367178f75c582b4e396cabd35c689ce76f55a8b9b4013f7f2a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
58474
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9STDGRS55QZXJZYE
x-amz-id-2
7PAk93EJIVctwTBwk6wyazsYQaaNv1FsPXJ1CuWQXhvfZVBLPOP0stswYFDxzY3U9FdXSVlpHdU=
last-modified
Wed, 16 Mar 2022 19:39:27 GMT
server
cloudflare
etag
W/"5dd442f84b5ac0b482e8d80c7e2499de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
6qnqbjyGzG2a3AZzBA2yPWykJlD8rERb
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d3a900f86-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
10407.21469f6d.chunk.js
cdn-client.medium.com/lite/static/js/
21 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/10407.21469f6d.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32191fc1bbf7c6f43177169a896545a7efd8fc22a1fe1dcc46111c5b1e0eb9a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
528736
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
P2D1K6NJNG1GSN9X
x-amz-id-2
jqB2JO54Jxkzx88WsbtBZRx+ndVl1hCr0hjvfdHRKForOvc9/0Hag86HxgYs33ly1g3vzHeSEiA=
last-modified
Wed, 16 Mar 2022 00:17:41 GMT
server
cloudflare
etag
W/"e875ec45f424aa3dca539beacbbeb6e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
M1p69xdI2LmhiA8Jrt9Iu_.bZhzYd0k2
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d3a960f86-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
49216.e3d3bf0a.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/49216.e3d3bf0a.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba6d360084e097356f245ce7543f766c5248e0bee278d8ae9c8521ea12d4d43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
845791
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0C8GDSPF0V2WNSZ9
x-amz-id-2
6rNxWGQOxAB87bRvngdm7Ed+6Za7s2GSUuQ2NGhmLT1XZmwIq0Eqx0MsSzAu3EtDkhwYVpWBomU=
last-modified
Fri, 18 Mar 2022 18:28:38 GMT
server
cloudflare
etag
W/"631270a91dd93346b720a496a8f02732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
WAbNkiZ2Eo5.MkcHO0Bu8fSTVe4iu0Bg
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9ce93757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
AppLayout.5315c34b.chunk.js
cdn-client.medium.com/lite/static/js/
134 KB
26 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/AppLayout.5315c34b.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81166285145f93a7846483beb6ce37de77fc5130fa822c99f7377c290b511daf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7EKFB1V2W2KQC9K
x-amz-id-2
T6lJKBFtRQAtaTZd0l41P3ww8w3lNKXqkaVbrxcdyasVb/P9uBhXAywwHeOpRnZLYCSrYGyGBDo=
last-modified
Wed, 13 Apr 2022 12:22:55 GMT
server
cloudflare
etag
W/"ca16c64174550252e025ecdd9e01cfb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
WQraWORRadewu.k97OM_rgk9EbsMYUvU
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cef3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
reporting.55ddfe42.chunk.js
cdn-client.medium.com/lite/static/js/
1 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/reporting.55ddfe42.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dcbb057aaa3f3862fa62e59268a0f84712ff18d95e58f6054b5e8e65da1811f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
142738
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6YVR4GHVAEF070S2
x-amz-id-2
wk9vu8KW0+sqQZz/RXrzjjKEa71T7ctb6W6uDFhACYuGKVgvnMz1bJi3eTKr2Vow+rIeQUsN5dE=
last-modified
Tue, 15 Mar 2022 19:22:19 GMT
server
cloudflare
etag
W/"7c194265458086c4dcb2319dd596fa3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
RkWTEv_52vi_a1c5MoizPgkqSDVmVA.n
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cf13757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
73402.8020e698.chunk.js
cdn-client.medium.com/lite/static/js/
5 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/73402.8020e698.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0a385b36f5430b6e37e3c387965d5b836fe56e09ed2b341fea830cfd8d0fe3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
490928
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
01CBDS0YY1CB7JFB
x-amz-id-2
CXFSlDGTZImVJ2vZO0IbpG1kGhMkYru9gcsfWjY2I7xu4UdI3UA9iAb1lE2acSWbZplR1nGxqT0=
last-modified
Thu, 24 Mar 2022 21:28:16 GMT
server
cloudflare
etag
W/"6c7b309c82c46bac12eea2da699da70c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ieQNvehjL_w9ft4KRBk6Ntb6LcX9JSm.
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cf23757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
1752.a348f767.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
758056
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
KZ14F4DJ39Z3KD31
x-amz-id-2
EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified
Tue, 25 May 2021 18:36:29 GMT
server
cloudflare
etag
W/"7741f0aa651938c2144d2a015cea95e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cf33757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
7794.f51ddf29.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7794.f51ddf29.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6384ee07200454035ccf63f1bde0d2ec0cb4d54db294b0fe8cf92068e57d958e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7ERSRCT16ZTND7T
x-amz-id-2
oN4b6BNAbE+u0LjAEnZ5BTrJKYmGbbpx3GEDQ66iD0ZTCx4jCsV55WqqMl7JAdIN1JVHi+y7yjM=
last-modified
Wed, 13 Apr 2022 09:57:12 GMT
server
cloudflare
etag
W/"d9478423f61fcdf22650344d0654b5aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
SpGM83JcK9kDO3blf.K634qoqo3be.OR
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cf43757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
88316.32018525.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/88316.32018525.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a196de4fc1fa1c28be20aae64ce8fb7690e9a0a3cf449c51a67fe0cd86004edb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
708287
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
04572YEFTWRNEKPE
x-amz-id-2
0v/zdUlXKVFxMLpknegsu83Qugdg0b14KbXRbdsrdznhb9yCdt3sECJem3ubr3kbGrmcYdSiWLI=
last-modified
Tue, 05 Apr 2022 14:32:10 GMT
server
cloudflare
etag
W/"116e7bd8d748421259ec29fe22d748e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ybD_n68hexp6IYxkS4bCOO8l4WtPm_bI
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cf63757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
82405.6d274d5c.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/82405.6d274d5c.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58940bdd9612e78fb59655a796a3fadcb29b430e43a8b9ff364e4abb65d3d3e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
663975
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2DWVMWVK5Z55WV5V
x-amz-id-2
KJOF75ZEdflQrZW/UaeOoWkqCEjTwkaYQKdwOewCgnREbwQjL62G38AfSfeSwDbf6ctwCrW4jKU=
last-modified
Wed, 06 Apr 2022 19:43:43 GMT
server
cloudflare
etag
W/"ffd058585adbdb489aaf70238aa9c31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
2Mfd8xjETG2F778aTEZWO2uXGz.xqLuh
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cf73757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
75221.bd5aff3f.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/75221.bd5aff3f.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce43b880f5c01ca1b70b7b998aeadc95399263cc7b244f57eecbec13e193612d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
594724
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9V53HMY2GW50F4VY
x-amz-id-2
rf2FvG0AomH0u7b7m2SPAQpWZ4WAw7B5XuIFrwldonC3RCspQ8G3mIvxyDNkn+QURZ/q+6m/PEg=
last-modified
Wed, 06 Apr 2022 20:30:19 GMT
server
cloudflare
etag
W/"e18f6841bd0edf8ac7ee5c3516dc80e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
a_mr_n2f_Y6lJ1VJgCJ77xsTWyCpeW3O
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cf83757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
27927.b4ea46a6.chunk.js
cdn-client.medium.com/lite/static/js/
21 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/27927.b4ea46a6.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f0fd703ebf6a3370b1d735c9d40079f08f329585ed701c4afe829f07bd1f2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
528528
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
171ZKPVS5EVFZJP0
x-amz-id-2
c+e1bvOjxmUQg9bNHOsm9GBg2IcYtUKnOVzQMrN/Ppa4AKpoW+F5UhNgwTBzceH1Kdon9Qi/IF0=
last-modified
Tue, 29 Mar 2022 16:52:39 GMT
server
cloudflare
etag
W/"838a3125b598128ee6f22b44b611c99d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
8pxgYUzLBMkT4tclSjKmPg0G1OHr8PrA
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cfb3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
90786.25ebc206.chunk.js
cdn-client.medium.com/lite/static/js/
4 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/90786.25ebc206.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d927df45675ebfc6562b3c3cf41584e4aaf1382fcde2a277975527cf636cd3f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1110047
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4Z2V17SW1CAFTSF2
x-amz-id-2
DdH0oxIcYaHpDLjQtQyJXXuIcn22yBNd94EuQaD5HdIrFCu5JUD2bymcO64BGYL5VPUw3R9SOU4=
last-modified
Thu, 17 Mar 2022 19:42:19 GMT
server
cloudflare
etag
W/"a7e7f17a6bf00754fedfc8a0dbef764a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Ghh41hKxMkS6Yxv.cqh7J2YbJIMXcnyt
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cfc3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
95472.3c88418e.chunk.js
cdn-client.medium.com/lite/static/js/
11 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/95472.3c88418e.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404ee4c32bf02466ceb66e0976ddd1f85903471ae75dacdda1a720b5434cb30c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
501822
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
M6TKMJH8NA2X149M
x-amz-id-2
Nl9RF8Cc/SubVq+tR0hbAFx05N3cExq6LxvG+JJMaoWwEOMVs2Zuw1LP/4yGzLpLVL7SbfxoOmU=
last-modified
Fri, 08 Apr 2022 16:43:03 GMT
server
cloudflare
etag
W/"aa279b45cba676037d7044f51721652d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
K.3glgEJ2Dec3qi8daya7VtYCc_lTE6c
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9cff3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
32981.d2f875e1.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/32981.d2f875e1.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4778c0d923a6e11e92748c450cc757de05f19b6500f847a0d5bccd96b198caf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
165334
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7N5TZN5W3694T6E1
x-amz-id-2
xoH3ai45QA4B65O5bxG+NE7EEJO378+LJIUFtxULIIB6kHbMmkDrOhK+eyDHgyKEDmR2frcT4gk=
last-modified
Tue, 29 Mar 2022 09:37:15 GMT
server
cloudflare
etag
W/"262c211db16f9a1531ad71914647894b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
5qLQ3J94M1.AcjZ4AZJERnRqz9_ywGBZ
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d043757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
55260.28c95728.chunk.js
cdn-client.medium.com/lite/static/js/
150 KB
39 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/55260.28c95728.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d97b1e40f788240507d275f999df94c7a957cc40295861dd90a9ce56b2275b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7EQ6HT82MTEMRSW
x-amz-id-2
Wkgb9LHgribhwiMQWK97d/OfIWszBJTTQzSgeDxUEioVlb6PMo+KsGO49cvBhGbKdAJoYMrIE4A=
last-modified
Wed, 13 Apr 2022 09:57:09 GMT
server
cloudflare
etag
W/"d0d11321cf12bce6e5f292013fb39b81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
i0JaQoqKa89scPIyGODgjY_AekG1U66e
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d073757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
50923.fe77a6ef.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/50923.fe77a6ef.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2269e7dc5875847ec4b27c2df55e8179130ce3dfa57820e4316a4ca14148c837
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7ERPSE3ZM0HZCFC
x-amz-id-2
g2EDI6HW0/N5+7tTURs27Ut3NpczoJ5sZ+4jx/KyDeguYV2nBz0RPwenC5KYYlk4SaqWcOP98u0=
last-modified
Wed, 13 Apr 2022 09:57:08 GMT
server
cloudflare
etag
W/"f4b101480eca2033cbc0a80d52b31f66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
2.2vkrm4AEL658qXZB7rDuAAHGb0p.Uh
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d093757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
77477.3ec62714.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/77477.3ec62714.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fd3c9565ae5d49734e234396fe6e18b76e653459a387ce3d91ea1074a3853c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7EMRMN8D65SYZZC
x-amz-id-2
0ez+3SLfHBUR2I4qLose9TqCdWsEuYkMk30JTt6KL01FIRiQ1xX3Io7aZJJjFf0pV5o/OrYAbeE=
last-modified
Wed, 13 Apr 2022 09:57:12 GMT
server
cloudflare
etag
W/"94bc250bd60e7dd5d514baced950ed10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Bpu8DoxJ5EIqcMijIT.jmJBAmRMGS7Vq
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d0c3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
47404.814cb46a.chunk.js
cdn-client.medium.com/lite/static/js/
14 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/47404.814cb46a.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c54d7639f5904bbbbc35ba2d11f093e98b1dcdf296048e643dc5c112d7fb54
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7EQ6D993GS55HBT
x-amz-id-2
gbN/G7zei70kEus6gESH3sxxWoZV8YW3Nx5c+G17I7E5fYtjW57LR3hhS2fAOqT2uCBVPO6zLVU=
last-modified
Wed, 13 Apr 2022 09:57:08 GMT
server
cloudflare
etag
W/"a3d05acc50a081186fc8ea7d3337b12d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
5jYjV4xLc7zYOzSGoFFrTkDny4p4py5J
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d0d3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
50455.107be7fd.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/50455.107be7fd.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906e21e292f645fd45026db296dffa307e9617837f41b5878efee81987f2939e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7ERENEXGFPR09H3
x-amz-id-2
kMrl+tjETlzBmr2aorGQnF6hP1KsCGu4A/3X9Fg5/LkmdvqDxHva5gwzzuXuFQPrcf5nA7nOvZM=
last-modified
Wed, 13 Apr 2022 09:57:08 GMT
server
cloudflare
etag
W/"afe5cdbdbcf6786a0825fe12f480ba1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
x7xRnKsPn0A8h19IilhbypYzYTtb3P.O
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d0f3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
37070.d3b257b7.chunk.js
cdn-client.medium.com/lite/static/js/
18 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/37070.d3b257b7.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d630eea830c4463111e843d90adab125216f2e38bc859002bf260e9a400933a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
708287
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0457HQNRFXE3DE1D
x-amz-id-2
+2TPHQMhs4UCKJ8JriElR9XsQX66Oq/jryt/nNXjU29C/nlbGVpwDucsLWifoQI3PwxIFwZQBTw=
last-modified
Tue, 05 Apr 2022 14:32:03 GMT
server
cloudflare
etag
W/"250cc47898236730d4d8d0b6aad6df8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
gEhNxoJ3pf53QFvEwirYKAUwGejerqsR
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d113757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
69211.1de46d47.chunk.js
cdn-client.medium.com/lite/static/js/
14 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/69211.1de46d47.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2c5f8fb78a4ea92b63d8b51042ada231247e0fb405bb126dd35859837255a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
708316
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
045ECMY6Y0Q1ND3H
x-amz-id-2
wLnlJ7VYWA8djT/s13VXfYjYVpRve7WWOFPKPazJuf/phAcfk49PFz4e88xvPRjFsHNav0BFE3s=
last-modified
Tue, 05 Apr 2022 14:32:08 GMT
server
cloudflare
etag
W/"73fe2a0987ef5d0d3decc1c7683a29d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
2v25wJsAHs3N69_rMpJOTLUg1JH6.zSb
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d143757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
97332.9da11470.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/97332.9da11470.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab88af9aef8b5d4413dc18dbf425c8fe067e51460c108fbe8301ffdf17caecd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
59155
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7BXYRZAKX1JE81HS
x-amz-id-2
eoLcJJiDjGK+sA7Vza85J2fCGR6uYr8jfQTapkKH2DsBartScuXV2GnDkqrpfsq0OLt938PEgok=
last-modified
Tue, 29 Mar 2022 22:47:00 GMT
server
cloudflare
etag
W/"0d3373699665292b2b7a6f00e76eb0b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
IcfoLCQ1ABDHAvSzG.wJ8vWkdKlbOKwt
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d163757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
28491.e1013db8.chunk.js
cdn-client.medium.com/lite/static/js/
40 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/28491.e1013db8.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05be35d4fe85508dd0450594187c7a1cdb632796c049f06a666b0e0a4d3d9f76
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
769584
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
45SCJE3P08J8SNJ9
x-amz-id-2
8dVGoXR/BiCEAulfPMbqT3ucmC4+AROLZKwPNwwP6hiH8Z8HihQiqCHVgXlh1/AZt1awVVqZnVk=
last-modified
Tue, 05 Apr 2022 13:54:38 GMT
server
cloudflare
etag
W/"8f37a0e55fc070f8600841400fed0b96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
pEs33SDa1awIdXVjB1byiiVc.pjo6a36
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d183757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
6562.02748b96.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6562.02748b96.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1291d6defeedae5742e64b55758a73014d4b3ad0d8a1d7178235c9d3bbb4c71c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
495529
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
YKVG7H17FQBPQDK9
x-amz-id-2
vxg/OI86Q3ukPSsdQ67kQnlJTbjS1higUg4EtbqV9UhFce6uxU7Plf7PWTVJBI/KOIVyfFppeco=
last-modified
Thu, 17 Mar 2022 22:10:50 GMT
server
cloudflare
etag
W/"d1e6fb978b6a0e3464d41c63fe535e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
PA6E0boEwLKL8wuXllx1rh8qQCt4Myjk
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d1a3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
87215.b6cb3c51.chunk.js
cdn-client.medium.com/lite/static/js/
37 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/87215.b6cb3c51.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3bc18d2196719ae32d1a63475ec51bcf41662a6d856b2c42b8738d72b77c59
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7EQRX782WMN910Z
x-amz-id-2
9tJAFZX5VqKTyObXhvGSMZaxgTvPoq6ZneIkfhVW8V5YzbE5hWTIofXoEjiOq9jGMmZ18MlsZ/U=
last-modified
Wed, 13 Apr 2022 09:57:13 GMT
server
cloudflare
etag
W/"1d2fb1edd4b5773f0777d98335704aa6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
nII.8d_35wYF9KEA2jlQeNtFCaEvlYX6
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d1e3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
50864.be4d9705.chunk.js
cdn-client.medium.com/lite/static/js/
16 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/50864.be4d9705.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0643952b836ca4d2356af08f48cad5119f35563ef36454fcdcf6bff1406e348
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
663975
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2DWY87F63ZGHKEJE
x-amz-id-2
bRx1oDI4vE5QUheUuaDGW15E6S22ezBDDau4OZMz566cifaM1i9X5Rk3iQYj73u1ADuug7xC5VA=
last-modified
Wed, 06 Apr 2022 19:43:40 GMT
server
cloudflare
etag
W/"7bb2b297e08f23e31f7535125d1c0975"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Gpv1DRtYCCSZq8VQYm7q0RqQ64ue7UQM
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d203757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
34351.a71de3ba.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/34351.a71de3ba.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f744cb73c7b5b057669117b3d6baebe27ec020ddf2d5e28b1405890318cb4ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7EQ0C7280WSQ6FF
x-amz-id-2
006XhHyVSZy2PyLfqtjK7ptt8nakeAhUAVGyc4zNP37jyxrfcCORmahDlBKs+8UTm9jb3BFtkpg=
last-modified
Wed, 13 Apr 2022 09:57:06 GMT
server
cloudflare
etag
W/"3502942ba779cc3364758551e1446a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
BSpcNl034RG34u_Z3jCNv_24i8wMkQC9
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d233757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
20108.523f0d9b.chunk.js
cdn-client.medium.com/lite/static/js/
101 KB
18 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/20108.523f0d9b.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f444eedfd8e868135020c07f235eff90c549380cd1725d59c97be16bac2f761
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80112
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H7EXX2DHEZR62VCC
x-amz-id-2
pF5GpUKKoHwlIz3kDaijzhNlQmDm62tyMhNFeS9l2opiS+/vhJBHHnBwyDcnSUQxu13q9gS8kCo=
last-modified
Wed, 13 Apr 2022 09:57:04 GMT
server
cloudflare
etag
W/"6f6b5ee0d9ce12b84e2f271781863f6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
2zyYKxWmLaUm.2QQEyizHTD08X9xrYE1
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d253757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
65281.83a0a191.chunk.js
cdn-client.medium.com/lite/static/js/
21 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/65281.83a0a191.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0e5a18498e101a954b355b64c57b299362aa9585bcd6bd7514d30b1ec97ee2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
164822
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MFWTNGJ8BJ3WC04Y
x-amz-id-2
1cT2VTuwYQaCVE9Z0FHH1svyWypUCmtglnET/v1/fjHPX/mzRMJWIiOnjxUuNPFDI4kYpZ3BEbM=
last-modified
Tue, 12 Apr 2022 14:05:32 GMT
server
cloudflare
etag
W/"6f291925aaa545210fa1a5acc74b10ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
y_brjpQ9u85CCQ3r_t8v6P3VcOcr4acI
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d273757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
28360.cea70c3c.chunk.js
cdn-client.medium.com/lite/static/js/
39 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/28360.cea70c3c.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec8dcabdb62a8ff8836f2e24e1bad0eb5ceba3f89970da97752f559f46f87ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
150117
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DEYGDH1F3GYXFHYR
x-amz-id-2
RwmYdIopBaqUf9Uv8Z+psGI+fYwYXlpjJfdh+S7GHWtyLEp0r8WhE37BmMKhqyjXR2G50Wc/LNg=
last-modified
Tue, 29 Mar 2022 16:52:39 GMT
server
cloudflare
etag
W/"d13b4c97dbc71d344718c79ab16782ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
o06Qz9OfT53h4hHdSTtVkSZ7_7tfmhi6
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d283757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
85436.5aae63aa.chunk.js
cdn-client.medium.com/lite/static/js/
46 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/85436.5aae63aa.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345d7e6862686af9030992bc329a91b995d919d4e3ec52f76fe25274c364f972
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80091
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E385YXPSY8B278SM
x-amz-id-2
RwSjwngFkImXPVG8Qoj1TDddixehWpFzCDCIkJKfDcsptL57JLzShvvqUU8ZtSUaI/oAAGi56Tw=
last-modified
Wed, 13 Apr 2022 09:57:13 GMT
server
cloudflare
etag
W/"0bd3b0f0bac8de0987c058723aff4320"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
p4omnTNSlrvT807dPdJZRTnkV.QgyX3o
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d2b3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
3043.34648c6a.chunk.js
cdn-client.medium.com/lite/static/js/
16 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3043.34648c6a.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41234e184791c80f9a83742fa6c197d988d2565c6608e0ee4e3373e93e31445b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80091
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
41JJSBHRFDQ8PDRD
x-amz-id-2
XSga7+dFr1nQbg0udnpaD+ZembEzEPdu+SftY2Oh1KKvw1c9bKoMx1JiDFAD6dkwWt7KaglqoQE=
last-modified
Wed, 13 Apr 2022 09:57:05 GMT
server
cloudflare
etag
W/"57e7dd326c1b4d24e44ed9b8655754f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
qLLyYE6QMBOdC61niRO7qEtzgOLMz.Fw
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d2c3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
58849.55e2dca9.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/58849.55e2dca9.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b705df51ed40dc438b09fe9768abd89408e8105520a67f6d48f04e753ed70db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
528528
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DHF9MCVTSVN5YRXW
x-amz-id-2
Nmqr7Cx2KJ/89/HUbXZ5ZRIqhIVqLPsZVEEfET4z0yzjwfDl+chFGo1xeRbycDnRR8HqDgUgf6A=
last-modified
Mon, 28 Mar 2022 20:59:41 GMT
server
cloudflare
etag
W/"e030e9df3f3f3f68e28bfabd23df7949"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
sfMNmpqd1nwmsJdRxawCOGKvzosgDFTZ
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d2f3757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
PostPage.MainContent.04f5b739.chunk.js
cdn-client.medium.com/lite/static/js/
150 KB
35 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.04f5b739.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd8818f5796a39ba2f583ae839a743db69d70e575879142f106737c5177fd72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80091
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E383FBKDCSS6R521
x-amz-id-2
vl+D9E87M3Ahuy2+2ZILqIX22ybH1arhqnDbmykN0xaC8EVTp8NAqiw1tgKKBWX0CKVNwuAZEoI=
last-modified
Wed, 13 Apr 2022 09:57:30 GMT
server
cloudflare
etag
W/"d4f06bf3e219a25d81bba6999f355fa8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
tYD0RpMXRfOp.xpGCrIGL54ZZnJxonFh
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d313757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
75374.164f9ef6.chunk.js
cdn-client.medium.com/lite/static/js/
19 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/75374.164f9ef6.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f89c031ae620088707128acda9e6f31668363026b0b118896ac601dc54e129f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
53292
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MK8KKA27R05C4XEW
x-amz-id-2
GTlFXQ0y+asnYrCuN+ulYq+o1j4pdMpb/392pPx+rNtXpdnXO2VplOVyTB6ybbIYvRNhk/L6I+g=
last-modified
Wed, 16 Mar 2022 21:07:43 GMT
server
cloudflare
etag
W/"d4ef45bb9a7793f42d0beb282930eebb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
EpKUlpmhoU27x5Qd0zW6hYm3NFX67rRE
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d343757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
66867.eb35d05d.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/66867.eb35d05d.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997fbcf5007d50c2ffe98df0e79f96e3ad78521b4adc82543c550d2765fb713d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
218244
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZQ2W6SXT4J465R88
x-amz-id-2
c289xRUQUA1qpkl5I/ACa4BRANS242uTa+3Nl7c9wItbhPFC/bCOW5lSTtEPYhKCFvEEAQX26TU=
last-modified
Mon, 28 Mar 2022 20:59:42 GMT
server
cloudflare
etag
W/"494350a2e0e824e1c386d2f3cab883e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
.fO5RqHmUgZPy64DZprQ9qObzohk2LM9
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d363757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
48642.7f6aa466.chunk.js
cdn-client.medium.com/lite/static/js/
17 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/48642.7f6aa466.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92827690e223d97550535c9312bf5b65abc54bf1050513ac190c3b8600c8aa79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
218244
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZQ2KA5REJ8DZBXP5
x-amz-id-2
Xz06hjuK0zk57bF25YOdt5NHdgrqf2V+yvFG1gzh6ancVQGXf++jozM221B4Zc9bSpyFbjs99aI=
last-modified
Mon, 28 Mar 2022 20:59:39 GMT
server
cloudflare
etag
W/"e0a435e7ad590f8294820eff948f3a01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
gd8ZBYK6G3a_N3k213advDrJ25NQRYQC
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d383757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
PostPage.RightColumnContent.cee84b11.chunk.js
cdn-client.medium.com/lite/static/js/
27 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.cee84b11.chunk.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b63deccbc32a4840b555c26829401dd1e3d1c6abed3cc14599f3c7f28320a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
528528
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TDKYH8D1CD9R2YEY
x-amz-id-2
sT3/jeoz4WrAqDrmE2AIK+RvduwDBCD71Y+2K14NkOjMFJXDZrl7PuUfdliK+zOZQcbu+M/ujPM=
last-modified
Fri, 08 Apr 2022 09:38:20 GMT
server
cloudflare
etag
W/"581734ee4229e8c5dccc5c89775ad733"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Ftqgc8q2PomaJQ6Z1bsd8Mx_TKxEQIVL
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc934d9d393757-MXP
expires
Fri, 14 Apr 2023 12:51:52 GMT
84792.d3cd03bb.chunk.js
cdn-client.medium.com/lite/static/js/
92 KB
24 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/84792.d3cd03bb.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf724aa8e1275c52479a57bb65d042eea0484ac82a7355ca0f06ef55e3de13c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
755407
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
H9PY76HJ19KVEMEX
x-amz-id-2
TzcNOZ0JhnXUl1WKNG8INb/Rh5+lznYPuunVEzoet1Mns1hBNu9bhtDSx2RE6uvRN2NqzpRhiK8=
last-modified
Tue, 11 Jan 2022 07:30:13 GMT
server
cloudflare
etag
W/"9123da6f6119097d2b86f6a331492e48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
guEmWTWycaWmN4glESZXA43SvXHWyexT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc93549d343757-MXP
expires
Fri, 14 Apr 2023 12:51:53 GMT
17084.0ad6f84c.chunk.js
cdn-client.medium.com/lite/static/js/
68 KB
19 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/17084.0ad6f84c.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a9783669bd80b6f8257a3cbc57b59d61ef424f1b95cabef9b15f4ad0f6a7df9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
755407
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1NK27DMASCKVB6V9
x-amz-id-2
hmyg1Lm59ebx0V/eeZ1CWiC+ChEd+oBuWgHkKizNB8c03ENgsVLHqK8gi2Is2NxBGoAU8PLuyI8=
last-modified
Tue, 11 Jan 2022 07:30:05 GMT
server
cloudflare
etag
W/"08990a97629f3d698608356a8fe04c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
21J9XTkEPc2DrXwSiueOBhycR_IxpPbA
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc93549d383757-MXP
expires
Fri, 14 Apr 2023 12:51:53 GMT
28537.5067089b.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/28537.5067089b.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7abde05097fdb4edbbb9c6158fa2f58baa4a0395f31dd3a20297b5add78c40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
147436
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
V2B0SEHT011ZS67M
x-amz-id-2
klOQVcjKGrdhn6Pp5gmXt6U4K4S20jvVSyw/PaMera1YyNMgsOi1lcCFtAh1gpaAIWYNo1HNujI=
last-modified
Mon, 28 Feb 2022 20:43:30 GMT
server
cloudflare
etag
W/"2def4ef2cd05551c2c82fa356348c7f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
TqG3zS7DW3tbEf9BMHvdPuKEAbN2D4hQ
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc93549d403757-MXP
expires
Fri, 14 Apr 2023 12:51:53 GMT
83551.2dce50d4.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/83551.2dce50d4.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b2d2b5b0971bd9897385eb296003c82216a8ecc5282fe3cd79476f83012eb6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
708287
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
A44P99WCJFCAMWC6
x-amz-id-2
JRcmgtN7TTngmTDzMnvHiJPzwUqx8WqlXEsAeQbSzj9CGARNB/S20r/NjCwyEW9lDd/EEwz4ygc=
last-modified
Tue, 05 Apr 2022 14:32:09 GMT
server
cloudflare
etag
W/"4d740bc9bbf17eda630981012c433269"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
bCle6n1QTvWsY58PTFQCX0aUYkHRiY_9
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc93549d423757-MXP
expires
Fri, 14 Apr 2023 12:51:53 GMT
67700.8b75e251.chunk.js
cdn-client.medium.com/lite/static/js/
92 KB
26 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/67700.8b75e251.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883f77df1d7b6e236bd3c707c22f319556af0df42ba1eb8ca8434d39d0ed8c92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
588980
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2Z3CCMS7AN410M9Y
x-amz-id-2
jIon6GUcRq8vJtE0z2gr2Ah2jnN0J7H+gKFDuIZm249q1WejwxRUHKEvAuJ1ILdhuywhKw8Q3O8=
last-modified
Thu, 07 Apr 2022 15:23:38 GMT
server
cloudflare
etag
W/"64549aa134b7de7fa79f0afd92f5a028"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
XdPSy0GYfX15SSxVy9rp7pkf2raTLEYX
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc93549d443757-MXP
expires
Fri, 14 Apr 2023 12:51:53 GMT
ThreadedResponsesSidebar.e0e97e74.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.e0e97e74.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592ec7d44917ddacad703ef780c45303f4901ce3640af26bf4e410002b2e7eb6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
218243
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6VWT5Y5S7NQAQ9G1
x-amz-id-2
6jMNUWKCgB47WZPpn6RxrA/6t1YPOGVO9rU1RCoj95ZDgO3ad/BNZYWSndi2pFcwf/McONbX8+o=
last-modified
Thu, 17 Mar 2022 19:42:42 GMT
server
cloudflare
etag
W/"d759ef7896fad212eab7825460e83321"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
vfgCCgqT7DW03EFz9VAIMtOKu3gemgFJ
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc93549d473757-MXP
expires
Fri, 14 Apr 2023 12:51:53 GMT
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/24/24/
383 B
791 B
Image
General
Full URL
https://miro.medium.com/fit/c/24/24/1*dmbNkD5D-u45r44go_cf0g.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
490927
x-envoy-upstream-service-time
30
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
383
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20210617-165854-e4900a530f
accept-ranges
bytes
cf-ray
6fbc93584c313757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
1*c11g6W_9fHvZ2URmsSc_JQ.jpeg
miro.medium.com/fit/c/20/20/
962 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*c11g6W_9fHvZ2URmsSc_JQ.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b457cfdd866ca813af4174577e150c1698b988a5b758b59f8aa224670dfa4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
9325
x-envoy-upstream-service-time
59
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
962
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c373757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
0*Aymvr-itUS85f26r.jpeg
miro.medium.com/focal/56/56/50/50/
2 KB
3 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/0*Aymvr-itUS85f26r.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c03241f912f767cecb9a9a0b703d312221830ff3dac4232365828f4e9e5ea9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
13665
x-envoy-upstream-service-time
52
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2547
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c383757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
1*xSeHInZpthXL-F4ilXE7dg.png
miro.medium.com/fit/c/20/20/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*xSeHInZpthXL-F4ilXE7dg.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d63074108b29350625dc5b0c591ac4fca16c40683510bfef6cbb696766228a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
18777
x-envoy-upstream-service-time
62
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1133
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c3b3757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
1*JxBCboNipG4Z-kia4xJfpA.png
miro.medium.com/focal/56/56/50/50/
8 KB
8 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*JxBCboNipG4Z-kia4xJfpA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cbb480083be3485e5134a76c48cb8f72bfd33af67cd87b2703321a74d351db0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
88393
x-envoy-upstream-service-time
37
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7705
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c3c3757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
0*fW0NwqxJTyEvWoCn.jpg
miro.medium.com/fit/c/20/20/
268 B
680 B
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/0*fW0NwqxJTyEvWoCn.jpg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9192a75d0920fc5c6d35559188324f6d94cf02965a60666cdafc049593ae27d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
57
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
268
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c3e3757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
1*XVL9Q3MNvWkwiQ2WhqdPbA.png
miro.medium.com/focal/56/56/50/50/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*XVL9Q3MNvWkwiQ2WhqdPbA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51d58b40f08a46f4aeb2fd985e696a4abe87ddc1e922d883590d044cc4dc61d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
13665
x-envoy-upstream-service-time
46
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3932
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c3f3757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
1*BV3RW8RRhxKFhjkAKWFoBw.jpeg
miro.medium.com/fit/c/20/20/
1 KB
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/20/20/1*BV3RW8RRhxKFhjkAKWFoBw.jpeg
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
664d49741db99aefb4681dfa582e1ca32be3a941d36823c69bc51447aa369b71
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
138
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1086
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c413757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
1*sLVq_hO8B2Ydv9EWdGirKA.png
miro.medium.com/focal/56/56/50/50/
7 KB
7 KB
Image
General
Full URL
https://miro.medium.com/focal/56/56/50/50/1*sLVq_hO8B2Ydv9EWdGirKA.png
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307c1bdffed02117074225155b71ac1d2fd476755e5ece6bdf11a3073c3066ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6935
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc93584c433757-MXP
expires
Sat, 14 May 2022 12:51:54 GMT
graphql
posts.specterops.io/_/
143 B
437 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a0672977db9e9cb3ce2c90527998d4d3036911a65ff13a67911fedf69ed1e450
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Graphql-Operation
VisitorQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"8f-oF9LecrMn1pjUYoRLjoTIePOxGk"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3
x-envoy-upstream-service-time
13
content-length
143
x-xss-protection
0
x-request-received-at
1649940715216
graphql
posts.specterops.io/_/
108 B
429 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Graphql-Operation
PostPageMeterQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
x-envoy-upstream-service-time
54
content-length
108
x-xss-protection
0
x-request-received-at
1649940715217
graphql
posts.specterops.io/_/
840 B
1 KB
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f0ff90b639a51797348b582e04e13356efcee56e49c228966ce22388b381ecfa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Graphql-Operation
UserViewerEdge
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"348-ByGMdNqVYN2CsQlSVcxYvnATCUE"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
x-envoy-upstream-service-time
55
content-length
840
x-xss-protection
0
x-request-received-at
1649940715217
graphql
posts.specterops.io/_/
210 B
530 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0bac3c2fbbbf6e7223fc113a3a185a10f3484f3e33ffc81bec1c060dacbca804
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Graphql-Operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"d2-E0sIoh0BNBb7ObO1N2Yw/QVUwdM"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
x-envoy-upstream-service-time
41
content-length
210
x-xss-protection
0
x-request-received-at
1649940715222
graphql
posts.specterops.io/_/
283 B
606 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5338017db2a16d440f8817139a20a85008a5fe107c7ed3e7db29fede2628c3c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Graphql-Operation
PostViewerEdgeQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"11b-wF7bXJ/vi/wnWDEW3JgpJz1CD+4"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
x-envoy-upstream-service-time
52
content-length
283
x-xss-protection
0
x-request-received-at
1649940715218
graphql
posts.specterops.io/_/
103 B
398 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
59857548bcece801dca8730a921cab5b01d03de464f3391245552066373bae93
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Graphql-Operation
MaybeTextToSpeechQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"67-swn3iPoMIRcOzVmTGNOl+S6ptIg"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3
x-envoy-upstream-service-time
40
content-length
103
x-xss-protection
0
x-request-received-at
1649940715308
graphql
posts.specterops.io/_/
96 B
417 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a767d8058d14badb09eeb3b7d940c40c89821f30da41676aa69e741018748557
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Graphql-Operation
InteractivePostBodyQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"60-Jf1G9DNZPlgquY36X/pMa6Px4kM"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
x-envoy-upstream-service-time
33
content-length
96
x-xss-protection
0
x-request-received-at
1649940715312
responses.editor.8bef621e.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/responses.editor.8bef621e.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.ac3743ca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30594caa19ac354e70c3a6d9c54d2caf5ebae6fae8fbbb1ba9cc25729a3a7f83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
571764
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
T9NZYST264RJQQGC
x-amz-id-2
yOr9/jart2NgUfiCHB4xe+cYSRbIOJ2m4merXiAm07Qetzgbky5xrlCaRFnLRbaqysjbuxelqjU=
last-modified
Thu, 10 Mar 2022 00:22:13 GMT
server
cloudflare
etag
W/"f75b4886e7a40ecf48aa22c1481b0ba7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
RU1Bt7PwbpJtgjZEVBUNb4amD96Sskoq
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6fbc935e58f73757-MXP
expires
Fri, 14 Apr 2023 12:51:55 GMT
sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
20 KB
Font
General
Full URL
https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://posts.specterops.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
11442764
x-envoy-upstream-service-time
33
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6fbc935e585f83a2-MXP
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 14 Apr 2023 12:51:55 GMT
graphql
posts.specterops.io/_/
464 B
786 B
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9cd6276906deb2729c56f2fa3aabda28f58f2771b8655832bfb40d7083fdddc8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Graphql-Operation
PagedThreadedPostResponsesQuery
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"1d0-wmd4ErY9MsV/XMRppVbs1E8WuqE"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
x-envoy-upstream-service-time
33
content-length
464
x-xss-protection
0
x-request-received-at
1649940715345
/
posts.specterops.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://posts.specterops.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d00d76b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time
5
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
/
posts.specterops.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://posts.specterops.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d00d76b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Apr 2022 12:52:28 GMT
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time
4
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4626
date
Thu, 14 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 14 Apr 2022 13:34:50 GMT
branch-latest.min.js
cdn.branch.io/
79 KB
24 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: posts.specterops.io
URL: https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a?source=rss----f05f8696e3cc---4&gi=f917dec43937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
dPcbo._dc8laXt1CGk.P2lrH66o74Yit
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 16:27:46 GMT
server
AmazonS3
age
181
etag
"49d34b8e058b253d35893807b3bac09d"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Thu, 14 Apr 2022 12:48:56 GMT
x-amz-cf-pop
FRA2-C2
content-length
23872
x-amz-cf-id
coQlJWTlI-LXS6xLKupB14ZWXMe3M9pavrXJ1B7fUfrZx6WO96JmZw==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=341027171&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fcoercing-ntlm-authentication-from-sccm-e6e23ea8260a&ul=en-us&de=UTF-8&dt=Coercing%20NTLM%20Authentication%20from%20SCCM%20%7C%20by%20Chris%20Thompson%20%7C%20Apr%2C%202022%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2084498909&gjid=1708969243&cid=575350207.1649940717&tid=UA-24232453-2&_gid=126136212.1649940717&_r=1&_slc=1&z=2055910105
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 12:51:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://posts.specterops.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=341027171&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fcoercing-ntlm-authentication-from-sccm-e6e23ea8260a&ul=en-us&de=UTF-8&dt=Coercing%20NTLM%20Authentication%20from%20SCCM%20%7C%20by%20Chris%20Thompson%20%7C%20Apr%2C%202022%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=502176082&gjid=1501756714&cid=575350207.1649940717&tid=UA-102239211-2&_gid=126136212.1649940717&_r=1&_slc=1&z=1115455762
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 12:51:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://posts.specterops.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
_r
app.link/
91 B
563 B
Script
General
Full URL
https://app.link/_r?sdk=web2.59.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:fe00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty / Express
Resource Hash
edc061472ce8aed74b9971072f6f59d2a23e1035c1a6e0fab65bd910327bdacb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:57 GMT
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
openresty
x-amz-cf-pop
DUS51-P2
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
etag
W/"5b-2fW2XoqNqB8gqtUHjYoybLmYH5c"
x-amz-cf-id
8ufBOnLfr9bjP5tNlhoPcMucqI4CGp7zx-XLCzy8L4lma_XhFA93ww==
open
api2.branch.io/v1/
316 B
629 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:da00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e63488ab5c8ef25a1b37c4c5a3d10e645ea110092726f1e99c0c54aaadb917b

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Apr 2022 12:51:57 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
8ce04f9506b04ecf85790aaf7efd66f4-2022041412
content-length
316
x-amz-cf-id
SB_T95mjLrtSrglnyvw9sga6uFZhP35pbbBXoQkh1N2iEPRhrs00jA==
/
posts.specterops.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://posts.specterops.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d00d76b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Apr 2022 12:52:31 GMT
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time
6
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
profile
api2.branch.io/v1/
183 B
567 B
XHR
General
Full URL
https://api2.branch.io/v1/profile
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:da00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
3310e23fc38010ca58d2f2311d099d50471c57f3920c0d630f3674951f7657e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
etag
W/"b7-hgJb/lBFcxSdEwRDGk2KmxVmcyk"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
0381a94c86af48a68e148a600747724f-2022041412
content-length
183
x-amz-cf-id
klqrK426chzr9uLQtGIw_e4RqQ8uUQC9GDXytyqE20sLyFbRNwe38w==
pageview
api2.branch.io/v1/
28 B
388 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:da00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
d8f1bfe92caf466789e7cc62363e9651-2022041412
content-length
28
x-amz-cf-id
S-k0G27lqJZIHNi6sg96HfqogfG9z-jwk0BGY1WzpGEXxfx__iVcww==
graphql
posts.specterops.io/_/
20 KB
4 KB
Fetch
General
Full URL
https://posts.specterops.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b5717cb34b07abe45eab650faa36291e3eb5c2200d8ce783adc19d7621285e86
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
433569c4ed593af5
Medium-Frontend-Path
/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Graphql-Operation
PostNextFiveStoriesCollection
content-type
application/json
accept
*/*
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
Medium-Frontend-App
lite/main-20220413-141743-e52432c31a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
apollographql-client-version
main-20220413-141743-e52432c31a
ot-tracer-spanid
237b27da5afc5cba

Response headers

date
Thu, 14 Apr 2022 12:52:32 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"4f15-NrUvqccVgdrMc/WkYdJq6oHYu40"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed, rito/main-20220413-165621-626ac37ae3, tutu/main-20220414-032643-3709fce18b
x-envoy-upstream-service-time
134
x-xss-protection
0
x-request-received-at
1649940718506
pageview
api2.branch.io/v1/
28 B
389 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.c3b0a09f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:da00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
b7f6ee5dd1ba4ea78d8829a4f9360d58-2022041412
content-length
28
x-amz-cf-id
p610AjURbjnOAoG6hCe2nIAsnOLjESq5zvtTngE6RK0ggjGSKYKlFA==
batch
posts.specterops.io/_/
17 B
172 B
Fetch
General
Full URL
https://posts.specterops.io/_/batch
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d00d76b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
x-xsrf-token
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Thu, 14 Apr 2022 12:52:32 GMT
medium-fulfilled-by
valencia/main-20220412-152242-c4e5d177ed
x-envoy-upstream-service-time
150
sepia-upstream
medium
server
nginx
content-length
17
content-type
application/json
1*Qau5i8aEfpZkMb2PCBnyZw.jpeg
miro.medium.com/fit/c/24/24/
969 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/24/24/1*Qau5i8aEfpZkMb2PCBnyZw.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c084e27d72d3f4372288c53b6359602df4adbb1a101125ae12ac75a2b348413
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79905
x-envoy-upstream-service-time
54
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
969
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd5a3757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*WbAFUZCrxYu-ML-QID_vmQ.png
miro.medium.com/fit/c/112/112/
14 KB
14 KB
Image
General
Full URL
https://miro.medium.com/fit/c/112/112/1*WbAFUZCrxYu-ML-QID_vmQ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76b296131f095933afb16348dd0a3f23e46782ac5cc5ac23a95ababed16fe7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79905
x-envoy-upstream-service-time
333
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14128
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd603757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*WbAFUZCrxYu-ML-QID_vmQ.png
miro.medium.com/fit/c/56/56/
4 KB
5 KB
Image
General
Full URL
https://miro.medium.com/fit/c/56/56/1*WbAFUZCrxYu-ML-QID_vmQ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e112ee6759d0a38dae7b138703bce309a55bbd5cfc6d77331e626075b3eef0c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
23906
x-envoy-upstream-service-time
43
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4598
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd653757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*idzSM22ouVWVRLUiU5Kpkg.jpeg
miro.medium.com/fit/c/24/24/
1 KB
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/24/24/1*idzSM22ouVWVRLUiU5Kpkg.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af345a4f2d59d19e76d1d83ff8b22db4aed9807cc0ed64d85042629a1faf450b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
174985
x-envoy-upstream-service-time
49
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1112
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd733757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
0*L-hl9vJKPBtHV4HL
miro.medium.com/fit/c/112/112/
28 KB
28 KB
Image
General
Full URL
https://miro.medium.com/fit/c/112/112/0*L-hl9vJKPBtHV4HL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc9e84ced75675c27f81904c0a402fc83c67ecd2799c8eef1664759f87a97e69
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79905
x-envoy-upstream-service-time
152
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28412
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd743757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
0*L-hl9vJKPBtHV4HL
miro.medium.com/fit/c/56/56/
8 KB
8 KB
Image
General
Full URL
https://miro.medium.com/fit/c/56/56/0*L-hl9vJKPBtHV4HL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94fcb4148f8ff256d21e2cebbfef8bbc225a689b2bef6b429a7065f29a03cb0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79906
x-envoy-upstream-service-time
178
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7970
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd753757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*R1ZxbgAekXxkGtLICy8zvw.jpeg
miro.medium.com/fit/c/24/24/
994 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/24/24/1*R1ZxbgAekXxkGtLICy8zvw.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cfa569889ae2aeca82a8ba9da5051f4f797ff8b6edb7ab62ad7ce56704305d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
23906
x-envoy-upstream-service-time
77
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
994
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
6fbc9374bd763757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*nnV8EhImKx_WSa23AQx3Lg.jpeg
miro.medium.com/fit/c/112/112/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/112/112/1*nnV8EhImKx_WSa23AQx3Lg.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8767258c06eadc846a3305eecf41c71305eeefee50edfd2b68bdea7535bd69ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79905
x-envoy-upstream-service-time
42
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1207
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd783757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*nnV8EhImKx_WSa23AQx3Lg.jpeg
miro.medium.com/fit/c/56/56/
905 B
1 KB
Image
General
Full URL
https://miro.medium.com/fit/c/56/56/1*nnV8EhImKx_WSa23AQx3Lg.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2cc0767bff5c8dc154fdf817e656ed78b518a810ba4138faa336238702dd0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
23906
x-envoy-upstream-service-time
42
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
905
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd793757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/24/24/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/24/24/2*G-LlqSNRGI8wIrjrYRzWdA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917aa945c0b102b1ade92c9936a398b75eee1f61724f993e4cf0c2f4c27ccf99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
284517
x-envoy-upstream-service-time
93
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1352
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
6fbc9374bd7a3757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*a6znGfV54jiDKxXotYaoEw.png
miro.medium.com/fit/c/112/112/
13 KB
13 KB
Image
General
Full URL
https://miro.medium.com/fit/c/112/112/1*a6znGfV54jiDKxXotYaoEw.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3136f9c81f09d7640f55536e0b92f85f81f830b37a31706c29d3d07a4308c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
96098
x-envoy-upstream-service-time
451
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12823
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220317-155916-13cbeade3c
accept-ranges
bytes
cf-ray
6fbc9374bd7b3757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*a6znGfV54jiDKxXotYaoEw.png
miro.medium.com/fit/c/56/56/
4 KB
4 KB
Image
General
Full URL
https://miro.medium.com/fit/c/56/56/1*a6znGfV54jiDKxXotYaoEw.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcdf044f8c11df0e09fd75e577cdebc5ecf6cc65c375861979bf7cd933048d83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
23906
x-envoy-upstream-service-time
40
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3921
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd7e3757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*KofEyo1wXCkaEFHfXybFTQ.png
miro.medium.com/fit/c/24/24/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/24/24/1*KofEyo1wXCkaEFHfXybFTQ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b5c3a77dd993135111b71d8b6dc95a43a06b9d6ca9da763041b60af4a70720
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
23906
x-envoy-upstream-service-time
56
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1277
pragma
public
sepia-upstream
medium
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220309-195817-93688b9a29
accept-ranges
bytes
cf-ray
6fbc9374bd7f3757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*9h5U8bG6BGEk43fO11_DNQ.jpeg
miro.medium.com/fit/c/112/112/
5 KB
5 KB
Image
General
Full URL
https://miro.medium.com/fit/c/112/112/1*9h5U8bG6BGEk43fO11_DNQ.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2502d66df9450a24c3d4b180f72663d356f7bfd7d71c6e949b2a6bb0057561e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
96100
x-envoy-upstream-service-time
29
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4704
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220330-133401-fe9f360f0d
accept-ranges
bytes
cf-ray
6fbc9374bd813757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT
1*9h5U8bG6BGEk43fO11_DNQ.jpeg
miro.medium.com/fit/c/56/56/
2 KB
3 KB
Image
General
Full URL
https://miro.medium.com/fit/c/56/56/1*9h5U8bG6BGEk43fO11_DNQ.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf060db7e29854f85818e44ddfe4eb2be1702a4b484b1aaa3dfbd271884fb18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 12:51:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
79905
x-envoy-upstream-service-time
32
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2194
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220309-195817-93688b9a29
accept-ranges
bytes
cf-ray
6fbc9374bd833757-MXP
expires
Sat, 14 May 2022 12:51:58 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_RUM object| process function| main object| __APOLLO_CLIENT__ string| GoogleAnalyticsObject function| ga object| branch object| google_tag_data object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
.medium.com/ Name: uid
Value: lo_0375583bebf5
.medium.com/ Name: sid
Value: 1%3AXNaYbvlIL3FM%2F0E3nxjzH%2Fm73Uyysn2h4UK9L%2FN5hoMOr44gm%2Ba1RV2CDAsxQQbK
.medium.com/ Name: __cfruid
Value: da479fe57aeb3a174134221a36f577a782b8d87c-1649940711
posts.specterops.io/ Name: uid
Value: lo_0375583bebf5
posts.specterops.io/ Name: sid
Value: 1:C2oF+r1oGGD6XDP1kAo+TqXpDfuCEAy/nVAQRLOUYzlLGAG571ubfiBZTn4oSYYF
posts.specterops.io/ Name: _dd_s
Value: rum=0&expire=1649941613028
.specterops.io/ Name: _ga
Value: GA1.2.575350207.1649940717
.specterops.io/ Name: _gid
Value: GA1.2.126136212.1649940717
.specterops.io/ Name: _gat
Value: 1
.specterops.io/ Name: _gat_tracker0
Value: 1
.app.link/ Name: _s
Value: vWK%2BpnmKYp3CtvAhFkMLtKDyRs6NjAcCg24nx4Z6JyelzkY6LY13qSIxwttudpmV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
medium.com
miro.medium.com
posts.specterops.io
www.google-analytics.com
13.225.80.6
2600:9000:206f:da00:11:f728:3040:93a1
2600:9000:2315:fe00:19:9934:6a80:93a1
2606:4700:7::a29f:9804
2a00:1450:4001:811::200e
52.1.119.170
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
05be35d4fe85508dd0450594187c7a1cdb632796c049f06a666b0e0a4d3d9f76
084f8a6ce0661cd17f84beaefab30a40770265b8558a608cfa083d1652740202
0bac3c2fbbbf6e7223fc113a3a185a10f3484f3e33ffc81bec1c060dacbca804
0d97b1e40f788240507d275f999df94c7a957cc40295861dd90a9ce56b2275b8
1291d6defeedae5742e64b55758a73014d4b3ad0d8a1d7178235c9d3bbb4c71c
13c54d7639f5904bbbbc35ba2d11f093e98b1dcdf296048e643dc5c112d7fb54
1a3bc18d2196719ae32d1a63475ec51bcf41662a6d856b2c42b8738d72b77c59
1b705df51ed40dc438b09fe9768abd89408e8105520a67f6d48f04e753ed70db
1b7abde05097fdb4edbbb9c6158fa2f58baa4a0395f31dd3a20297b5add78c40
1c0e5a18498e101a954b355b64c57b299362aa9585bcd6bd7514d30b1ec97ee2
2269e7dc5875847ec4b27c2df55e8179130ce3dfa57820e4316a4ca14148c837
2502d66df9450a24c3d4b180f72663d356f7bfd7d71c6e949b2a6bb0057561e5
2e2cc0767bff5c8dc154fdf817e656ed78b518a810ba4138faa336238702dd0a
2ec8dcabdb62a8ff8836f2e24e1bad0eb5ceba3f89970da97752f559f46f87ee
30594caa19ac354e70c3a6d9c54d2caf5ebae6fae8fbbb1ba9cc25729a3a7f83
307c1bdffed02117074225155b71ac1d2fd476755e5ece6bdf11a3073c3066ef
31c15e404b6e1453f8ca887758cc4a692588b318ac748b06b732f1fb3a63c17f
32191fc1bbf7c6f43177169a896545a7efd8fc22a1fe1dcc46111c5b1e0eb9a4
3310e23fc38010ca58d2f2311d099d50471c57f3920c0d630f3674951f7657e6
345d7e6862686af9030992bc329a91b995d919d4e3ec52f76fe25274c364f972
36f249636e89b187bd4589a37e7ab052722ee6484ab9f4466771b4b67a18d1e0
36fd3c9565ae5d49734e234396fe6e18b76e653459a387ce3d91ea1074a3853c
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
3d63074108b29350625dc5b0c591ac4fca16c40683510bfef6cbb696766228a9
3e8910911961536f171a7cedc64ece14cdf7b257d1549dec555dc0fc204079af
3eda148e2b71f4ba332be125d148b87b5048e3d3de45a7f42f5791a0f9761ac5
3f89c031ae620088707128acda9e6f31668363026b0b118896ac601dc54e129f
404ee4c32bf02466ceb66e0976ddd1f85903471ae75dacdda1a720b5434cb30c
40d6a89ccded6a11812810ebde6961aa8b0346f6e5aa0d04b43ccf6724894d54
41234e184791c80f9a83742fa6c197d988d2565c6608e0ee4e3373e93e31445b
42527389e7be93aa12a8edf57e8601e62be23e9a8bfdc103c9419162bfd7ffe1
46499f9058d4ffea6a4e1e225ce506082b80347ca7b22125f4ecc68f37501a23
4b41aa037892aa0656066ada1313d0b13e0ad418e5c386afd9ffa02a14666c44
4bd8818f5796a39ba2f583ae839a743db69d70e575879142f106737c5177fd72
4c084e27d72d3f4372288c53b6359602df4adbb1a101125ae12ac75a2b348413
4c0a385b36f5430b6e37e3c387965d5b836fe56e09ed2b341fea830cfd8d0fe3
4d15ed268cdfa810128964f369a2317ca3d8222f15ecee3dcea14a8d1e75ddca
4dde40f7ab85884e8e881d9e0243864168c93fc325ea9ea6ab8290dab4c7d552
4e9dc0008dcb4e07c8e0a217621c33e58c8eec0c418c52096b84e3cb96ad26a4
4f744cb73c7b5b057669117b3d6baebe27ec020ddf2d5e28b1405890318cb4ac
4fe9ef0ee727afa5d449bcd76ebe42bdcb04b448a1c6d2d7dccfb6c08efbfb61
502e69efb70250520e48f694389c62c8fc21c01ceb1003e7788cc62e99b6656e
51d58b40f08a46f4aeb2fd985e696a4abe87ddc1e922d883590d044cc4dc61d2
5338017db2a16d440f8817139a20a85008a5fe107c7ed3e7db29fede2628c3c7
5594d5f5d259bb3638f6c3125616d1404f9284f7262b598153841bbbaa1abe6c
58940bdd9612e78fb59655a796a3fadcb29b430e43a8b9ff364e4abb65d3d3e3
592ec7d44917ddacad703ef780c45303f4901ce3640af26bf4e410002b2e7eb6
59857548bcece801dca8730a921cab5b01d03de464f3391245552066373bae93
5b2d2b5b0971bd9897385eb296003c82216a8ecc5282fe3cd79476f83012eb6a
5ba6d360084e097356f245ce7543f766c5248e0bee278d8ae9c8521ea12d4d43
5c03241f912f767cecb9a9a0b703d312221830ff3dac4232365828f4e9e5ea9a
5f444eedfd8e868135020c07f235eff90c549380cd1725d59c97be16bac2f761
60b63deccbc32a4840b555c26829401dd1e3d1c6abed3cc14599f3c7f28320a6
6384ee07200454035ccf63f1bde0d2ec0cb4d54db294b0fe8cf92068e57d958e
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
664d49741db99aefb4681dfa582e1ca32be3a941d36823c69bc51447aa369b71
67b5c3a77dd993135111b71d8b6dc95a43a06b9d6ca9da763041b60af4a70720
6cfa569889ae2aeca82a8ba9da5051f4f797ff8b6edb7ab62ad7ce56704305d3
720406cfb37bb4c3ca2b813c1f179177c6eabdcf4504ce859808a8f1a42b6143
732db499feb8554512ccf8876dcf249f0b7457670891d37b5379aa2c620fb9f5
733fea3388fe61639cef8be8b9a45cdb7f6080bef88bd3be7588d954e815a871
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
7a84867d36c9a69a23989158d062e0276bd5dfb9b31ab6bf05a448f877523f1f
7cbb480083be3485e5134a76c48cb8f72bfd33af67cd87b2703321a74d351db0
81166285145f93a7846483beb6ce37de77fc5130fa822c99f7377c290b511daf
86b457cfdd866ca813af4174577e150c1698b988a5b758b59f8aa224670dfa4d
8767258c06eadc846a3305eecf41c71305eeefee50edfd2b68bdea7535bd69ca
883f77df1d7b6e236bd3c707c22f319556af0df42ba1eb8ca8434d39d0ed8c92
8997366cf42d8de8dab65c740dc26621b1bcf899b3e30671be03e51b6a15cccd
8a9783669bd80b6f8257a3cbc57b59d61ef424f1b95cabef9b15f4ad0f6a7df9
8bbe6871b13980a0c8d28ad8267ab8827abb9a9eb1f80691d0e91ffb57a8a51b
8cf724aa8e1275c52479a57bb65d042eea0484ac82a7355ca0f06ef55e3de13c
8dcbb057aaa3f3862fa62e59268a0f84712ff18d95e58f6054b5e8e65da1811f
8e63488ab5c8ef25a1b37c4c5a3d10e645ea110092726f1e99c0c54aaadb917b
906e21e292f645fd45026db296dffa307e9617837f41b5878efee81987f2939e
917aa945c0b102b1ade92c9936a398b75eee1f61724f993e4cf0c2f4c27ccf99
9192a75d0920fc5c6d35559188324f6d94cf02965a60666cdafc049593ae27d7
91ebf939ada9e5fb4737d83061d0bbc8852bd2f802a2fe795b52ae917968435b
92827690e223d97550535c9312bf5b65abc54bf1050513ac190c3b8600c8aa79
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e
934d7e200b71a84e54fdd59a026d5c03a22af607126a4ea812e929e513502df6
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
997fbcf5007d50c2ffe98df0e79f96e3ad78521b4adc82543c550d2765fb713d
9ab88af9aef8b5d4413dc18dbf425c8fe067e51460c108fbe8301ffdf17caecd
9cd6276906deb2729c56f2fa3aabda28f58f2771b8655832bfb40d7083fdddc8
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0672977db9e9cb3ce2c90527998d4d3036911a65ff13a67911fedf69ed1e450
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a196de4fc1fa1c28be20aae64ce8fb7690e9a0a3cf449c51a67fe0cd86004edb
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
a767d8058d14badb09eeb3b7d940c40c89821f30da41676aa69e741018748557
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
af345a4f2d59d19e76d1d83ff8b22db4aed9807cc0ed64d85042629a1faf450b
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b1f0fd703ebf6a3370b1d735c9d40079f08f329585ed701c4afe829f07bd1f2f
b5717cb34b07abe45eab650faa36291e3eb5c2200d8ce783adc19d7621285e86
b8c017e9190797348405fba3b394a96961e2f9c93cd4908d925fba2dddbb1644
b8d5d7a2010ac4f4aa803e3e4cda40fcb4086664d1c5b2c4c351692916d198bf
ba68d49adca6e9924ef690fb87b34c0ce2536fc63a1105aadcfcc79e113f66e4
ba9fc4ca3124e2b5306e76d5cfcbba33bf32847dcb45d6b5fc4d747161ab7ce3
bc001c0ba3d95353f2c8d38764e28c442347c6dadddea149097ce0b7699f2f94
bc9e84ced75675c27f81904c0a402fc83c67ecd2799c8eef1664759f87a97e69
bcdf044f8c11df0e09fd75e577cdebc5ecf6cc65c375861979bf7cd933048d83
c0643952b836ca4d2356af08f48cad5119f35563ef36454fcdcf6bff1406e348
c10277c6b5481bfbfb3d0e6b1db67bde9b00a25ce5bd0cc7b5f9a518362cbba0
c4ce1a0eb9bac0aa8342c79eb85406443b8eb32db4c4532ec5cfc107f5226b3c
c6a00354f9666bbcbaed50f7ee08aac0f9e269cd1d38680883bb264a39d3942c
c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a
cb66f22fe7b46b57dcb24d5960f8f6d4712bacacb6b4495d1a0300074ccd06d4
cd3136f9c81f09d7640f55536e0b92f85f81f830b37a31706c29d3d07a4308c9
ce43b880f5c01ca1b70b7b998aeadc95399263cc7b244f57eecbec13e193612d
d0becf21e0bc6cb2cf81b65e12517c33e8fa8d55ec9c32fd857e5bf04e92f28a
d630eea830c4463111e843d90adab125216f2e38bc859002bf260e9a400933a7
d76b296131f095933afb16348dd0a3f23e46782ac5cc5ac23a95ababed16fe7f
d927df45675ebfc6562b3c3cf41584e4aaf1382fcde2a277975527cf636cd3f9
d94fcb4148f8ff256d21e2cebbfef8bbc225a689b2bef6b429a7065f29a03cb0
da87c6b6210833c660b6bd9febc41ffbf62db5b3d28728f15beb62ddc5c4d66f
db2c5f8fb78a4ea92b63d8b51042ada231247e0fb405bb126dd35859837255a0
dbf060db7e29854f85818e44ddfe4eb2be1702a4b484b1aaa3dfbd271884fb18
dc493c7b8e589367178f75c582b4e396cabd35c689ce76f55a8b9b4013f7f2a8
e112ee6759d0a38dae7b138703bce309a55bbd5cfc6d77331e626075b3eef0c0
e32fc6a926608e98a8973c0fa53d4554713f956bdac07db8c51a2f4df5966ffe
ec7121b47a89c0f8c46fc497009d41ebd3f25601b5485753d11bc366050a8e0e
edc061472ce8aed74b9971072f6f59d2a23e1035c1a6e0fab65bd910327bdacb
f0ff90b639a51797348b582e04e13356efcee56e49c228966ce22388b381ecfa
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f4778c0d923a6e11e92748c450cc757de05f19b6500f847a0d5bccd96b198caf
f58a85374f35528e4d3f0a4ba46c957293f896b9fab6c0ce7e05aee13730f779
fd1533fbd019b224275f1f3798191ecb461f087174812b3b5f7ce7a322cad1d7