blog.prevailion.com Open in urlscan Pro
162.159.153.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubs.li/Q016Vdcr0
Effective URL:
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_mediu...
Submission: On March 28 via api (March 28th 2022, 3:23:29 pm UTC) from GB — Scanned from GB

Summary HTTP 86 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 86 HTTP transactions. The main IP is 162.159.153.4, located in and belongs to CLOUDFLARENET, US. The main domain is blog.prevailion.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 23rd 2022. Valid for: a year.

This is the only time blog.prevailion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:b34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	162.159.153.4 162.159.153.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	108.157.4.66 108.157.4.66	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:9600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:1000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
86	9

1 2606:4700::6812:b34 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hubs.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 162.159.153.4 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blog.prevailion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-66.dus51.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:1000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 10286 glyph.medium.com — Cisco Umbrella Rank: 27326 miro.medium.com — Cisco Umbrella Rank: 17086 cdn-client.medium.com — Cisco Umbrella Rank: 30115	973 KB
15	prevailion.com 1 redirects blog.prevailion.com	35 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 784 api2.branch.io — Cisco Umbrella Rank: 458	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 98	20 KB
1	app.link app.link — Cisco Umbrella Rank: 2302	570 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1479	5 KB
1	hubs.li 1 redirects hubs.li — Cisco Umbrella Rank: 247388	563 B
86	7

	Domain	Requested by
50	cdn-client.medium.com	blog.prevailion.com cdn-client.medium.com
15	blog.prevailion.com	1 redirects cdn-client.medium.com
6	miro.medium.com	blog.prevailion.com
6	glyph.medium.com	blog.prevailion.com glyph.medium.com
4	api2.branch.io	cdn-client.medium.com
2	www.google-analytics.com	blog.prevailion.com cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	blog.prevailion.com
1	static.cloudflareinsights.com	blog.prevailion.com
1	medium.com	1 redirects
1	hubs.li	1 redirects
86	11

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
policy.medium.com
www.bleepingcomputer.com
knowable.fyi
manastole-01.medium.com
help.medium.com
medium.statuspage.io
about.medium.com
blog.medium.com

Subject Issuer	Validity	Valid
blog.prevailion.com Cloudflare Inc ECC CA-3	`2022-03-23` - `2023-03-22`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2022-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Frame ID: 589978D80A86ABC0B3CEFFB17695E3D9
Requests: 86 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IcedID, IcedID baby…. Today, Bleeping Computer reported on a… | by Prevailion | Mar, 2022 | Medium

Page URL History Show full URLs

https://hubs.li/Q016Vdcr0 HTTP 301
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?utm_content=202497615&utm_medium=social&utm_s... HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-ice... HTTP 302
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

86
Requests

99 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

1056 kB
Transfer

3398 kB
Size

11
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?$canonical_url=https%3A%2F%2Fmedium.com/p/73d2c82d9d8&~feature=LoOpenInAppButton&~channel=ShowPostUnderUser&~stage=mobileNavBar
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=post_page--------------------------nav_reg--------------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=post_page--------------------------nav_reg--------------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fnotifications&source=--------------------------notifications_sidenav--------------
Title: Notifications

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Flists&source=--------------------------lists_sidenav--------------
Title: Lists

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fstories%2Fdrafts&source=--------------------------stories_sidenav--------------
Title: Stories

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=--------------------------new_post_sidenav--------------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=post_page--------------------------lo_home_nav--------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-rules-30e5502c4eb4?source=responses-----73d2c82d9d8-----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=-----73d2c82d9d8---------------------respond_sidebar--------------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fa634af22a2bc&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=post_page-a634af22a2bc----73d2c82d9d8---------------------follow_byline--------------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F73d2c82d9d8&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=--------------------------bookmark_header--------------

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/microsoft-exchange-targeted-for-icedid-reply-chain-hijacking-attacks/
Title: reported

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F73d2c82d9d8&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=-----73d2c82d9d8---------------------clap_footer--------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fa634af22a2bc%2F73d2c82d9d8&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=post_page-a634af22a2bc----73d2c82d9d8---------------------follow_footer--------------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fusers%2Fa634af22a2bc%2Flazily-enable-writer-subscription&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=-----73d2c82d9d8---------------------subscribe_user--------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/security?source=post_page-----73d2c82d9d8---------------security--------------------
Title: Security

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F48107cfae57&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Fteach-a-man-to-phish-48107cfae57&source=-----73d2c82d9d8----0-----------------bookmark_preview--------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/shieldsup?source=post_page-----73d2c82d9d8---------------shieldsup--------------------
Title: Shieldsup

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Ff402820ab658&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Fare-your-shields-up-f402820ab658&source=-----73d2c82d9d8----1-----------------bookmark_preview--------------

Search URL Search Domain Scan URL

URL: https://knowable.fyi/?utm_source=medium&utm_medium=referral&utm_campaign=medium-post-footer&source=post_page-----73d2c82d9d8-----------------------------------
Title: Try Knowable

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fa634af22a2bc&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=post_page-a634af22a2bc-------------------------follow_profile--------------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@nangeaindrasu/exploration-5db422e6d121?source=read_next_recirc---------0---------------------14890017_339d_4ea2_b505_edac028f922a----------
Title: ExplorationWhat actually is exploration?

Search URL Search Domain Scan URL

URL: https://medium.com/@dutrisac/post-5-home-cooking-f02379e6918c?source=read_next_recirc---------1---------------------14890017_339d_4ea2_b505_edac028f922a----------
Title: Post 5: Home CookingLast night, I went home after my first semester at USC. I love my new school and love that it’s my new home. However, there’s something…

Search URL Search Domain Scan URL

URL: https://medium.com/@jkreidler_2755/essay-2-reflection-2b3308e04ddc?source=read_next_recirc---------2---------------------14890017_339d_4ea2_b505_edac028f922a----------
Title: Essay #2 ReflectionDuring essay #2 I felt confident that I had picked a strong thesis and found some really good sources to back me up. I found relevant facts…

Search URL Search Domain Scan URL

URL: https://manastole-01.medium.com/lgmvip-internship-experience-c8221aed1d2a?source=read_next_recirc---------3---------------------14890017_339d_4ea2_b505_edac028f922a----------
Title: LGMVIP Internship ExperienceI am Manas Tole and in this post, I will be sharing my experience as a Web Developer Intern at Let’s Grow More(LGM) through their Virtual…

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1
Title: About

Search URL Search Domain Scan URL

URL: https://knowable.fyi/
Title: Knowable

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubs.li/Q016Vdcr0 HTTP 301
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?utm_content=202497615&utm_medium=social&utm_source=twitter&hss_channel=tw-983606922338295808 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8%3Fhss_channel%3Dtw-983606922338295808%26utm_content%3D202497615%26utm_medium%3Dsocial%26utm_source%3Dtwitter HTTP 302
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request icedid-icedid-baby-73d2c82d9d8 Show response
blog.prevailion.com/
Redirect Chain

https://hubs.li/Q016Vdcr0
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?utm_content=202497615&utm_medium=social&utm_source=twitter&hss_channel=tw-983606922338295808
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8%3Fhss_channel%3Dtw-983606922338295808%26utm_content%3D202497615%26utm_medium%3Dso...
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7

115 KB
27 KB

547ms
546ms

Document
text/html

162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1d10d74a173fc2cf4ad26251e5b8f6512ea84f3bd54ce7b6eb837b5035f341

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-type: text/html; charset=utf-8
cf-ray: 6f315ddbdb2054c4-MAN
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self' https://medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, lite/main-20220328-114252-799dd3d863, rito/main-20220328-085735-95f207d6f2, tutu/main-20220326-005548-4cd76cd133
medium-missing-time: 337
x-content-type-options: nosniff
x-envoy-upstream-service-time: 376
x-request-received-at: 1648481002947
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 28 Mar 2022 15:23:22 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
cf-ray: 6f315dd94db20229-ZRH
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2
pragma: no-cache
worker-missing-cookies: 2
x-content-type-options: nosniff
x-envoy-upstream-service-time: 38
x-frame-options: sameorigin
x-obvious-info: 20220328-1412-root,db81b62e
x-obvious-tid: 1648481002725:4cf77391449a
x-opentracing: {"ot-tracer-spanid":"51d09c41777b90c7","ot-tracer-traceid":"250af420dc4e3b0a","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 unbound.css
glyph.medium.com/css/ 12 KB
1 KB 173ms
127ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3220
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 6f315ddfd9190229-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Mon, 28 Mar 2022 17:23:23 GMT

GET
H2 200 1*YqvpTFSoxKsGAoITzbsLmw.png
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 189ms
177ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*YqvpTFSoxKsGAoITzbsLmw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c008de256364f60ad15b90d5410cb2e07f577438a99e4a51104083160fa10bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4215
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f315ddf88970229-ZRH
expires: Wed, 27 Apr 2022 15:23:23 GMT

GET
H2 200 1*YqvpTFSoxKsGAoITzbsLmw.png
miro.medium.com/fit/c/176/176/ 10 KB
10 KB 214ms
210ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/176/176/1*YqvpTFSoxKsGAoITzbsLmw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b6fbb7ba1ecb2fd5eb93deabd95da93e61e71bd51e1521a7028285c206545c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9749
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f315ddf88950229-ZRH
expires: Wed, 27 Apr 2022 15:23:23 GMT

GET
H2 200 1*sKkiwsntpStLpc_up-F_8Q.jpeg
miro.medium.com/focal/116/116/50/50/ 6 KB
6 KB 74ms
71ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/116/116/50/50/1*sKkiwsntpStLpc_up-F_8Q.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8dfe5593110f4c821fbb8ed75203479c03ee842522d52679cad8091436ec23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16922
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5652
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 6f315ddf88930229-ZRH
expires: Wed, 27 Apr 2022 15:23:23 GMT

GET
H2 200 1*vtyIqk2gYXefHnjHj_r51A.jpeg
miro.medium.com/focal/116/116/50/50/ 8 KB
8 KB 214ms
210ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/116/116/50/50/1*vtyIqk2gYXefHnjHj_r51A.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d13953d25987f4cc92795c363e3da4065af566f99d293af29b92f62e668c672

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 69
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8393
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f315ddf88960229-ZRH
expires: Wed, 27 Apr 2022 15:23:23 GMT

GET
H2 200 1*0gUoIlmNJzPUFt1B6pbPVw.png
miro.medium.com/focal/116/116/50/50/ 7 KB
7 KB 171ms
168ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/116/116/50/50/1*0gUoIlmNJzPUFt1B6pbPVw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48ad043cfcad6fa9a49342e8b21e7d0e0e0504296e31dca791e4f8236d19f3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6913
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 6f315ddff9930229-ZRH
expires: Wed, 27 Apr 2022 15:23:23 GMT

GET
H2 200 manifest.27d769dc.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
9 KB 73ms
64ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53cf508fcbc8dc0ff7cb5dec4d7880062bf7388c13e3a95dd1de926821010ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11263
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVME9KSYS956Z75H
x-amz-id-2: SNsKUY/oBB6z6RjDUiD1mdejNJ1G6WDo5QXoV3WczzgIO3aLP1hiPNd43FodoMP9+9Tdkpq+9AQ=
last-modified: Mon, 28 Mar 2022 11:52:30 GMT
server: cloudflare
etag: W/"ef9991658a9a45e643975135e0cc9600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 9zxeg.aRc5SldcuyU23m9.o19KJuVcry
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315ddf889e0229-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H2 200 5786.875f6653.js Show response
cdn-client.medium.com/lite/static/js/ 694 KB
214 KB 125ms
116ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b6e70c1394c3674f594a67c516951e72cc55a78258bc5c07c20b19c32c84d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1087450
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: P2D83FG5GK22C8CE
x-amz-id-2: HwEPgIuuBToKkvWXx3kBFNgIRh9qXLakUdL3eto6kpgjTwBxVFpQT9cI/txExGYBn/qgpHbnCcI=
last-modified: Wed, 16 Mar 2022 00:17:47 GMT
server: cloudflare
etag: W/"4d35ffc3fe18287d59feeb978a40b02a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PBIi_VEzbsQXRZFfsYJIx2JgdPdcOgqp
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315ddf88a00229-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H2 200 main.a56dff99.js Show response
cdn-client.medium.com/lite/static/js/ 757 KB
187 KB 75ms
66ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f846234e07013c87c7fd3f86706df5e29a3f49020f8473e679de97d56a6b8187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11263
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVM04G1GFMVTZTRX
x-amz-id-2: Txdyr9T+2QiyTslzaEK5ADY9+FKMpmAQLNtpSejuGsrygKgPwl7UjuytXkrI3oWtd8k4uSe02Sw=
last-modified: Mon, 28 Mar 2022 07:40:05 GMT
server: cloudflare
etag: W/"0ca2b542e958ff2e54f6ab4cd380fb24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QvnR18i_RH8CzrMvzjnQvmwqqtVA2Fin
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315ddf88a30229-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H2 200 45573.4354ed57.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 78ms
70ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/45573.4354ed57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc001c0ba3d95353f2c8d38764e28c442347c6dadddea149097ce0b7699f2f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 538325
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5Y52RH89SSH2XCFV
x-amz-id-2: uSKZPTAjtnaN7avFVqdyaJpMWtAtVhIx8QoDXqGBmPdSSXi2NZwzhPCQhQlStVTpGkpWC3Tl7aM=
last-modified: Mon, 04 Oct 2021 08:07:06 GMT
server: cloudflare
etag: W/"6a81d283b5003925b4a970b292bfcc5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: V72xGN9kaRcaybYuNsFR7RB7.fBonGvn
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315ddf88a70229-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H2 200 instrumentation.2147e77b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 121ms
112ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.2147e77b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc493c7b8e589367178f75c582b4e396cabd35c689ce76f55a8b9b4013f7f2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1017833
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9STDGRS55QZXJZYE
x-amz-id-2: 7PAk93EJIVctwTBwk6wyazsYQaaNv1FsPXJ1CuWQXhvfZVBLPOP0stswYFDxzY3U9FdXSVlpHdU=
last-modified: Wed, 16 Mar 2022 19:39:27 GMT
server: cloudflare
etag: W/"5dd442f84b5ac0b482e8d80c7e2499de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6qnqbjyGzG2a3AZzBA2yPWykJlD8rERb
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315ddf889b0229-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H2 200 10407.21469f6d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
8 KB 73ms
65ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/10407.21469f6d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32191fc1bbf7c6f43177169a896545a7efd8fc22a1fe1dcc46111c5b1e0eb9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1087450
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: P2D1K6NJNG1GSN9X
x-amz-id-2: jqB2JO54Jxkzx88WsbtBZRx+ndVl1hCr0hjvfdHRKForOvc9/0Hag86HxgYs33ly1g3vzHeSEiA=
last-modified: Wed, 16 Mar 2022 00:17:41 GMT
server: cloudflare
etag: W/"e875ec45f424aa3dca539beacbbeb6e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: M1p69xdI2LmhiA8Jrt9Iu_.bZhzYd0k2
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315ddf889d0229-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 49216.e3d3bf0a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 336ms
274ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/49216.e3d3bf0a.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba6d360084e097356f245ce7543f766c5248e0bee278d8ae9c8521ea12d4d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 595749
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0C8GDSPF0V2WNSZ9
x-amz-id-2: 6rNxWGQOxAB87bRvngdm7Ed+6Za7s2GSUuQ2NGhmLT1XZmwIq0Eqx0MsSzAu3EtDkhwYVpWBomU=
last-modified: Fri, 18 Mar 2022 18:28:38 GMT
server: cloudflare
etag: W/"631270a91dd93346b720a496a8f02732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: WAbNkiZ2Eo5.MkcHO0Bu8fSTVe4iu0Bg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058da2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 AppLayout.9e8bd71c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 132 KB
26 KB 294ms
232ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AppLayout.9e8bd71c.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806e3de44965e1b8cb6b9035fd2f59890098395d9470bb138f2f1c7c520b8838

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11263
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVM19RHZ06XMETK1
x-amz-id-2: FkH4W10QNHDl4XbyXmOMHl5mslwFHj2fF0g4gSghMQDTiGDc4QmpMYtDG+bBxf4PoCA1OeJD8DQ=
last-modified: Mon, 28 Mar 2022 11:51:59 GMT
server: cloudflare
etag: W/"3ba25f2cda42fb0ccf9519611c274c4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ZK5zkuHUaF2X9xcUVb9sNiLDIvcYYLLn
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058d82373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 reporting.55ddfe42.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 335ms
273ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.55ddfe42.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dcbb057aaa3f3862fa62e59268a0f84712ff18d95e58f6054b5e8e65da1811f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1101980
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6YVR4GHVAEF070S2
x-amz-id-2: wk9vu8KW0+sqQZz/RXrzjjKEa71T7ctb6W6uDFhACYuGKVgvnMz1bJi3eTKr2Vow+rIeQUsN5dE=
last-modified: Tue, 15 Mar 2022 19:22:19 GMT
server: cloudflare
etag: W/"7c194265458086c4dcb2319dd596fa3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: RkWTEv_52vi_a1c5MoizPgkqSDVmVA.n
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058d92373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 79678.176160d5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 142ms
82ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/79678.176160d5.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b10267c3ee88798046b073d686b67c08c9944d07dcd31cdaf75283bb81c164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 239728
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z79CZF52G1JTHRZZ
x-amz-id-2: zjltxMeDK0lyVzNgMEVWoEdJXv2Fk3Dt1SVMyOKT8CCmtLPQhuoaNT+X457lpHSlVzKOlnvdEPk=
last-modified: Thu, 24 Mar 2022 21:28:17 GMT
server: cloudflare
etag: W/"33d3b4223ea00dbb910fa14f7ccf65ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6jOeHf2XmIqs8cPak0uZ8MxQOqfcVIqt
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058a62373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
11 KB 144ms
84ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 512077
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KZ14F4DJ39Z3KD31
x-amz-id-2: EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified: Tue, 25 May 2021 18:36:29 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058a92373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 7794.9590314e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 288ms
228ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 487674
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZZ2GZ8XPEV2XSK8Q
x-amz-id-2: ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified: Tue, 25 May 2021 18:36:34 GMT
server: cloudflare
etag: W/"fdb51abd005c8009b18f0a8ff313072f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: edEnQQoOPA8J97QSUBTjXG.e16leDLA5
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058ab2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 88316.3eb3bc8f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 241ms
180ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/88316.3eb3bc8f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66204696736f067a6c6b6aef7c31fb60ce32c0d3ee7e2fcfdd02968cfafbc3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 266659
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZEQ25AK45R9393FV
x-amz-id-2: o3Li30tN0FIycMY01bsau1HnmfHqF0+J9WgndUqhl8QJuWe1Rd96Nmwe/u6zK8kRSHZ7YIf/+DE=
last-modified: Mon, 28 Feb 2022 17:18:29 GMT
server: cloudflare
etag: W/"f8437eeda19b5b0b7bbd4144ccc8b183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: rZihHMQwz7gke6RRwtG9A3xuCP7UrTwK
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058cb2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 82405.da63a51f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 241ms
180ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/82405.da63a51f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36b50ada1e5255d17ab3aa7055033497f20988643ee23d7dfd092afb32bb03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 243915
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DD7TT13F22A2YPMZ
x-amz-id-2: iFsLZukumsxXBzDSTZt3MqTUNhnE+x5+TxbYD0Uxo6INTVeCEfVkNGNDUJGxSPmCGe7/rSdO3HM=
last-modified: Fri, 11 Mar 2022 19:12:25 GMT
server: cloudflare
etag: W/"c083a6f887e38853c2f4a6d2ec8b8b36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Z_5ec7cs0VtfN5cbXbRTdRxJlRN.j9Tn
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058cf2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 75221.85bec25f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
7 KB 243ms
182ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/75221.85bec25f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

286d3c3c2d224f290f81501749d9b8144daf45545f4ede6b5dd0b1f87cc9b67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 244603
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VVK6X2S6WVP4FAGN
x-amz-id-2: ypYYbcpYxfBDbpyBisgVItzWx4R/2eNjYYEpL1QE6fVICOXoSMwYMQ3fOX9vQJunD0iCxSQ+y4g=
last-modified: Fri, 25 Mar 2022 18:59:03 GMT
server: cloudflare
etag: W/"500b0a7eea2dbaa45d43cae11cb1e58f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: lcqHyNV8Gt3ulhJE0ECWdY_hEEm4lZwA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058d02373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 27927.0c766d23.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 192ms
131ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/27927.0c766d23.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b1b357db4257d5d724fd3239cd33eea42ecbb19c70bd187ec1c27cc0ab569a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 595749
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0C8G0JW61DT86VNX
x-amz-id-2: dlWnM8CYYHT1RulpsJ2xne4Ah9uAn+D/ZMBbb0etjouS+liGC1bYwFUTFvGA2IhqSsXqyMMUw3E=
last-modified: Mon, 21 Mar 2022 16:47:22 GMT
server: cloudflare
etag: W/"b114132a37ad716cd78cad4f1cb2211d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 7TvBdccZ798tHqQ_ieRuyjjTs7PA.l7t
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058d12373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 90786.25ebc206.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
1 KB 193ms
132ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/90786.25ebc206.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d927df45675ebfc6562b3c3cf41584e4aaf1382fcde2a277975527cf636cd3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 859812
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4Z2V17SW1CAFTSF2
x-amz-id-2: DdH0oxIcYaHpDLjQtQyJXXuIcn22yBNd94EuQaD5HdIrFCu5JUD2bymcO64BGYL5VPUw3R9SOU4=
last-modified: Thu, 17 Mar 2022 19:42:19 GMT
server: cloudflare
etag: W/"a7e7f17a6bf00754fedfc8a0dbef764a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Ghh41hKxMkS6Yxv.cqh7J2YbJIMXcnyt
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058d42373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 95472.20329d15.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
1 KB 189ms
128ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/95472.20329d15.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddac8b642d7667b3fb9605ac5b043dcf21976aed041ad4d6221f0a0cc10a4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1052658
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VB7JM0MZD9N64C19
x-amz-id-2: 62pM59jlUpmPyB/NNbajRR6XJY8YHDj/vx2TJxtmYdhvjShIP2d0FF/SbMW7rjlXgOjsU6OBoek=
last-modified: Tue, 01 Feb 2022 17:29:46 GMT
server: cloudflare
etag: W/"50de8fb5ce00ed751fbb823a16e97e8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: XIHWq71pTxwdb1WMRePNF6jkHZia6sWW
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058d62373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 59984.cee64d0e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 288ms
228ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/59984.cee64d0e.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7138bbd639d7c1f2fcc600aa16cce34b19c848458d60c3dbfc99548bcbbd4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 494845
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: X59FV7MHW7VY858W
x-amz-id-2: wTYZ45mXrTUJf06onN+BMzlnRSv0ATrf7ePk2/LC7ehJ5hcDWupPb7OJRmE58SJRHzGm5HGM2XQ=
last-modified: Tue, 22 Mar 2022 20:41:23 GMT
server: cloudflare
etag: W/"4348b75573b0e28421a6901f5587704b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: C0T9YgyCq1oir3KRpx.IJ5luttbsaTfs
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058ad2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 47464.370de892.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 47 KB
14 KB 289ms
229ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/47464.370de892.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455375050d88ead9a24ecfe2d52327b76550c32b50bf1f07dc4eccc92c6bff16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 494845
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: X59E3GVD0VTZMPF0
x-amz-id-2: XOZ/oWDk+33Vny3EVCGGUE0rZkiZ0066DOBJcVHiJoiPllIijtrlleG07g0awX7Oum2Nx09nUyA=
last-modified: Tue, 22 Mar 2022 20:41:21 GMT
server: cloudflare
etag: W/"0f1ac145961d4cbd66c43327b773623b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: vuchsM.xMRL6S6AS2aJvxPg5plAT.EEg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058b22373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 43303.6bbe36a7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 148 KB
38 KB 243ms
183ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/43303.6bbe36a7.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

811f0a6cd7059bcda8803ba795f70485266059400c6358a9e0a33dadc4473fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WMWG76RG3TGB63
x-amz-id-2: NUTMluNTvVuc3ES6z3eMXoZF6pDvFa/vkaE61oce4MeFBwILGQUw0eKapkNatWYKagUHxMCfNfM=
last-modified: Fri, 25 Mar 2022 11:12:16 GMT
server: cloudflare
etag: W/"f397d464e13b3c8184c625243c70915f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 2g6vEbbuxN9M.9iSYvy6JU9EDaS5q3Cu
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058b52373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 69865.f2530e98.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
5 KB 292ms
232ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/69865.f2530e98.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

784539c7817ce17c2c5e79f4f230d64f515d66fe1b5f246b58ac68d52ae70541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 519125
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YKCQKB7CVVSKGBEZ
x-amz-id-2: xhxMA7nohbM/4GVYO+u0DW/jknLj68NV89TkBBl2m00Td4xbobuFVuPA/k43aqx6L98xHqmUuOU=
last-modified: Tue, 22 Mar 2022 14:19:03 GMT
server: cloudflare
etag: W/"07730d76737349c5419a6d30f286d360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6AnieVXvl.UU3.bZnZQjfJ.Az7GabtRD
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058b92373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 53818.52296386.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 237ms
177ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/53818.52296386.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d8da77d47f02b6a412aa009da47e063f92481c8998cea7ffb8f3151f209a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WW6917674VBAJF
x-amz-id-2: KRE6oA7efjLeLZxErxRTf0ylgtaIlTN1LTbk8r+wSsaN4/PLuR8mKicv0gViDyp6XQXPP+sPJAQ=
last-modified: Fri, 25 Mar 2022 17:23:57 GMT
server: cloudflare
etag: W/"6a5c5e0f86022f0800c3d958d1fa0779"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: iHBrLx30PLd7eTFcKY.JppYB7eWal2jh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058c32373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 85057.d191adbc.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 237ms
177ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/85057.d191adbc.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4e7e7eecad1f5d66ee0eba4ec8caa34f97505d75f13d581a12e07e5125065d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235749
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HYTTHYA1W9V0PCGD
x-amz-id-2: MWR0kGl70jbYfoMvD5JSxqVd4YxkHd8/quwsnrhp1tRwhc442sSOV8yrAOPB5gcF2mLwAe3MGYI=
last-modified: Fri, 25 Mar 2022 21:22:20 GMT
server: cloudflare
etag: W/"b1a5453d84fc6c97ed8a1aeb8839a98f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Hq_oj50E_.smbpQIzlc579g1ZplnYQv5
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058c72373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 88246.12665b2e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 239ms
179ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/88246.12665b2e.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

becc68a7c505991521f9b9d7d3c36cbade7c1d60b11bf2ad2a4003111893f896

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WSC2SXNCDSCEZY
x-amz-id-2: SZU8gq4/Ry5+RiaC+8TmSgnzbbosVWecAAmavAAN77TcHZVuFcMoGpXYdC9+3FAqg82ysm/tM2I=
last-modified: Fri, 25 Mar 2022 11:12:22 GMT
server: cloudflare
etag: W/"c71921b5ba62c4e3f3fee917ae976f9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: iVyPLu5XNh6.YQ6eawsv8YF291Dl6SUx
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058ca2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 97332.3eda0eaa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 193ms
131ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/97332.3eda0eaa.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7037bc99db5e94064097d2c834521e7a848c30e5e28755f2be8edd6da733f100

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 398570
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A0W472VNGMPQBKGM
x-amz-id-2: 5LxB1c5TnxHDztZACm1sgpUONfe2XY9Xdf9GjF/40h2vzS8IY88fS2kJoICDcR+v9WsDkEXN1oc=
last-modified: Wed, 23 Mar 2022 21:12:16 GMT
server: cloudflare
etag: W/"575b7926a269102edfb77fc162f661bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 7eSc15bxUwsqliZjgPn7iCN_tgf27oPF
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058f72373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 28491.cf9aa3ed.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 40 KB
12 KB 189ms
127ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/28491.cf9aa3ed.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ef842e3ae27dc91e3b5638d688827e0440705b1bfd524795b9b9868003c8f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 849566
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 689WT1HJ8DWDXS46
x-amz-id-2: z9ocqxZdrgBSYrEnYeHoPuoBcmnpVDjEE9GDHcjmXJYtSF2khFiDyDo37MSBPs5mSOYKs+3lfkg=
last-modified: Fri, 18 Mar 2022 18:59:01 GMT
server: cloudflare
etag: W/"9ac1fb2203f159bd0cd64ba8183649ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: T6Dc6sh5_OyWYOiO3JdMVH.m1MJV_2bt
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058f92373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 31229.263afd61.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
9 KB 187ms
125ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/31229.263afd61.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0f46d99c8da6a8558f3939b77812880a265d53ab92fb19d20b5e1cc873c79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WNF33BK62HFXB8
x-amz-id-2: HWstKcraiRHvE+DEiIYKwdYkbhWE2dBJmHow4YbZJdhTO7Xy+HQTBL/TddKT6j8RNbvt3oi4Eco=
last-modified: Fri, 25 Mar 2022 11:12:14 GMT
server: cloudflare
etag: W/"5f64f1902f5cc84ef948b7850e6de795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: sj0TN4f_zmx7EyxTXg6lm06hLlWj5fbz
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058fb2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 6562.02748b96.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 385ms
323ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6562.02748b96.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1291d6defeedae5742e64b55758a73014d4b3ad0d8a1d7178235c9d3bbb4c71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YKVG7H17FQBPQDK9
x-amz-id-2: vxg/OI86Q3ukPSsdQ67kQnlJTbjS1higUg4EtbqV9UhFce6uxU7Plf7PWTVJBI/KOIVyfFppeco=
last-modified: Thu, 17 Mar 2022 22:10:50 GMT
server: cloudflare
etag: W/"d1e6fb978b6a0e3464d41c63fe535e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PA6E0boEwLKL8wuXllx1rh8qQCt4Myjk
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058fc2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 83284.3f2fce3d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 386ms
324ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/83284.3f2fce3d.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2297349f8e5107d539a75a74743999718116501fa0a7dbd2dbf9338bb680be85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WT7FFAJ91564H8
x-amz-id-2: 4h2H1PXDZbNCytWA02PKo3DpVRdSMn2P+FJd833Ue7ATJu5oOHnaBNqotl95twFOMcfawsSsZu4=
last-modified: Fri, 25 Mar 2022 11:12:21 GMT
server: cloudflare
etag: W/"062779d7478e6b357845cc8ab2daab6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Khn3.rXiUMwVSbLQ5nzhlTt59rNFuy27
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de059042373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 50864.38e6c977.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
6 KB 386ms
324ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/50864.38e6c977.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806f2580733cea3a8c6e923ebb4d6b8f34a8f1584a9a70ac8d77fd6b0268f848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WJKWM8EXR5FE8N
x-amz-id-2: zJJVn3Ahr4uKuqWGzQQQLmEjDINTuETbfbNDT3h0z9tOcacwmhQM7hA4vowTo5EtE4VrMRjMzfU=
last-modified: Fri, 25 Mar 2022 11:12:18 GMT
server: cloudflare
etag: W/"d08b71b7706dd15b95e65419850bf5f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Pj0Cd1SGpemAeQZ9WvSJYeEMdlVKsS3u
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de059072373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 50082.93fc8de3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 387ms
325ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/50082.93fc8de3.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8a80bdd5cc9be1a7d3298446a05234198a2d54b76cfcd1c92cd45c7892a4f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 403475
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PHKAFZJQB83R99FG
x-amz-id-2: hX4x0PP1R+y7RREOKij4TTQH/ZR/w49BIQvq0jL0vq/bVS9m5h4o5dCH3FNnNyq2RuFAdw4Y6KI=
last-modified: Wed, 23 Feb 2022 21:14:16 GMT
server: cloudflare
etag: W/"a29920d1a8f6d47d2d8f997210a88c1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jhoHMeUqdx2NrrG4dgUgsu2HeXnJRyNh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de059092373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 59616.82d95d9f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 387ms
325ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/59616.82d95d9f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b92b3aa76fd104750c65fb109764aa542454a8415cd7076c4b07add95a242f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WX6KJDXX9M9S4D
x-amz-id-2: Cn4vMW50PFHKfl/ZvSUZmsANZqT5q8kx74fQ+FXVf9VP8FY+rF/XOpCDw/BQ2aYtdxZzosoHr4o=
last-modified: Fri, 25 Mar 2022 11:12:19 GMT
server: cloudflare
etag: W/"d4e8ddd27abdfe7cb7e8b06573f948f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: qThh_.MKYuDG4nfk6pV2vOCyM2ESXalc
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de0590b2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 86970.ac2ccbc2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 86 KB
12 KB 337ms
276ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/86970.ac2ccbc2.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167f40a21d869faa7d5930bc4abf9372127482a203f7f682ddf80f0ad37d5b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 239778
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z7935YZ1JVTH6RXV
x-amz-id-2: Nfmx+U5eb4kAyfhcMjwd6VXtJzcwBluts47PreQE061rLhD5HcGuHswjIJgkz6Sq2/r/thu+dbg=
last-modified: Fri, 25 Mar 2022 19:11:48 GMT
server: cloudflare
etag: W/"ccd794d49bc46ba10a33784bacdfbbd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: DYzl.rZKM2tT1dFx3Fao4jkNBQLW.UMo
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058e12373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 28360.8df461a9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
11 KB 338ms
278ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/28360.8df461a9.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c26b078ee638c1a936dbcb0e537645e1dec1a12f2f8535389e460cc0ebed1ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 234662
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HYTZAGMWBJEHBX8S
x-amz-id-2: gZA0AJq6twWp8dle0jdnShsLNH0BqmuhPvE8/0tXS5/3J7dWIrAL8dWAlfosctSrQYL/LUpXays=
last-modified: Fri, 25 Mar 2022 21:22:14 GMT
server: cloudflare
etag: W/"09d6d2d92b04b1e9953ac7282869f9fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QjfkNa.KDR_58xc0ygq_7OjgDj.Kncdw
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058e52373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 65281.92cfc4b6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
3 KB 339ms
278ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/65281.92cfc4b6.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b816ada7ecfcf06e2f4aea734743505802467bcae5d6e20b6b0e0608791e1a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 266658
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: H09T05FC0BDM7FH2
x-amz-id-2: FwD9lkE15YH8ODUdfVMTRHcbi0f8UmG8LuqSRI4N3IVIS58V/LeOGCk3GkOkvd0gJA/vwbwWoKk=
last-modified: Mon, 28 Feb 2022 20:43:35 GMT
server: cloudflare
etag: W/"f40d011a367a2060d70d298fdff0f8be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hFuAJaZyLXS9.FUmr2yzZ8K8rxuihcUu
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058e62373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 74991.d7c10f4b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 340ms
279ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/74991.d7c10f4b.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f4d750850d06bd78363c7231aaf2541025cf62064dfc8f9433cdf57821e8d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WYHVW7ABES3DGM
x-amz-id-2: 15afpk0JfGt7Z/HPIB1Eu03dtTic1ViP/PB3Ofy1lXQuVom/Jianq6yfrT1Do6k1DYBFiP4sFZc=
last-modified: Fri, 25 Mar 2022 11:12:20 GMT
server: cloudflare
etag: W/"251055d84ebe9fec2f95a811750e9790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jl_k5ky4qOwY10Tw61EHCVAEK4qhltvK
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058e72373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 68054.da9be6f8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 340ms
279ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/68054.da9be6f8.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a98995e01c3796312d5d2cbf98cacfffd61c756a21a72f5458c234e01e8149a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WNP3W6GFFZC8V6
x-amz-id-2: F2DghT8ddSJHl9NhLTiQIFWDjnl2DPOuaZr+pNycQPbhm48/6k2GYRKnw46p4mgrZczJZoZLDHw=
last-modified: Fri, 25 Mar 2022 17:24:00 GMT
server: cloudflare
etag: W/"7263ce163217587d4c166cf87d5574db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: K13TIEP6QXG84Hpp552rAD1wwvmfg7ay
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058e82373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 11914.8c229c33.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 32 KB
8 KB 341ms
279ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/11914.8c229c33.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd9df00e1e31db99807286a06e7655d4f71d7dfabe4f8daaf31114661288e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 244603
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VVKAAHZ9E3E8M759
x-amz-id-2: vAdMpxm31okC+8rib4POwhDvXcZrcdRLdKwRcNq7qJu4B1ltSrsgkybzQHFiFNuaYAg21Mkk4kw=
last-modified: Fri, 25 Mar 2022 18:58:54 GMT
server: cloudflare
etag: W/"ddf6a50313618387b824f24cf431527e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: v83aiO0PpYsKO0Ts_9CWHLTJqRUzmo3s
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058eb2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 13954.7813077c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 80 KB
21 KB 341ms
280ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/13954.7813077c.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5bc2a61c6907c4fb6b4808d00db36af6134c72f23596a5578880d389ed1ba14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11263
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVMEY8TJGX7TW1EE
x-amz-id-2: mT1DbvMEnVnK0qpNeWTEs4r9zbA3bxQz2vB6/2YwhsmuSAbZf4Sn2nk1pzjUUrCFmTELl+1IOQA=
last-modified: Mon, 28 Mar 2022 09:04:57 GMT
server: cloudflare
etag: W/"428e4a2d7c534c9ecc16cb2f33fe2216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jnTjNRE9_BF4My6WOgPo9JDcKKymT41z
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058ec2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 PostPage.MainContent.eea59952.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 82 KB
20 KB 381ms
319ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.eea59952.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf59df3234e1049d7ee781c03518de956d466fe9188913e4f1e6f8b9d8b6307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11263
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVM4FZF7B93VSEWV
x-amz-id-2: W5XuNTpzs56+vwtM9ZSWvC9lzgRN/4S9T9AU/K7F0wC07HJt6Sku8ENgGIP//nYxEkLfNBSFXVY=
last-modified: Mon, 28 Mar 2022 09:05:21 GMT
server: cloudflare
etag: W/"9ccf95578aca0cf0cc9f2a95e294e818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: MH3xlHpCVRMm9PG2r1x12CnhnCqiflK3
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058f52373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 75374.164f9ef6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
7 KB 335ms
274ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/75374.164f9ef6.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f89c031ae620088707128acda9e6f31668363026b0b118896ac601dc54e129f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1012542
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MK8KKA27R05C4XEW
x-amz-id-2: GTlFXQ0y+asnYrCuN+ulYq+o1j4pdMpb/392pPx+rNtXpdnXO2VplOVyTB6ybbIYvRNhk/L6I+g=
last-modified: Wed, 16 Mar 2022 21:07:43 GMT
server: cloudflare
etag: W/"d4ef45bb9a7793f42d0beb282930eebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: EpKUlpmhoU27x5Qd0zW6hYm3NFX67rRE
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058db2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 PostPage.RightColumnContent.4310602b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 60 KB
15 KB 336ms
276ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.4310602b.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e912800f4c720fd063e5484c6245b4f5edb8c3141bba48fe9695b25966285f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 234662
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HYTK6M2XDCGT6VXC
x-amz-id-2: CyKDuGSs/JhJ0ppDeJMMjkArITHX32WNgp5B+XeamNJyvxW0LXfM8rWlxT816rHcKKFuQ1kpiuM=
last-modified: Fri, 25 Mar 2022 21:22:36 GMT
server: cloudflare
etag: W/"530e99582d91aa6317e798b38de6a9c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: DTqK9nzGshYpIosDYKfV.GRRq113ZZEg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de058dd2373-ZRH
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 214ms
101ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Origin: https://blog.prevailion.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6f315de0ad050204-ZRH

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 125ms
68ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13109438
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f315de11bc60229-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 224ms
169ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13109438
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f315de11bc40229-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 175ms
119ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13109438
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f315de11bc20229-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 174ms
119ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13109438
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f315de11bc00229-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:23:23 GMT

GET
H3 200 84792.d3cd03bb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 92 KB
24 KB 87ms
86ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/84792.d3cd03bb.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf724aa8e1275c52479a57bb65d042eea0484ac82a7355ca0f06ef55e3de13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 505030
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: H9PY76HJ19KVEMEX
x-amz-id-2: TzcNOZ0JhnXUl1WKNG8INb/Rh5+lznYPuunVEzoet1Mns1hBNu9bhtDSx2RE6uvRN2NqzpRhiK8=
last-modified: Tue, 11 Jan 2022 07:30:13 GMT
server: cloudflare
etag: W/"9123da6f6119097d2b86f6a331492e48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: guEmWTWycaWmN4glESZXA43SvXHWyexT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de4bf7d2373-ZRH
expires: Tue, 28 Mar 2023 15:23:24 GMT

GET
H3 200 17084.0ad6f84c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 68 KB
19 KB 72ms
71ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/17084.0ad6f84c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a9783669bd80b6f8257a3cbc57b59d61ef424f1b95cabef9b15f4ad0f6a7df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 505030
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1NK27DMASCKVB6V9
x-amz-id-2: hmyg1Lm59ebx0V/eeZ1CWiC+ChEd+oBuWgHkKizNB8c03ENgsVLHqK8gi2Is2NxBGoAU8PLuyI8=
last-modified: Tue, 11 Jan 2022 07:30:05 GMT
server: cloudflare
etag: W/"08990a97629f3d698608356a8fe04c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 21J9XTkEPc2DrXwSiueOBhycR_IxpPbA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de4bf832373-ZRH
expires: Tue, 28 Mar 2023 15:23:24 GMT

GET
H3 200 28537.5067089b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 70ms
69ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/28537.5067089b.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b7abde05097fdb4edbbb9c6158fa2f58baa4a0395f31dd3a20297b5add78c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1106875
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: V2B0SEHT011ZS67M
x-amz-id-2: klOQVcjKGrdhn6Pp5gmXt6U4K4S20jvVSyw/PaMera1YyNMgsOi1lcCFtAh1gpaAIWYNo1HNujI=
last-modified: Mon, 28 Feb 2022 20:43:30 GMT
server: cloudflare
etag: W/"2def4ef2cd05551c2c82fa356348c7f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: TqG3zS7DW3tbEf9BMHvdPuKEAbN2D4hQ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de4bf852373-ZRH
expires: Tue, 28 Mar 2023 15:23:24 GMT

GET
H3 200 83551.900f4958.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
8 KB 65ms
64ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/83551.900f4958.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca7d3dd894f3d14d18dd2992090092e020a3ec87e8f1d9aaa41d53e6dc314ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MTT15HXD40HW1WRM
x-amz-id-2: 15GBbYHVZB6MPG3NOFETzvA0VPC21Jz8cTT2N4TsD640sdN8ax8lkH7yHFjdP9LaAyACTGKTlFA=
last-modified: Fri, 25 Mar 2022 11:12:22 GMT
server: cloudflare
etag: W/"bda2b96323ae3345ecc94be234dc0f25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PFAlPy82RL1TyS3hgnW8TG_fk0Ys_AEh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de4bf872373-ZRH
expires: Tue, 28 Mar 2023 15:23:24 GMT

GET
H3 200 67700.eeaa7e0c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 94 KB
27 KB 74ms
73ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/67700.eeaa7e0c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55df87ec035d89df94f70826361e38e4a6bec0a9832c497bb128c0625dff04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1087449
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BRW29CAS47K1J3VB
x-amz-id-2: e4lFUMMq2yxU9RfklPr2C5DTHJ9atDRhyT1XiqiSa6aXPzLhsL2vbqn5qMVClsK8EVu3y+uWZLM=
last-modified: Wed, 16 Mar 2022 00:17:48 GMT
server: cloudflare
etag: W/"bfe1f493706114f4a221c8611744adb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: cdKnVH5ozPK83bXwBae3eve8B5x9sOa7
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de4bf8a2373-ZRH
expires: Tue, 28 Mar 2023 15:23:24 GMT

GET
H3 200 ThreadedResponsesSidebar.b8cfa963.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
8 KB 65ms
65ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.b8cfa963.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469761414373eddf673415e2f8c1da325b7427f61b2e41dc37fb1ac8df4b5a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245757
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A7QK2KGYFJP670FY
x-amz-id-2: fx4zkTePhnWTCLOO1E5Lnblc3K4yIahGM2IeKoN5TCBRVv2qD9f22WknYZpGqrD1HBYl4ybLuws=
last-modified: Fri, 25 Mar 2022 11:12:46 GMT
server: cloudflare
etag: W/"304403ee78ddf0b04a22d4d85ee712f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8BD7jboMz71uJkd0xsgFJPaRKamKvYnz
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de4bf8d2373-ZRH
expires: Tue, 28 Mar 2023 15:23:24 GMT

GET
H3 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/24/24/ 383 B
789 B 73ms
72ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/24/24/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 230104
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 383
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 6f315de5a8e72373-ZRH
expires: Wed, 27 Apr 2022 15:23:24 GMT

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 143 B
594 B 192ms
192ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c1576abbbd5364d0651cd0609024a0a5f970b610ddef8c8f825fd8414b4a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Graphql-Operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"8f-8axtd0+yW4NQwhmrSTAeJFocYsY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2
cf-ray: 6f315de658ef35fb-MAN
x-request-received-at: 1648481004646

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 108 B
610 B 260ms
260ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Graphql-Operation: PostPageMeterQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220326-005548-4cd76cd133
cf-ray: 6f315de668f435fb-MAN
x-request-received-at: 1648481004662

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 445 B
736 B 204ms
204ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b68f220361880ba0db98c49fa63d9ccb5f89d8f08465d9466c4f77fff2b1b5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Graphql-Operation: UserViewerEdge
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1bd-8FzQvTyDS8gd6/xhZ8DSJKbYaBA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f315de668f835fb-MAN
x-request-received-at: 1648481004646

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 33 B
519 B 198ms
197ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33
x-xss-protection: 0
server: cloudflare
etag: W/"21-wYWzkSPGnZEMaisoTvxqzNqNGzY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f315de668fe35fb-MAN
x-request-received-at: 1648481004648

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 281 B
719 B 200ms
200ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b693f11d0adcf968a908a49ddec6f20ee6fc2522a58586c8e6bd7d084fb3aa52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Graphql-Operation: PostViewerEdgeQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"119-i9jhmK6y7dYKw9JHDDIznGc6GYo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f315de6690535fb-MAN
x-request-received-at: 1648481004642

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 101 B
577 B 192ms
192ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3596252db80a5dc638d16bbff3fe4b2af18b33b74fa79b85d202c0fdbbf185

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 18
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"65-e0XH3U6w9x6zBnGkKIqBa6Mc8IM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2
cf-ray: 6f315de6690635fb-MAN
x-request-received-at: 1648481004644

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 95 B
598 B 221ms
219ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc244aa9f9da8143735e6db7e3d7f55a88ecbfb78da3a340c2948b02bc2197bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"5f-+07MDoKsWJ/Yy7v5xKbK1VZNUNg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f315de6691535fb-MAN
x-request-received-at: 1648481004651

GET
H3 200 responses.editor.8bef621e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 70ms
70ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.8bef621e.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30594caa19ac354e70c3a6d9c54d2caf5ebae6fae8fbbb1ba9cc25729a3a7f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 320746
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: T9NZYST264RJQQGC
x-amz-id-2: yOr9/jart2NgUfiCHB4xe+cYSRbIOJ2m4merXiAm07Qetzgbky5xrlCaRFnLRbaqysjbuxelqjU=
last-modified: Thu, 10 Mar 2022 00:22:13 GMT
server: cloudflare
etag: W/"f75b4886e7a40ecf48aa22c1481b0ba7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: RU1Bt7PwbpJtgjZEVBUNb4amD96Sskoq
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f315de6aa812373-ZRH
expires: Tue, 28 Mar 2023 15:23:24 GMT

GET
H3 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 69ms
69ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13109437
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f315de6bd7b0229-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:23:24 GMT

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 462 B
719 B 224ms
224ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

369f3a93b4246b349e3dd661b49d8a758f68ef39d794f8b4a7b1b7072ef2409b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 42
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1ce-jJqMkxM0KUxXuoHdPGUr9SEDWqg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220326-005548-4cd76cd133
cf-ray: 6f315de6da2435fb-MAN
x-request-received-at: 1648481004723

POST
H3 200 rum Show response
blog.prevailion.com/cdn-cgi/ 0
205 B 34ms
32ms XHR
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
content-type: application/json

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://blog.prevailion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6f315de72ad435fb-MAN
vary: Origin

POST
H3 200 /
blog.prevailion.com/_/clientele/reports/performance/ 0
0 152ms
152ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6f315de7ec8735fb-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
blog.prevailion.com/_/clientele/reports/performance/ 0
0 182ms
182ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6f315de7ec9335fb-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
blog.prevailion.com/_/clientele/reports/performance/ 0
0 169ms
168ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 15:23:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6f315de7ec9435fb-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4719
date: Mon, 28 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 16:04:46 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 147ms
49ms Script
text/javascript 108.157.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=8005408719a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-66.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id: dPcbo._dc8laXt1CGk.P2lrH66o74Yit
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 16:27:46 GMT
server: AmazonS3
age: 220
etag: "49d34b8e058b253d35893807b3bac09d"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 28 Mar 2022 15:19:46 GMT
x-amz-cf-pop: DUS51-P2
content-length: 23872
x-amz-cf-id: ZSSIupJUDHcqWD6kop6WICDh5ilSAwq09Xzykg7AaWCIJHUl5rpx-g==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 100ms
51ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1558910936&t=pageview&_s=1&dl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&ul=en-us&de=UTF-8&dt=IcedID%2C%20IcedID%20baby%E2%80%A6.%20Today%2C%20Bleeping%20Computer%20reported%20on%20a%E2%80%A6%20%7C%20by%20Prevailion%20%7C%20Mar%2C%202022%20%7C%20Medium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=322153339&gjid=351163318&cid=1223202742.1648481005&tid=UA-24232453-2&_gid=2015741448.1648481005&_r=1&_slc=1&z=2140837011

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 15:23:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.prevailion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 91 B
570 B 305ms
209ms Script
text/javascript 2600:9000:2156:9600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.59.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

c9307d5597a0f53daa77201e64704442c870081afbd4d866cbbb3a890febeafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:23:25 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
etag: W/"5b-0HScUQWWhVyNt7BNvC3ICGwV7d8"
x-amz-cf-id: 88sZ41bDUq_EEwT92EgF4NfMdf5AGZe3btDFNTUii8sa5FbwS_Yw4A==

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 7 KB
2 KB 288ms
287ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacb428f5e63dfec55fbd64be54568cc7a782ad8db18bce648f989e92fdd10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: en-GB,en;q=0.9
ot-tracer-traceid: 2f1160e34be1424a
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: PostNextFiveStoriesUser
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 5b0509ce3a3fc097

Response headers

date: Mon, 28 Mar 2022 15:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 100
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1dde-hDMrQTTexmmlOY7FL+vAnIP8Snk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f315dea7af735fb-MAN
x-request-received-at: 1648481005316

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
629 B 299ms
204ms XHR
application/json 2600:9000:2156:1000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a9fc0ecd735d1dfee0d221f3950ae79fd8061dd24d4b3919c6175619d48282ab

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:23:25 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: ea284252c8bc4e2b8e9a8db5d5b07d22-2022032815
content-length: 316
x-amz-cf-id: Vt2ZfyaiR-6gqnkfaVp7rV7TLnO_mQT2-lZnvumRCaHk3b7Lq2uMHg==

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
565 B 220ms
220ms XHR
application/json 2600:9000:2156:1000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

d246e4b167599064d55f8506b2b961e392bccb02d34fc565ade38c1eca4f9d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:23:25 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"b7-1W2Z66hnmhbhDiRTCdR2E7YHVZE"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f23b7eaeb21945fa800498e15db31729-2022032815
content-length: 183
x-amz-cf-id: 2GiPd7iI1RJStN4nYxxgETH8U4WXLUY-jf3AI3B6ftvjaFFa0XN66w==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
388 B 212ms
212ms XHR
application/json 2600:9000:2156:1000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:23:26 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 74a99055529648acb3a3da6893d30b5c-2022032815
content-length: 28
x-amz-cf-id: QT2-GhJwf3TzmvDD3vGNUn8m4dHGmj5YD2R72vknKdX3OA741CR_8g==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
388 B 310ms
310ms XHR
application/json 2600:9000:2156:1000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:23:26 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 3bf133015fbd467bb636e4fa540c0a59-2022032815
content-length: 28
x-amz-cf-id: bQlzu0Pz2eYVhtCCT0h4mTrHc5UYuNQIGMn8bVxwCavEgC_luMVYUg==

POST batch
blog.prevailion.com/_/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blog.prevailion.com
URL: https://blog.prevailion.com/_/batch

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.prevailion.com/	1969-12-31 23:59:59	Name: __cfruid Value: 3181d94dbbed29ddb5011851f43e99dac0cab5b8-1648481002
.medium.com/	1970-01-20 10:40:17	Name: uid Value: lo_9bc97a961d80
.medium.com/	1970-01-20 10:40:17	Name: sid Value: 1%3Aog%2FbEQrxe24S0VN7z2ANvh%2F4sBGUbFuKcvFyRdF9boKDt7oW6h0FSN252CbCDyiF
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 11d91548e329148fe809fe48df5689b3dce9c7d0-1648481002
blog.prevailion.com/	1970-01-20 10:40:17	Name: uid Value: lo_9bc97a961d80
blog.prevailion.com/	1970-01-20 10:40:17	Name: sid Value: 1:gSa7ex8SLWe1V8FF8ulfCKbwkqJ0+7tHymM2V4UhEZ9o2QC2rHO1JuqjzjMtaZb6
blog.prevailion.com/	1970-01-20 01:54:41	Name: _dd_s Value: rum=0&expire=1648481904262
.prevailion.com/	1970-01-20 19:25:53	Name: _ga Value: GA1.2.1223202742.1648481005
.prevailion.com/	1970-01-20 01:56:07	Name: _gid Value: GA1.2.2015741448.1648481005
.prevailion.com/	1970-01-20 01:54:41	Name: _gat Value: 1
.app.link/	1970-01-20 10:40:17	Name: _s Value: pfgAaC0G%2FHhNvMGI4uTn%2F7MTR8YLM68GWwP4BvADClnynvG%2FJW%2BCZGriiRYqBa7X

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
blog.prevailion.com
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
hubs.li
medium.com
miro.medium.com
static.cloudflareinsights.com
www.google-analytics.com
blog.prevailion.com
108.157.4.66
162.159.153.4
2600:9000:2156:1000:11:f728:3040:93a1
2600:9000:2156:9600:19:9934:6a80:93a1
2606:4700:440e::ac40:9c1a
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6812:b34
2a00:1450:4001:808::200e
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0b92b3aa76fd104750c65fb109764aa542454a8415cd7076c4b07add95a242f6
1291d6defeedae5742e64b55758a73014d4b3ad0d8a1d7178235c9d3bbb4c71c
167f40a21d869faa7d5930bc4abf9372127482a203f7f682ddf80f0ad37d5b39
1b6e70c1394c3674f594a67c516951e72cc55a78258bc5c07c20b19c32c84d78
1b7abde05097fdb4edbbb9c6158fa2f58baa4a0395f31dd3a20297b5add78c40
2297349f8e5107d539a75a74743999718116501fa0a7dbd2dbf9338bb680be85
286d3c3c2d224f290f81501749d9b8144daf45545f4ede6b5dd0b1f87cc9b67c
30594caa19ac354e70c3a6d9c54d2caf5ebae6fae8fbbb1ba9cc25729a3a7f83
31b6fbb7ba1ecb2fd5eb93deabd95da93e61e71bd51e1521a7028285c206545c
32191fc1bbf7c6f43177169a896545a7efd8fc22a1fe1dcc46111c5b1e0eb9a4
34b10267c3ee88798046b073d686b67c08c9944d07dcd31cdaf75283bb81c164
369f3a93b4246b349e3dd661b49d8a758f68ef39d794f8b4a7b1b7072ef2409b
3cd9df00e1e31db99807286a06e7655d4f71d7dfabe4f8daaf31114661288e40
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
3f89c031ae620088707128acda9e6f31668363026b0b118896ac601dc54e129f
455375050d88ead9a24ecfe2d52327b76550c32b50bf1f07dc4eccc92c6bff16
469761414373eddf673415e2f8c1da325b7427f61b2e41dc37fb1ac8df4b5a07
48ad043cfcad6fa9a49342e8b21e7d0e0e0504296e31dca791e4f8236d19f3d1
5ba6d360084e097356f245ce7543f766c5248e0bee278d8ae9c8521ea12d4d43
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
66204696736f067a6c6b6aef7c31fb60ce32c0d3ee7e2fcfdd02968cfafbc3da
6c008de256364f60ad15b90d5410cb2e07f577438a99e4a51104083160fa10bb
6c3596252db80a5dc638d16bbff3fe4b2af18b33b74fa79b85d202c0fdbbf185
7037bc99db5e94064097d2c834521e7a848c30e5e28755f2be8edd6da733f100
784539c7817ce17c2c5e79f4f230d64f515d66fe1b5f246b58ac68d52ae70541
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
7d13953d25987f4cc92795c363e3da4065af566f99d293af29b92f62e668c672
806e3de44965e1b8cb6b9035fd2f59890098395d9470bb138f2f1c7c520b8838
806f2580733cea3a8c6e923ebb4d6b8f34a8f1584a9a70ac8d77fd6b0268f848
811f0a6cd7059bcda8803ba795f70485266059400c6358a9e0a33dadc4473fd6
84c1576abbbd5364d0651cd0609024a0a5f970b610ddef8c8f825fd8414b4a09
8a9783669bd80b6f8257a3cbc57b59d61ef424f1b95cabef9b15f4ad0f6a7df9
8ca7d3dd894f3d14d18dd2992090092e020a3ec87e8f1d9aaa41d53e6dc314ef
8cf724aa8e1275c52479a57bb65d042eea0484ac82a7355ca0f06ef55e3de13c
8d1d10d74a173fc2cf4ad26251e5b8f6512ea84f3bd54ce7b6eb837b5035f341
8dcbb057aaa3f3862fa62e59268a0f84712ff18d95e58f6054b5e8e65da1811f
8ef842e3ae27dc91e3b5638d688827e0440705b1bfd524795b9b9868003c8f2b
8f4d750850d06bd78363c7231aaf2541025cf62064dfc8f9433cdf57821e8d33
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a8dfe5593110f4c821fbb8ed75203479c03ee842522d52679cad8091436ec23c
a98995e01c3796312d5d2cbf98cacfffd61c756a21a72f5458c234e01e8149a1
a9fc0ecd735d1dfee0d221f3950ae79fd8061dd24d4b3919c6175619d48282ab
aa0f46d99c8da6a8558f3939b77812880a265d53ab92fb19d20b5e1cc873c79b
abf59df3234e1049d7ee781c03518de956d466fe9188913e4f1e6f8b9d8b6307
afacb428f5e63dfec55fbd64be54568cc7a782ad8db18bce648f989e92fdd10c
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b55df87ec035d89df94f70826361e38e4a6bec0a9832c497bb128c0625dff04c
b5bc2a61c6907c4fb6b4808d00db36af6134c72f23596a5578880d389ed1ba14
b68f220361880ba0db98c49fa63d9ccb5f89d8f08465d9466c4f77fff2b1b5be
b693f11d0adcf968a908a49ddec6f20ee6fc2522a58586c8e6bd7d084fb3aa52
b7138bbd639d7c1f2fcc600aa16cce34b19c848458d60c3dbfc99548bcbbd4e5
b816ada7ecfcf06e2f4aea734743505802467bcae5d6e20b6b0e0608791e1a3d
bb4e7e7eecad1f5d66ee0eba4ec8caa34f97505d75f13d581a12e07e5125065d
bc001c0ba3d95353f2c8d38764e28c442347c6dadddea149097ce0b7699f2f94
becc68a7c505991521f9b9d7d3c36cbade7c1d60b11bf2ad2a4003111893f896
c26b078ee638c1a936dbcb0e537645e1dec1a12f2f8535389e460cc0ebed1ace
c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a
c9307d5597a0f53daa77201e64704442c870081afbd4d866cbbb3a890febeafb
cc244aa9f9da8143735e6db7e3d7f55a88ecbfb78da3a340c2948b02bc2197bc
d246e4b167599064d55f8506b2b961e392bccb02d34fc565ade38c1eca4f9d1a
d53cf508fcbc8dc0ff7cb5dec4d7880062bf7388c13e3a95dd1de926821010ab
d927df45675ebfc6562b3c3cf41584e4aaf1382fcde2a277975527cf636cd3f9
dc493c7b8e589367178f75c582b4e396cabd35c689ce76f55a8b9b4013f7f2a8
ddac8b642d7667b3fb9605ac5b043dcf21976aed041ad4d6221f0a0cc10a4376
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a80bdd5cc9be1a7d3298446a05234198a2d54b76cfcd1c92cd45c7892a4f42
e912800f4c720fd063e5484c6245b4f5edb8c3141bba48fe9695b25966285f5b
f1b1b357db4257d5d724fd3239cd33eea42ecbb19c70bd187ec1c27cc0ab569a
f1d8da77d47f02b6a412aa009da47e063f92481c8998cea7ffb8f3151f209a60
f36b50ada1e5255d17ab3aa7055033497f20988643ee23d7dfd092afb32bb03b
f846234e07013c87c7fd3f86706df5e29a3f49020f8473e679de97d56a6b8187
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

blog.prevailion.com Open in urlscan Pro 162.159.153.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

78 %IPv6

7 Domains

11 Subdomains

9 IPs

3 Countries

1056 kBTransfer

3398 kBSize

11 Cookies

39 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.prevailion.com Open in urlscan Pro
162.159.153.4 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

1056 kB
Transfer

3398 kB
Size

11
Cookies

86 HTTP transactions
0 data transactions