robertheaton.com Open in urlscan Pro
2606:4700:3034::ac43:af61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Submission: On June 01 via manual (June 1st 2022, 3:48:39 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3034::ac43:af61, located in United States and belongs to CLOUDFLARENET, US. The main domain is robertheaton.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.

This is the only time robertheaton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3034::ac43:af61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
13	2

12 2606:4700:3034::ac43:af61 (United States)

ASN13335 (CLOUDFLARENET, US)

robertheaton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	robertheaton.com robertheaton.com	901 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 286	396 B
13	2

	Domain	Requested by
12	robertheaton.com	robertheaton.com
1	ssl.google-analytics.com	robertheaton.com
13	2

This site contains links to these domains. Also see Links.

Domain
twitter.com
advancedbeginners.substack.com
portswigger.net
www.charlesproxy.com
support.apple.com
www.wireshark.org
scapy.net
soundcloud.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Frame ID: AD74E01A900EA0A91EF5F02C805DD696
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to man-in-the-middle proxy your IOT devices | Robert Heaton

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

901 kB
Transfer

1053 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/RobJHeaton
Title: Twitter

Search URL Search Domain Scan URL

URL: https://advancedbeginners.substack.com/
Title: Programming Feedback for Advanced Beginners

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp/documentation/desktop/getting-started
Title: the documentation for Burp Suite

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp
Title: Burp Suite

Search URL Search Domain Scan URL

URL: https://www.charlesproxy.com/
Title: Charles

Search URL Search Domain Scan URL

URL: https://support.apple.com/kb/ph25327?locale=en_US
Title: Here’s how to share an internet connection on OSX

Search URL Search Domain Scan URL

URL: https://www.wireshark.org/
Title: Wireshark

Search URL Search Domain Scan URL

URL: https://scapy.net/
Title: Python’s scapy

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp/documentation/desktop/tools/proxy/options/invisible
Title: “Invisible Mode”

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp/documentation/desktop/tools/proxy/options
Title: a specific, hard-coded domain

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp/documentation/desktop/options/connections#hostname-resolution
Title: hostname resolution functionality

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp/communitydownload
Title: download Burp Suite

Search URL Search Domain Scan URL

URL: https://twitter.com/robjheaton
Title: Follow me on Twitter ➜

Search URL Search Domain Scan URL

URL: https://soundcloud.com/rob24242/
Title: SoundCloud

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/ 48 KB
13 KB 529ms
472ms Document
text/html 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9826a54f49c01dda9e6d3e4603aad7d5e6e725612aa9bf4f84f0b3ec5f290f6d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 7149181bd96759a1-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 01 Jun 2022 15:48:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 01 Jun 2022 15:58:33 GMT
last-modified: Wed, 20 Apr 2022 11:24:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zBKBBbBa24D2RYSvN6arhzpeaqeKW1uJW7ObKkctsog8PHvef2zn%2BIHMsxTxcFVAXmCXGABm30ZoodNiWIoCKy9Xmy8h18uJDK%2BZvU6zdKRkwdvtuwx83cP5boUmv8Qg4UycMDCXxFWwYGLynxe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-github-request-id: BF30:6555:400F66:6AE5DE:62978A51
x-proxy-cache: MISS

GET
H2 200 tachyons.css
robertheaton.com/css/ 112 KB
20 KB 378ms
375ms Stylesheet
text/css 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robertheaton.com/css/tachyons.css
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1480e2d86061a50dff1c6a7e70d65b8970c217c722ccd21823d3913a491304f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: 4FE0:386D:495667:9EE0EB:628A12B2
etag: W/"625fed49-1c119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRnt5fZKbPexJ6T4KFDbNSWbyonvdc3DX7OzdsKuu83zvaKMJdntrGP5I5Ui6X1ZKiVph2nTsO5M%2FL5L2%2FNy2S6hjL1oRCAg9Olx2nwCJ3jsSAgb%2BSxGc1Dm8v4jh78fZk04qeJS78kY94arE1Nz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 7149181efb8359a1-MXP
x-origin-cache: HIT
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H2 200 highlight.css
robertheaton.com/css/ 4 KB
1 KB 372ms
371ms Stylesheet
text/css 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robertheaton.com/css/highlight.css
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f30ebf59573bcad5dc5163fd0ce137bfd57359f14eb8f18eb03aa93fc8b3cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: 6592:2968:12C228:28115C:629113B5
etag: W/"625fed49-1069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfXLjG%2Bw%2FCqaS2ybHJTQPOSI%2F4LUeaESXFTvpd29M%2Fi%2FCWCkQy3xycRJOdIb920vqtj%2Foa%2BtU7fvoPK9cMAPfM8IwWSMgnkKBpCKbCdp7r84P7v8vZDiodbuTEOjTM7dFsO6fkUuDfjnDqDLOQwf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7149181efb8759a1-MXP
x-proxy-cache: MISS
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 iot-cover-cropped.png
robertheaton.com/images/ 168 KB
169 KB 538ms
536ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/iot-cover-cropped.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96252abe7c3e1dca335e6d970c38edffe7c4ef4fb6a364444e56e0d4c3b755d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 172005
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: 7D68:0207:24049D:571745:62978A52
etag: "625fed49-29fe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h47WPeeqq0kuBORuiu2G61MqyuJhupjMS3xRBr%2BD0It16ewrlOgdQ63tcFHk%2BJVTtIhv15%2BnQORzrUHeHPOng1rrEj%2FJRj8mmnRvhBVG5VEfOMMR2UE6guksXAXfhewvUeVvKRqqzPV6qgeTvvud"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714918216e55738b-MRS
x-proxy-cache: MISS
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 iot-mitm.png
robertheaton.com/images/ 103 KB
103 KB 615ms
614ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/iot-mitm.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e9400e574e3c5648366e12a3225a1415db245012c252fd084dd1e2b103d21c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105218
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: A30E:6D8C:236412:4B96F5:62978A52
etag: "625fed49-19b02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvSsRceUNw4DrVpCrdwAJW6shxm%2BdakuvoBPxLydtCm8MAF4pw7RsfmTxw35HcI3WtkixpJxrtZF0QU2BDL3ZKf0u0Qar%2BIVwl4svbf9I1bLV4220o1FzAax4wPlUQXRmIfB6IsYUNuCCr1EvYxv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714918216e67738b-MRS
x-proxy-cache: MISS
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 iot-iphone-proxy.png
robertheaton.com/images/ 32 KB
33 KB 407ms
402ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/iot-iphone-proxy.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f14b030ca0caf1478ebafdb552695643df6cc16b244203df27a7e1e71ce665a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33222
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: AAB8:3729:24E180:4CADB4:62978A52
etag: "625fed49-81c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4Rl1s8%2F25GYchduk7TXaKi4WIYR6WVIuX5pDVnnjp3JOvzaxs8fs%2BETMao3RqGCm47ccWjCtE5sUf1BFETZkTrPunB1rAP17C33biuonmVMxwiMF8659RGP8QP6aH3PBthhrJq%2FcMrFCRmO%2BOIa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714918217ea3738b-MRS
x-proxy-cache: MISS
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 iot-dns-intro.png
robertheaton.com/images/ 140 KB
141 KB 525ms
521ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/iot-dns-intro.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ddd4d30ebf48ffd006ca3fffe554dd0d28d7a94782cb5fa9defc08a534f0365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143461
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: E5E8:1030:3FCFE9:69EC44:62978A52
etag: "625fed49-23065"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEJKet48vNLSSXkh2l%2FhtfZLVmIWxTUkIP7M4Pb3b2ph3bag5g1sx8MatS4zrx%2FSVlysXrBZZ12CYadSXIDDT8UVOUy6zWy7pnUbGkMNodF875WsaCXrRoClgONdm91%2FAmm2AWO67ZgXZbvQrcRI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714918217ea8738b-MRS
x-proxy-cache: MISS
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 iot-dns-fake.png
robertheaton.com/images/ 167 KB
168 KB 641ms
637ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/iot-dns-fake.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6bc73bc32cf08e3afffa10dd83f1598ce79e8a3dbde8829bc810098e66bb505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 170879
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: B944:9734:43A5B2:6E8EDD:62978A52
etag: "625fed49-29b7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX1%2FM%2BN18jqtgqUUkHCPeKnXZa7rahGjhFsZ4BvBIlrGK747AEFX0AnoP9LbL9q4h%2BRfk2MMt0Id3Ve%2F604vfpdlGaEwRNaBvl7OQWY5jzluhWHjaYHUEKasrol6eHLWUdtZVoMsmNZHSx0vKoAJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 714918217eab738b-MRS
x-origin-cache: HIT
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 iot-wireshark-dns.png
robertheaton.com/images/ 197 KB
198 KB 542ms
539ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/iot-wireshark-dns.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a711e614fd2c0f9e826eb7d2f0463168154ee82570048a6cc29c8f9b05647ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202195
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: 42F2:30F1:3DF0A9:68561E:62978A52
etag: "625fed49-315d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN8mymtrHByQoStKYSn9gBYhXZvK7hdjwmxX0w%2BtIw4XYItBzXa3P3J1bmhS1QNIfyt%2Bki48otkYfZGfAH175%2FGbrpA13E6BfVvaDSqhtpF9efQrfygL71fbEf9c%2BzcLgYzOa0E1Yw9QrIEgbUYL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 714918217eb1738b-MRS
x-origin-cache: HIT
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 iot-handshake-fail.png
robertheaton.com/images/ 34 KB
35 KB 430ms
427ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/iot-handshake-fail.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02912a2f249dc94ba538d2b163aa1fba553161b942467b666e1c5d48aa1d626a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35267
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: 76CE:42A0:235309:4B8A8C:62978A52
etag: "625fed49-89c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8YiqQ6YfYaA8nrR5ISQdE6%2FpDLjD00HxABZFAg%2FUwlsR7KDGLHZrXymKFznn9wmnlapBrNhfikJ%2BZuNasw8WXYPCDeeQclU0PSXlxLvuPbB%2BWvUlYiLkFqtzz%2FLP%2FdpOmfr4BTKs0xhNbf39R0g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 714918217eb5738b-MRS
x-origin-cache: HIT
expires: Wed, 01 Jun 2022 15:58:34 GMT

GET
H3 200 twitter.png
robertheaton.com/images/ 2 KB
2 KB 46ms
43ms Image
image/png 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robertheaton.com/images/twitter.png
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9991426a70165a67a0002fe8eecc6360aeaa50bd12e8d88c246c360249afc63c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1794
last-modified: Wed, 20 Apr 2022 11:23:54 GMT
server: cloudflare
x-github-request-id: 7798:4E08:E4DEC2:17462F2:628D8ADF
etag: "625fed4a-702"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17EqaPki3e%2FQSVa4uODDjqbwY1%2F0poufeqp0Mi6yb3iVVyciGaJkRQ8WMAxUz3ElvinpNIyplTUEg%2FKSwsio1zQZ3mBJXQ78OWXtGQN8jOMhhIMRzOOVy2EGW%2F8zRH4F%2BHzhuxOmwg4UCcFzH1du"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714918217ebf738b-MRS
x-proxy-cache: MISS
expires: Wed, 01 Jun 2022 15:50:48 GMT

GET
H3 200 ga.js Show response
robertheaton.com/ 45 KB
18 KB 46ms
44ms Script
application/javascript 2606:4700:3034::ac43:af61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robertheaton.com/ga.js
Requested by: Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:af61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:48:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 11:23:53 GMT
server: cloudflare
x-github-request-id: B070:7F73:2E1F1:40E32:625FF1A5
etag: W/"625fed49-b4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBJDQPLNJ4JYb6cxih9TlpX8VKidJ0avqd0kvJLiORDjomJRDViAoIOkGN3boFmM8zUQwpFbIUlMgjyt6ftNjLl5LwT1xI73EPe1f%2Bnn3Bl1vB5nLQYrNdMdak%2F4tmuj80qQWttAkfybzYZlMG5G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 714918217ec4738b-MRS
x-origin-cache: HIT
expires: Wed, 01 Jun 2022 15:50:48 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
396 B 169ms
14ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1137027954&utmhn=robertheaton.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=How%20to%20man-in-the-middle%20proxy%20your%20IOT%20devices%20%7C%20Robert%20Heaton&utmhid=783765861&utmr=-&utmp=%2F2019%2F11%2F21%2Fhow-to-man-in-the-middle-your-iot-devices%2F&utmht=1654098514283&utmac=UA-26941226-1&utmcc=__utma%3D6182064.1350606776.1654098514.1654098514.1654098514.1%3B%2B__utmz%3D6182064.1654098514.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1413730885&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: robertheaton.com
URL: https://robertheaton.com/2019/11/21/how-to-man-in-the-middle-your-iot-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robertheaton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 15:48:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.robertheaton.com/	1970-01-20 20:59:30	Name: __utma Value: 6182064.1350606776.1654098514.1654098514.1654098514.1
.robertheaton.com/	1969-12-31 23:59:59	Name: __utmc Value: 6182064
.robertheaton.com/	1970-01-20 07:51:06	Name: __utmz Value: 6182064.1654098514.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.robertheaton.com/	1970-01-20 03:28:19	Name: __utmt Value: 1
.robertheaton.com/	1970-01-20 03:28:20	Name: __utmb Value: 6182064.1.10.1654098514

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

robertheaton.com
ssl.google-analytics.com
2606:4700:3034::ac43:af61
2a00:1450:4001:800::2008
02912a2f249dc94ba538d2b163aa1fba553161b942467b666e1c5d48aa1d626a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2a711e614fd2c0f9e826eb7d2f0463168154ee82570048a6cc29c8f9b05647ed
6ddd4d30ebf48ffd006ca3fffe554dd0d28d7a94782cb5fa9defc08a534f0365
6f30ebf59573bcad5dc5163fd0ce137bfd57359f14eb8f18eb03aa93fc8b3cc0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
96252abe7c3e1dca335e6d970c38edffe7c4ef4fb6a364444e56e0d4c3b755d5
9826a54f49c01dda9e6d3e4603aad7d5e6e725612aa9bf4f84f0b3ec5f290f6d
9991426a70165a67a0002fe8eecc6360aeaa50bd12e8d88c246c360249afc63c
c6bc73bc32cf08e3afffa10dd83f1598ce79e8a3dbde8829bc810098e66bb505
d1480e2d86061a50dff1c6a7e70d65b8970c217c722ccd21823d3913a491304f
d5e9400e574e3c5648366e12a3225a1415db245012c252fd084dd1e2b103d21c
f14b030ca0caf1478ebafdb552695643df6cc16b244203df27a7e1e71ce665a2

robertheaton.com Open in urlscan Pro 2606:4700:3034::ac43:af61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

901 kBTransfer

1053 kBSize

5 Cookies

14 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

5 Cookies

Indicators

robertheaton.com Open in urlscan Pro
2606:4700:3034::ac43:af61 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

901 kB
Transfer

1053 kB
Size

5
Cookies

13 HTTP transactions
0 data transactions