blog.huntresslabs.com Open in urlscan Pro
52.4.175.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Effective URL:
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
Submission: On December 01 via api (December 1st 2020, 10:25:57 am UTC) from US

Summary HTTP 111 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 111 HTTP transactions. The main IP is 52.4.175.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is blog.huntresslabs.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 30th 2019. Valid for: a year.

This is the only time blog.huntresslabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	52.4.175.111 52.4.175.111	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6810:787f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
74	2606:4700::68... 2606:4700::6810:7991	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	13.35.253.198 13.35.253.198	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.85 143.204.89.85	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.144 104.111.218.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:8a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.72.211.240 52.72.211.240	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:214... 2600:9000:214f:6800:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:e2:... 2606:4700:e2::ac40:8b24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9	14618 (AMAZON-AES) (AMAZON-AES)
1	52.200.116.103 52.200.116.103	14618 (AMAZON-AES) (AMAZON-AES)
111	14

9 52.4.175.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-175-111.compute-1.amazonaws.com

blog.huntresslabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:787f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 2606:4700::6810:7991 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-198.fra6.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-85.fra50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.144 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-144.deploy.static.akamaitechnologies.com

a16180790160.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.211.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-211-240.compute-1.amazonaws.com

srv-2020-12-01-10.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:6800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:e2::ac40:8b24 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.116.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-116-103.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	3 MB
10	medium.systems lightstep.medium.systems	2 KB
9	huntresslabs.com 1 redirects blog.huntresslabs.com	44 KB
5	branch.io cdn.branch.io api2.branch.io	26 KB
4	bugsnag.com sessions.bugsnag.com	251 B
3	optimizely.com cdn.optimizely.com a16180790160.cdn.optimizely.com logx.optimizely.com	93 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
2	google-analytics.com www.google-analytics.com	19 KB
1	parsely.com srv-2020-12-01-10.pixel.parsely.com	229 B
1	app.link app.link	740 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	19 KB
111	11

	Domain	Requested by
33	cdn-client.medium.com	blog.huntresslabs.com cdn-client.medium.com
30	miro.medium.com	blog.huntresslabs.com
11	glyph.medium.com	blog.huntresslabs.com glyph.medium.com
10	lightstep.medium.systems	cdn-client.medium.com
9	blog.huntresslabs.com	1 redirects cdn-client.medium.com
4	api2.branch.io	cdn-client.medium.com
4	sessions.bugsnag.com	cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	www.google-analytics.com	blog.huntresslabs.com www.google-analytics.com
1	logx.optimizely.com	cdn-client.medium.com
1	srv-2020-12-01-10.pixel.parsely.com	blog.huntresslabs.com
1	app.link	cdn.branch.io
1	a16180790160.cdn.optimizely.com	cdn.optimizely.com
1	cdn.branch.io	blog.huntresslabs.com
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	cdn.optimizely.com	blog.huntresslabs.com
1	medium.com	1 redirects
111	17

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
huntresslabs.com
www.bleepingcomputer.com
www.virustotal.com
www.youtube.com
vickieli.medium.com
ryancor.medium.com
about.medium.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
blog.huntresslabs.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-30` - `2020-12-29`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2020-08-19` - `2022-10-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
appipv4.link Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-11-27` - `2021-02-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
logx.optimizely.com Amazon	`2020-09-21` - `2021-10-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
Frame ID: 89567B8CAC0035DE0674CAECFD74A89D
Requests: 102 HTTP requests in this frame

Frame: https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html
Frame ID: 501C11180B67B7B83C33111F447F5E92
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-an... HTTP 302
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

111
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

17
Subdomains

14
IPs

4
Countries

2961 kB
Transfer

4935 kB
Size

11
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_page-----400b57cd7dd---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F400b57cd7dd&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----400b57cd7dd--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_page-----400b57cd7dd---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://huntresslabs.com/?source=post_page-----400b57cd7dd--------------------------------
Title: Company

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=responses-----400b57cd7dd---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=-----400b57cd7dd---------------------smart_meter-----------
Title: Sign up for Medium and get an extra one

Search URL Search Domain Scan URL

URL: https://medium.com/@johnhammond010?source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Ff9c5b8e8daa3&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_page-f9c5b8e8daa3----400b57cd7dd---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/trickbot-turns-100-latest-malware-released-with-new-features/
Title: 100th version

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/58c4bea082b2f44f0beab5356ae2bc9bc73c3f13ab0491861bc2ba24690da103/detection
Title: https://www.virustotal.com/gui/file/58c4bea082b2f44f0beab5356ae2bc9bc73c3f13ab0491861bc2ba24690da103/detection

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0RADvfJysuA
Title: https://www.youtube.com/watch?v=0RADvfJysuA

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_sidebar-----400b57cd7dd---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_sidebar-----400b57cd7dd---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_actions_footer-----400b57cd7dd---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@johnhammond010?source=follow_footer-------------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Ff9c5b8e8daa3%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=follow_footer-f9c5b8e8daa3-------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=follow_footer--------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@annie.ballew?source=post_internal_links---------0----------------------------
Title: Annie Ballew

Search URL Search Domain Scan URL

URL: https://medium.com/@lily.teplow?source=post_internal_links---------1----------------------------
Title: Lily Teplow

Search URL Search Domain Scan URL

URL: https://medium.com/@johnhammond010?source=post_internal_links---------2----------------------------
Title: John Hammond

Search URL Search Domain Scan URL

URL: https://medium.com/@annie.ballew?source=post_internal_links---------3----------------------------
Title: Annie Ballew

Search URL Search Domain Scan URL

URL: https://medium.com/@annie.ballew?source=post_internal_links---------4----------------------------
Title: Annie Ballew

Search URL Search Domain Scan URL

URL: https://medium.com/@jdferrell3?source=post_internal_links---------5----------------------------
Title: John Ferrell

Search URL Search Domain Scan URL

URL: https://medium.com/bugbountywriteup/diving-into-yargen-9e8c00e18b65?source=post_internal_links---------6----------------------------
Title: Diving into YarGen

Search URL Search Domain Scan URL

URL: https://vickieli.medium.com/?source=post_internal_links---------6----------------------------
Title: Vickie Li

Search URL Search Domain Scan URL

URL: https://medium.com/bugbountywriteup?source=post_internal_links---------6----------------------------
Title: InfoSec Write-ups

Search URL Search Domain Scan URL

URL: https://ryancor.medium.com/extracting-embedded-payloads-from-malware-aaca8e9aa1a9?source=post_internal_links---------7----------------------------
Title: Extracting Embedded Payloads From Malware

Search URL Search Domain Scan URL

URL: https://ryancor.medium.com/?source=post_internal_links---------7----------------------------
Title: Ryan Cornateanu

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----400b57cd7dd--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----400b57cd7dd--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=post_page-----400b57cd7dd--------------------------------
Title: Share your thinking.

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----400b57cd7dd--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----400b57cd7dd--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd HTTP 302
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd Show response
blog.huntresslabs.com/
Redirect Chain

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

199 KB
43 KB

808ms
808ms

Document
text/html

52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-175-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c277e6855ceaaed1944ea649f9c3f3e79f2c5a2a7cd4f1b667aabae4cad0b78c

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: blog.huntresslabs.com
:scheme: https
:path: /tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 01 Dec 2020 10:25:37 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
etag: W/"31c3b-BVGKm7/aibEo7YIwXF2ursM2oFg"
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, lite/main-20201201-010343-3c8b048983, rito/main-20201130-215411-06322a06bb, tutu/medium-43121
set-cookie: uid=lo_7ac8a3c91d24; Path=/; Expires=Wed, 01 Dec 2021 10:25:36 GMT; HttpOnly; Secure; SameSite=None sid=1:kKgHBSzdwVED0jvT8KzL0RZRXAcHbrV5cz8zPaKA6RYLgixyxtSi6ERBNwxchuUT; Path=/; Expires=Wed, 01 Dec 2021 10:25:36 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_7ac8a3c91d24; Path=/; Expires=Wed, 01 Dec 2021 10:25:36 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 682
x-frame-options: allow-from medium.com

Redirect headers

date: Tue, 01 Dec 2020 10:25:36 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: __cfduid=d6ad66f746035a73c4ee99e6e4b8a4cd91606818336; expires=Thu, 31-Dec-20 10:25:36 GMT; path=/; domain=.medium.com; HttpOnly; SameSite=Lax uid=lo_7ac8a3c91d24; Path=/; Domain=medium.com; Expires=Wed, 01 Dec 2021 10:25:36 GMT; HttpOnly; Secure sid=1:jt9tAUaHYCn8OrZa9Rgl3w7le/l8OW0sRw0N9oS7edwMU37o1u7njsz1BjP/WDP9; Path=/; Domain=medium.com; Expires=Wed, 01 Dec 2021 10:25:36 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_7ac8a3c91d24; Path=/; Domain=medium.com; Expires=Wed, 01 Dec 2021 10:25:36 GMT; Secure; SameSite=None __cfruid=3c051ea91d472601dcc54893a517b83f43cb10ca-1606818336; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 29
x-frame-options: sameorigin
x-obvious-info: 20201201-0313-root,7bc51ca4
x-obvious-tid: 1606818336279:9fd44e8836fc
x-opentracing: {"ot-tracer-spanid":"0348ea422431b6ed","ot-tracer-traceid":"5125bb39c6bd6818","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f25c6000005bfd7127000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fac1ae93abf05bf-FRA

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 320 KB
93 KB 24ms
10ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1422f4481001a4b056cb5eb392f37a870c27b6dd8699d76339693171f861dd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: NAwucNm1EVKhCUd7ZYqmFSki9DH9D53t
content-encoding: gzip
etag: "7d393b6bc75567b380d3008247f1d10d"
x-amz-request-id: AXCW2YFYFY9X1NAJ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 5192
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 94464
x-amz-id-2: PIrDU+wJT31bpNWHHrzM4MgSVbCwfBvp1gP1DH1sn1h4UZH9ktsb7UoF1xXt9y0Dr8ZAi3eMH5M=
last-modified: Tue, 24 Nov 2020 17:54:14 GMT
server: AmazonS3
date: Tue, 01 Dec 2020 10:25:37 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 unbound.css
glyph.medium.com/css/ 10 KB
1 KB 81ms
63ms Stylesheet
text/css 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 922
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2a64000032481633b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 5fac1af0999c3248-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 01 Dec 2020 14:25:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2146
date: Tue, 01 Dec 2020 09:49:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 01 Dec 2020 11:49:51 GMT

GET
H2 200 1*JzHsjsiFbLfEtiS8aUsNmQ.png
miro.medium.com/max/290/ 6 KB
7 KB 29ms
26ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/290/1*JzHsjsiFbLfEtiS8aUsNmQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e7fdfacc4e27e4fff3082c27b10bbc44bca8ecb2f0997479f274945f3db046f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1970710
x-envoy-upstream-service-time: 48
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6646
cf-request-id: 06bf6f2acb00003248470ea000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af14b9f3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*fDAN_hGsCdpZAbDAO_YSCQ.png
miro.medium.com/fit/c/96/96/ 11 KB
11 KB 33ms
30ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*fDAN_hGsCdpZAbDAO_YSCQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d86f6376b7093cad80381bdbb47a15083da4e39fe2824597fb472cafff39265

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587281
x-envoy-upstream-service-time: 35
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 10896
cf-request-id: 06bf6f2acb00003248821a8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af14ba13248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*SwPP7Qnr548RZgbMZR8EUA.png
miro.medium.com/max/60/ 4 KB
4 KB 50ms
47ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*SwPP7Qnr548RZgbMZR8EUA.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82a83255ce888723b163f1e95d1a2f7b6d7e2a241aaaa910ab6a311c9b009176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 576812
x-envoy-upstream-service-time: 27
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4370
cf-request-id: 06bf6f2acc000032480d013000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af14ba43248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*_TPY6BowD1l6K-FuztN1Vw.png
miro.medium.com/max/60/ 3 KB
3 KB 140ms
138ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*_TPY6BowD1l6K-FuztN1Vw.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fe1932aee01b8f2dd7e1e6b2a8855823b5d1dc105b7ece0ca2ea52d0f2589b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2843
cf-request-id: 06bf6f2acb00003248420c1000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af14b9b3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*6Ty615ti71O2g97TP0AxbQ.png
miro.medium.com/max/60/ 2 KB
2 KB 132ms
130ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*6Ty615ti71O2g97TP0AxbQ.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d763c16430d1b2bcf5bce9ccd775da63565aff441188d0f6f43346d7aa0125d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 104
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1871
cf-request-id: 06bf6f2acc00003248189e7000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af14ba83248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*ufCEj-2GofGmDrnNMIaD2Q.png
miro.medium.com/max/60/ 2 KB
2 KB 156ms
153ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ufCEj-2GofGmDrnNMIaD2Q.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c771333a7ff915d044d909b4934c00ed1d37502f12083cdff379b23f7a7adffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1708
cf-request-id: 06bf6f2acc00003248258e3000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af14ba33248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*lW90BHUZv_tHIfzrpfh8sA.png
miro.medium.com/max/60/ 2 KB
2 KB 195ms
195ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*lW90BHUZv_tHIfzrpfh8sA.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3985530cca8fee2517132a65973535519fdb04a6909a724e72d915117f64a933

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 72
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1764
cf-request-id: 06bf6f2ae90000324809910000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af17c2f3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*1kO_SHQZhwWrv5c1vnqKEw.png
miro.medium.com/max/60/ 2 KB
2 KB 112ms
112ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*1kO_SHQZhwWrv5c1vnqKEw.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b01d33c6e2769909fd8f9c98c2ff5baeddd97018283bb69277254bf2f4a50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1682
cf-request-id: 06bf6f2aea00003248223a9000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af17c313248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*Q4zPf3qamTKg0mSDVFAldQ.png
miro.medium.com/max/60/ 3 KB
3 KB 126ms
126ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*Q4zPf3qamTKg0mSDVFAldQ.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853cb1692f14bfc48f727e3df77c2e7b1b90148d177f6b29b0568889b5c99cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3132
cf-request-id: 06bf6f2afb000032486cb24000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af19c663248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 0*SeRj1W_i8AhACDn-
miro.medium.com/max/60/ 853 B
1 KB 187ms
187ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*SeRj1W_i8AhACDn-?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4262a3cd34acac878ec9d934916863a4e79daebd8d6ab56865abcdea4305258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 16
content-length: 853
cf-request-id: 06bf6f2b4d00003248600bf000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af21d893248-FRA
expires: Thu, 31 Dec 2020 10:25:37 UTC

GET
H2 200 1*fDAN_hGsCdpZAbDAO_YSCQ.png
miro.medium.com/fit/c/160/160/ 25 KB
25 KB 23ms
22ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*fDAN_hGsCdpZAbDAO_YSCQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43927eb145c7567726c39d80ead36af48e7361fbcbe694a6a1547b1caab03cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587281
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 25675
cf-request-id: 06bf6f2b55000032481c9b2000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af22db13248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*fR5n43D-i3z88ODTtgO1ag.png
miro.medium.com/fit/c/160/160/ 12 KB
12 KB 49ms
49ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*fR5n43D-i3z88ODTtgO1ag.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87964eb6355d30f094783ac455d82db486e8708f4173849e9877816b99b34463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657571
x-envoy-upstream-service-time: 72
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 12544
cf-request-id: 06bf6f2b6300003248738e3000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af22dca3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*fDAN_hGsCdpZAbDAO_YSCQ.png
miro.medium.com/fit/c/80/80/ 8 KB
8 KB 30ms
30ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*fDAN_hGsCdpZAbDAO_YSCQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a54050b72f702187bfbfca6be8216d42a8ab3d41561c79a30c9072d928df4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587281
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 7805
cf-request-id: 06bf6f2b65000032481634f000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af23dee3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*fR5n43D-i3z88ODTtgO1ag.png
miro.medium.com/fit/c/80/80/ 5 KB
5 KB 33ms
33ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*fR5n43D-i3z88ODTtgO1ag.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bfdf5bcbd4190fae04b2917aaea593bd3b8d94ddf83e5920ec43561f229a911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657571
x-envoy-upstream-service-time: 50
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 5203
cf-request-id: 06bf6f2b6c000032485507e000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af24e013248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 0*7ls_zdVmsUywKSmq
miro.medium.com/max/60/ 5 KB
5 KB 169ms
169ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*7ls_zdVmsUywKSmq?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ab6ef08adb3d2774fd7cbfa6d3b3674772f0f25da1b6e277ee27faa36817a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 17
content-length: 4922
cf-request-id: 06bf6f2b7a0000324887973000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af25e443248-FRA
expires: Thu, 31 Dec 2020 10:25:37 UTC

GET
H2 200 0*OWtXi7MAfC9NDq5O
miro.medium.com/max/60/ 3 KB
3 KB 151ms
151ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*OWtXi7MAfC9NDq5O?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3f007d404f170174f9a55d9860a17f7de63dacb881568d50042759316c2ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 25
content-length: 3442
cf-request-id: 06bf6f2b85000032485819a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af26e7e3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 UTC

GET
H2 200 1*1vUs6otUEXWKMdo33TnYGw.png
miro.medium.com/max/60/ 5 KB
5 KB 27ms
27ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*1vUs6otUEXWKMdo33TnYGw.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73514d2935414357d01b7dd044fa60f60e09a4d042c635bb501c8a18dc34d748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587281
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4621
cf-request-id: 06bf6f2b8d0000324887974000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af27eb23248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*gdP1lMQbo4kShelzhChiMw@2x.png
miro.medium.com/max/60/ 2 KB
2 KB 36ms
36ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*gdP1lMQbo4kShelzhChiMw@2x.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60f518c4f68845a3a5927592ebf038d67343b43aa8c4478ac08d27eb53300419

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 498024
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2108
cf-request-id: 06bf6f2b8e00003248690cd000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af27ebc3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*cf3Shx37mHWAoxC9CpbAzg@2x.png
miro.medium.com/max/60/ 2 KB
2 KB 28ms
28ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*cf3Shx37mHWAoxC9CpbAzg@2x.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945265fc049de4e7c7240b6a9d3d5b2d924d894cea9cbf9a326822fda82528e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 905210
x-envoy-upstream-service-time: 60
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2054
cf-request-id: 06bf6f2bac00003248821bd000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5fac1af2af3d3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*zBI6b6H7ksrZoyn0d_aW9g.png
miro.medium.com/max/60/ 5 KB
5 KB 32ms
32ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*zBI6b6H7ksrZoyn0d_aW9g.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cdc0d6a177fee9c9b7e878073d2e6643c9df2c2bbd200f40e4d69d9dd99d3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 576812
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4631
cf-request-id: 06bf6f2bb5000032480f84f000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af2bf6f3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 0*xCawCf4U2AN0qXCU
miro.medium.com/max/60/ 854 B
1 KB 152ms
146ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*xCawCf4U2AN0qXCU?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed08fb474169940e30e7861510226dd49b64853fb29496c2d304fcec88351ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 14
content-length: 854
cf-request-id: 06bf6f2bcc0000324830902000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af2efcc3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 UTC

GET
H2 200 1*4gvqh_vdl-zN4dQlS6hwhA.png
miro.medium.com/max/60/ 6 KB
6 KB 54ms
51ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*4gvqh_vdl-zN4dQlS6hwhA.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a939d4d689b48d14f71cd65a597c64e139b37b4fb3b9c8347f38a7bd743918f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2071146
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6202
cf-request-id: 06bf6f2bda00003248600c8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af2ffff3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/270/ 10 KB
10 KB 21ms
20ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2101964
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 9821
cf-request-id: 06bf6f2c0e000032485289b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20200804-190312-d5d253b55e
accept-ranges: bytes
cf-ray: 5fac1af3489f3248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/270/ 7 KB
7 KB 22ms
22ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2175879
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6839
cf-request-id: 06bf6f2c1d000032488d314000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1af368e03248-FRA
expires: Thu, 31 Dec 2020 10:25:37 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 51ms
29ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1790813
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af20000c2f986b42000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18bf4c2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 50ms
28ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1790813
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af40000c2f984185000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18c05c2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
14 KB 56ms
34ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1904903
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af40000c2f9da9e4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18bffc2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 18 KB
18 KB 62ms
41ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1790813
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af30000c2f9c0aaf000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18bfdc2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 45ms
24ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568368
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af40000c2f958883000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18c00c2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 charter-700-italic.woff
glyph.medium.com/font/77a0c0c/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 11 KB
11 KB 67ms
47ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/77a0c0c/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f4969854fa4004e00ddf84c2ca5ada59216aef292c3f6e7a5b1a73d90646f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 128661
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af40000c2f9e82c8000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18c07c2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 52ms
31ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568368
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af30000c2f951a8b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18bfac2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 60ms
40ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568368
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f2af30000c2f9d030e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1af18bf6c2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:37 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1513859173&t=pageview&_s=1&dl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd%3Fgi%3Dece4789baa44&ul=en-us&de=UTF-8&dt=Tried%20and%20True%20Hacker%20Technique%3A%20DOS%20Obfuscation%20%7C%20by%20John%20Hammond%20%7C%20Nov%2C%202020%20%7C%20Huntress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1716410739&gjid=1138353407&cid=1666800607.1606818338&tid=UA-24232453-2&_gid=198774791.1606818338&_r=1&_slc=1&z=1628775398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 10:25:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.huntresslabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 manifest.acdc9674.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
4 KB 48ms
42ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.acdc9674.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ff0062c9941bbb37fef46b01a764f394f912a5c32f243e7b83f68d2e2a4c45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35823
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 98CAE3ED1526897C
x-amz-id-2: Dfz/CsWrxKpBhEzvyqHidwUl5gtGAnhRQWsqBi4VKld+IyjjHt1LmgPWxW+FefxkqbFLtCcPOHM=
last-modified: Tue, 01 Dec 2020 00:20:46 GMT
server: cloudflare
etag: W/"9dbcd9ba14fd8d50c0757d541b9d48f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 3wkA.ks.rmO_uw2ESV6BnkTjbIGzwynD
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2ba0000032485f1a7000000001
cf-ray: 5fac1af29f0a3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 8705.537fdf35.js Show response
cdn-client.medium.com/lite/static/js/ 706 KB
208 KB 43ms
37ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1cf57b09a005b072eaeaac7afa0eadc241b3f37119e919c5b321d180ede1d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 663985
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: D97BEC7070D56235
x-amz-id-2: xItjuSI98I6p44jAc0MRkVdD9dRRSIcFpH6d9eFDo68GMZL8RM1CxfYELQd85y9HyWsVsfa0CFY=
last-modified: Mon, 23 Nov 2020 17:52:50 GMT
server: cloudflare
etag: W/"7dfd1cae8043ec3b248af0f0b6c4a5da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: npq70KX6RM0eCzypfh5L2dBL3drqqigY
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2ba1000032488a070000000001
cf-ray: 5fac1af29f0f3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 main.9b87b49d.js Show response
cdn-client.medium.com/lite/static/js/ 527 KB
138 KB 45ms
39ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e5b87d5599d46165267a954b9c301e780c0fb3dfc1a67cdefc30c893e5a7dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32396
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7FDEFF60D1C4D698
x-amz-id-2: mIY7txo3z98u8pEpockOv//cjVdWaYI4bsnV+9+olLxnrVAM3m1C5HpYg0BVRUGNRQC+QdOiHvk=
last-modified: Tue, 01 Dec 2020 01:22:48 GMT
server: cloudflare
etag: W/"c3946a9f77c64abf18816318e2810e3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MsBbP97tHW5zCMSZZoKCnGlxUCwbJ_mn
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2ba200003248420db000000001
cf-ray: 5fac1af29f0d3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 5573.71c7b89b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 30ms
25ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364f6c75955774aebff7e991251b546bc3be8bd6b8c2ec6992093954d2880ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 802256
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5F1FD4DB55DDDE8A
x-amz-id-2: B84Imc8lpoqsoNjOt1mesrdf9/0oYNrEFAWkKUWZAUodSqYcPc1wn8nS9+NkLEXQZZGikjHaOj4=
last-modified: Thu, 05 Nov 2020 06:35:09 GMT
server: cloudflare
etag: W/"5ea86fb250e41d2afbeafce6d98f43fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: n6sjS3in91J8r._SfEa8RwndCZwis75f
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2b9e0000324867872000000001
cf-ray: 5fac1af29f033248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 instrumentation.b159e062.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 45ms
44ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.b159e062.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8138c096e0fe75403f6c983d40d1867ffe44f231422bd4b66b19e02bdaf3f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 894030
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A670D983870BC000
x-amz-id-2: 07SOoqSoYak488uciyldnrtUUUDHcqrZcpxLcaDKQArrT5fvAStylGLmnoS90Ya9yWDCAnlADBM=
last-modified: Sat, 07 Nov 2020 01:12:55 GMT
server: cloudflare
etag: W/"f58deca85e2c997a1e2fec2e3e465940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5TPzxF68abpDXNCV7.A5sPoBuwOMN3X0
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bab000032483b3a5000000001
cf-ray: 5fac1af2af393248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 reporting.a97391eb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
980 B 24ms
23ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.a97391eb.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559b03b627bb2a5cfa4390b674bdca59d21dfacfc9eea75a3e60d30382685d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 888481
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3261F28620D55017
x-amz-id-2: YTYd2b3Qz7CPk4VezcqT7RzsLInd+74BKhc7reFuniO4oSIXQ2ikaT6sgA8S34+t3IqeBtqdyMo=
last-modified: Fri, 20 Nov 2020 06:56:54 GMT
server: cloudflare
etag: W/"fe7638c63ed535f5a1e5b02bc60ec02e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: BK9mkdoaQYaX4J2lvUNS9CBPHAxu2l3U
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bac000032481c9bd000000001
cf-ray: 5fac1af2af3b3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 1826.bc1ea69a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
11 KB 28ms
27ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1826.bc1ea69a.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a7dcabcc1bde6b5b7d90eca8e955d02b7b4edb967d68f0c3ca69cb70ce5c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1048751
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B8CCE21D67F8AB31
x-amz-id-2: bMooRsF86w6b4A0jMMBQYyWh/tD2SX6G9Mc7XiDBG+GXgtnj7RQfvMINcqVMjN2c03kEg8BaqN8=
last-modified: Fri, 06 Nov 2020 05:38:50 GMT
server: cloudflare
etag: W/"b09f67d7284461212d661f0679868da7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kJMY8C_4scfydNNyEn3HLn8CL2KriZkt
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bbb0000324854398000000001
cf-ray: 5fac1af2cf833248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 4464.18d417d4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 20ms
19ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4464.18d417d4.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ac6fe649aa853633a57ab2ec0710a69fff6c8be308aae4aad815fb0deacc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1054794
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E9E10B07E400D94C
x-amz-id-2: p/aEzLVqx1d7evpnFwiW+nWI0+8m9JcO1/qEkPOXBVCNFhY+c92MxfP4ekvqDmKxnEc+Xw4buSE=
last-modified: Fri, 06 Nov 2020 01:56:37 GMT
server: cloudflare
etag: W/"96f0b868bf92c7fd790272d73e2f9870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: mxMTb78Psp5MmS3X3oIvlmlN4WNgm2gH
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bc200003248189fd000000001
cf-ray: 5fac1af2cfa03248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 8342.a58cc356.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
34 KB 44ms
38ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8342.a58cc356.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a77af1069d7c8977e9150bbadd688736c38a51f37e47b7081e873cadabbda138

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46979
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FA0330BEB691E402
x-amz-id-2: Q/0wUatl1um6vfEDJVFNuOuV43OLk2NXOlX0JZ/KEb7L1Sso/O7c20vOH2JBGNaesOdX63ePuG0=
last-modified: Mon, 16 Nov 2020 20:56:41 GMT
server: cloudflare
etag: W/"c2d2cb7b44ca8f4bc0de3484bc998db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: DwU8AkLlh8txbyATJg0hucJBYrfafhA.
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bd8000032483b3a8000000001
cf-ray: 5fac1af2fff53248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 1148.9eac293a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 27ms
24ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1148.9eac293a.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

657f85f1f717dfcf71d54955f08094c8f627c55434576788f1fc5a9139c139d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 927678
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 779F169689CFA39A
x-amz-id-2: Dz1EIn+5O7SLVN68rqexaBmts5ZRK38DCYryYMEvvpPxWpQhWrUQgRe4ErqQpVB6YQn0n7LANGg=
last-modified: Fri, 20 Nov 2020 06:56:29 GMT
server: cloudflare
etag: W/"db69beca199f14b1d0c0b61593e3f93e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bhKUKs_.a4w88c947WDlrPKcTLeG6VSL
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bd80000324818a00000000001
cf-ray: 5fac1af2fff73248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 5064.e657005a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 115 KB
32 KB 31ms
29ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5064.e657005a.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1de75b338674502d461c30831f74d7b3ce3188e4c9079971325b86f2fd6574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41760
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 005BC0DE39C40ADA
x-amz-id-2: UmXkt/n5Vc8pntKX2nn+98HtHrH2GROmOM4fGo+OXjqbT82pW8x+hJXPPnjuXhJswSS61pIuxG4=
last-modified: Mon, 30 Nov 2020 17:09:07 GMT
server: cloudflare
etag: W/"138e6889463c542a3027a923e5df0824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: l9WQ5Q5VsK7r_r9v3I8Sc6.RkwHPZC5F
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bd9000032483d9f2000000001
cf-ray: 5fac1af2fff93248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 9274.63eefcdc.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 54ms
53ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9274.63eefcdc.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfd67952d341851f49558fd5b3314f9c54869c362801f51552e1a9df07c8ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1161015
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8789100A0E8D619A
x-amz-id-2: vH8/mSYKXpiYKY3JcaxHMI8XHYwb+I5Yemlp4jPgdHT1XE5QdXtuqmmv7Dn3lQosLyvlDm8sGcw=
last-modified: Sat, 07 Nov 2020 01:12:39 GMT
server: cloudflare
etag: W/"ccd80c9d1d3b3cda451c47c801e9b0de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: FRqbYNlJiTTdTybej.YNfzRZXN68YXRN
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bdf00003248700a7000000001
cf-ray: 5fac1af2fffc3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 2846.6b6ebf22.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 26ms
25ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2846.6b6ebf22.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e543d83cad5f3e4973f7bb52280a9a1722a20ef3d71c4b99b7a7b60770bb2ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 793623
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5A245C02CF5FA5BA
x-amz-id-2: hjS5bDcD0048VFwBVD+f+LR3rrRNxuqdBq/ZffYevV/nMWbZRST6tzwp+IKg8QnFvsYrVXOZna4=
last-modified: Thu, 05 Nov 2020 06:35:08 GMT
server: cloudflare
etag: W/"15657365d9509fb2670441fb19640fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Z5N_3t7pg0ArqX57LA2TCVyXx0lI6cVG
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bda0000324864b64000000001
cf-ray: 5fac1af2fffd3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 8308.2c4ffe63.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 45 KB
13 KB 32ms
31ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8308.2c4ffe63.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

986bc1611e70a77171c4eb0f4cb97704e8e5213a1887cc97c1d2a65222cc2719

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39800
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 855D55DF7EF06AA5
x-amz-id-2: PwwidOoHd8hSMwBqZVzp66TnrvQEw1lWhJqTWrOTFvTItguhXAnrl0qF4DUUEZHyX5KnoV7xFQY=
last-modified: Mon, 30 Nov 2020 23:12:29 GMT
server: cloudflare
etag: W/"530241e006b8d196dee06ca1d7abee1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LNzMbWdaZd6QRjOO9KXaWKdBMacpL9o1
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bf3000032486e1d1000000001
cf-ray: 5fac1af3184e3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 7993.d2090e9e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
8 KB 20ms
20ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7993.d2090e9e.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7886e0489f83052da46abf4683899d44b8fe057cd74877415952ae20a874a740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 713554
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FA5A56F4EEBCC85D
x-amz-id-2: H62t//ICALdlRV9eO+nd24N0QJPpjv2qtbTwXDj6vDKq6YeXBi/fs7All4U2RuWVqtNLcL60DHc=
last-modified: Thu, 05 Nov 2020 05:27:18 GMT
server: cloudflare
etag: W/"e98a333e611f6294eb5502aa6f2401bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: SMyXsQDDO7Ip6xpBtgBCpZyFKWLXtrQ3
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bf4000032481c9c4000000001
cf-ray: 5fac1af318553248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 6839.ef1685ae.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 42ms
42ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6839.ef1685ae.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6466f6c63fc6762dafcdab568fc0ba0fd6888964894962c7fd2e2fcacd049632

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1140241
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 551702CCF861956B
x-amz-id-2: 6Hmh3yUj6YfPtQrP2nmtPaZJNT6KLa0fLYAH8MpTX9fQyyLPNaM7ySxQYryoDFIU15xO+9hzFj0=
last-modified: Sat, 07 Nov 2020 01:12:39 GMT
server: cloudflare
etag: W/"ad2f6f805c2629c7f760c7112f9cf69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kSxdEgy6Ar_UgvDrjQQIco1bvJQeBFD0
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2bf60000324886339000000001
cf-ray: 5fac1af3285b3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 353.46aadb89.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
9 KB 28ms
28ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/353.46aadb89.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dccd53f97210b2d324484de530c8ffcbf41ebc6bf65682b000f967dcddbe00ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 496689
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 27C4B7CFDE9C09B8
x-amz-id-2: 4Q0Ler8Av2dSFusK5/sZ0/vC/3lEVHDZgrITDpyl2IRJ4yathNRQX6rolAmFsmK7j2DxR7ZKzis=
last-modified: Wed, 11 Nov 2020 16:20:07 GMT
server: cloudflare
etag: W/"b68f27e1c17f92de1bbc470517163283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 3puxyNQg6LGCq3XZaAA7NK00mX22bLl3
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c02000032483b3aa000000001
cf-ray: 5fac1af338773248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 8751.7be7f6ef.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 25ms
24ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8751.7be7f6ef.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4517fcc6a48b5aaeffa03c10355d940ac8eae23c2cf3a084236ec81d00f5c731

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 636220
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 315A72FF3AFBB251
x-amz-id-2: /ti8F+Pl4q+7CpopL2dbSoaGrpSFuRn/8/q6OIA53wM2TuBNLJ05cJEDKN6qi29uvbp3le3wOgA=
last-modified: Tue, 24 Nov 2020 01:32:39 GMT
server: cloudflare
etag: W/"b633e5846f0a7c324d940b62d5457708"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 7mWerE1GzhdKCO6mHzmYvvDZBaGd25J7
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c07000032481a0a7000000001
cf-ray: 5fac1af338863248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 2054.5733b9dd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 58ms
58ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2054.5733b9dd.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7eaa5bb774e38aefe57a609919b7ccb17a04ed6814b4f393813c459e1e34af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1088345
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3A33DEDC7F97E982
x-amz-id-2: 7G/RdEYnCVBPAOUHGLNinDrBBTpJ985ynW57ZOBDuJDL2U5e/Cu+ofkkGp2CY6TeLZyORvur4Uk=
last-modified: Wed, 18 Nov 2020 19:58:45 GMT
server: cloudflare
etag: W/"035f1560e73cd49a51eee93caa286e22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HETC0CpJ55zy2oXc.TJyIy_107vrrnMV
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c0a0000324846184000000001
cf-ray: 5fac1af348963248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 8127.bb1718e7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8127.bb1718e7.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e460ff9134a80b4745d13464f518042d06fac2d9298b2ee35147fa7a6e3ee469

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1088345
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 64F44B33A41CD8EF
x-amz-id-2: HPiPIs+FvTY0mDI1xvCe35x4/Lf8ZZczambB7XkYVVF1Kb9+r2p96DL+WAhNFfRzZ8tAXoJuNt8=
last-modified: Wed, 18 Nov 2020 19:58:45 GMT
server: cloudflare
etag: W/"20bdbe68cb1d776ba26819d15e783c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .CMh6bPd_l0ClpFkl7LE97HFxWJxCVQr
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c0e000032483d9f6000000001
cf-ray: 5fac1af348a23248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 7131.5e83a949.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 34ms
34ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7131.5e83a949.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb2f8591bf82b158baed4b3df098f534abe34facad67d2d4089a0cd0ebc27fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 411535
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 66F14A7E30EBF13F
x-amz-id-2: j04XaJLhVfVXGfpGDyCVEVU+oNC5rvJbYWaxtN17lK/EZ7XyMn6MR/hkkRSkszUXkBvQO+S1Vj0=
last-modified: Thu, 12 Nov 2020 15:59:09 GMT
server: cloudflare
etag: W/"b98b66cce608835612c487edb8548473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _N_KjP_DsOGCW5tv3vKyUtXRQdqQwL4x
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c120000324809922000000001
cf-ray: 5fac1af348ac3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 8825.f977dc39.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8825.f977dc39.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93e2bdab31c9b4426963c8a650f70d7949866a4183bc4d92f0748167387c70c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549635
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AD8022D87A3D2653
x-amz-id-2: zML3cZNawiwc6qVPBv3jVw2EMIbRrXLQOkfrb4Qiva6NIsRrG5d9HHscwrkdgbY9207uAw0942s=
last-modified: Wed, 25 Nov 2020 01:40:56 GMT
server: cloudflare
etag: W/"9c4ab0101c48b0786a0b48df00cb3415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: AeSwP1YEBidh_okEOCrNTrtwG1l0zp31
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c1d0000324816363000000001
cf-ray: 5fac1af368dd3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 5279.bdd449a3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
6 KB 18ms
17ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5279.bdd449a3.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d22c4a9b9a7e6f5285b1555fa5041b0c809bdcaae42ac7ed733eecec9e00c10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568246
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7T1K6R9K2Q8M2X0J
x-amz-id-2: sbfNbnOlJv/TlOJGH8k9yPhXjh72qSZKGJtQ72s9OfKdEkkBhlMG+BFGu9wqnM6UCTODfCSm4Uo=
last-modified: Tue, 24 Nov 2020 19:38:20 GMT
server: cloudflare
etag: W/"7d58ba9f9a3408a56ac2ec6250723a27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ritN.C6oE5wq3Ojfw0MC3581FqEj_Bmf
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c21000032485f1b1000000001
cf-ray: 5fac1af368ed3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 9978.5d90969f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9978.5d90969f.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c290ad72854fbe941062590695d72b90a25a8dc5856cd4c418bb69f14e918d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549591
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1576AB31D8B1E917
x-amz-id-2: a0LzVH23UDa05eyVopqGGdxdutQGrCyHKnTvPR4u48MOvfSn8ddG/ekbh/ImJkLuwdK6N7DKGKc=
last-modified: Wed, 25 Nov 2020 01:40:56 GMT
server: cloudflare
etag: W/"0444179feeef57d6b1ec781cb6160953"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2y2OHaR4XkB2GQ4dtGOk8Xq3iG.6eCRz
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c22000032480f857000000001
cf-ray: 5fac1af368f03248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 3721.a4f7e0c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 73 KB
21 KB 26ms
25ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3721.a4f7e0c8.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a95c2d1819e4bc6d85452583779766ee4ad70cf9a9796ce5bae59ca402c97412

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558333
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 61F997DC67747BCC
x-amz-id-2: BRxP2OcVutXTe2VvZTrIyd5RbODCd/DgxNhA27WEFBiMnEhQM1d+YYZtKo1AWeBrdJLKNlLk7i4=
last-modified: Tue, 24 Nov 2020 23:14:46 GMT
server: cloudflare
etag: W/"eeebd7399b8d2ef0183ff5bf250fd9cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1Tj7PejdG6tffpIFGo_S5hJ69edcGd4D
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c24000032482d169000000001
cf-ray: 5fac1af369003248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 2514.081fe576.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 22ms
22ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2514.081fe576.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9017980afd649d3aa1245d7fcfa6c649dc837f75148c8a1734751a0ddacaba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568246
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4551DB38677C984E
x-amz-id-2: vIhdQE/IbIDvjv0b25E/2HKg+qi1ekcEH+T2Tmw/b7M5HoQ7u2FPgCsYniEpeIInQvzCweoUMvA=
last-modified: Tue, 24 Nov 2020 19:38:20 GMT
server: cloudflare
etag: W/"199f10b64e4818a363fb569993317765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vO7dpO4mBR6Ah2W9HW.Kx1BG2G51Yobt
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c33000032488fa97000000001
cf-ray: 5fac1af389413248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 2602.891716a3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 19ms
18ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2602.891716a3.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a8e1bdc1cf7180514bd05280615b4fa921e306cdd3d52bc04e7d96f4b94ee4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558333
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8933B22097680BAF
x-amz-id-2: Tx0sEI9rdyXBTu6wg7gnh5dPEGE6xTZ4VX/OROnKQNyw1BbWJ0wugl9iS6XGXK5RW90RjBO9l7Q=
last-modified: Tue, 24 Nov 2020 23:14:46 GMT
server: cloudflare
etag: W/"929a8c891c19942cff6bd1f2f0e997b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: N3lSrfh6BPcCfbxoEVKC_yblDrjqWTsm
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c3500003248700ad000000001
cf-ray: 5fac1af389433248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 6585.577bd590.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6585.577bd590.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189ac6b4e8e9d2ed6a5d9f6b7bae5f6f72f80b8db10aaa944e42891e7b5c949a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549591
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DBEAA9DA8D9386EF
x-amz-id-2: xiz4VhaI0gXzAE77KUEOoB9hwgbN7NBMbinaGkHuYc40oob4tQf2qh5p9kvyzd0Cqq7CPj3Xt8Q=
last-modified: Wed, 25 Nov 2020 01:40:56 GMT
server: cloudflare
etag: W/"b329a6e074f218e3affb130e1fab891c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yDWPcggNc051ymoHy2aA83RTevx0mx6B
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c36000032488797f000000001
cf-ray: 5fac1af389473248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 238.4eef5010.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 119 KB
33 KB 23ms
23ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/238.4eef5010.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0834746873c1735612ac9b0c5f7da3d42c983f086fd7eb891005cceb93429c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 490731
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8D57D528334F39CF
x-amz-id-2: Bju5I/Kwxu1oqEwqpqMjWqM+60+Eyin1nLfjvt0l4btU3F2DMi27hC4LI/0QSWzmhKm8s28yTS8=
last-modified: Wed, 25 Nov 2020 17:59:00 GMT
server: cloudflare
etag: W/"d51935c55a9d59a1b8c3c2309203674f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RWkJAf1.iGFYSHsTnCdD0eBVf84Kp_CL
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c360000324818a09000000001
cf-ray: 5fac1af3894a3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 3890.293c3bd1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
10 KB 29ms
28ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3890.293c3bd1.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571b2cbec52c4926a9344c8012553bdfd286dbe0fc5142027ff21b26d25fc76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51556
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0B135A863E5D2BB3
x-amz-id-2: ZTLVRLuCBB1Xr5zCtMwUOB43COODyXKHwUxzhXTMSJ9gRh8T9jozt7LVpw7CIk2Lc/GfiaQ5mYE=
last-modified: Mon, 30 Nov 2020 19:59:03 GMT
server: cloudflare
etag: W/"0f3000ac8f073bf2333ef5bcb81a1246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LFrZNEAzTuZgnzuIedg6RvJWzs_2XGb3
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c40000032480aae3000000001
cf-ray: 5fac1af3995d3248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 3981.001ab26c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 22ms
21ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3981.001ab26c.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af4a8188ece57bc71daa046d0f437469aa30bdec3b73e970e87baec45fb7cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1186325
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5C16A4D9E82401B5
x-amz-id-2: 37UzEWKmcGAvQ547j+0knzHkLl3csYr2djQFh1MeH30Xt5HwedNczr+KxyRSj26TFfWWZP/cNzc=
last-modified: Tue, 17 Nov 2020 16:42:44 GMT
server: cloudflare
etag: W/"2e3f03206df219baa4cba06dca9ce87d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MSXM8v27LJkZWN4NDt4AvoxPLquM94y9
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c4400003248223cd000000001
cf-ray: 5fac1af3a9703248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

GET
H2 200 Post.b670d793.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 33ms
33ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.b670d793.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa9c4b69929fbb25e3176266ef56aeda4d621cf66d6dfb059834c92e7c6d904

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568246
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A33CACBBCAB470B9
x-amz-id-2: HHIMFhgwPy0c9VvLoIv18OmkFpLxmLvfDL6+4QJx9KCm7dT+cGWx5+C47EXPuDLrKhQATzItSE4=
last-modified: Tue, 24 Nov 2020 19:40:03 GMT
server: cloudflare
etag: W/"262d234180463b72858cc578f85cd992"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zB21BbxOEAmGcmW_a6Ayg_R5jzL4DgKZ
cache-control: public, max-age=31536000
cf-request-id: 06bf6f2c48000032483b3b1000000001
cf-ray: 5fac1af3a9813248-FRA
expires: Wed, 01 Dec 2021 10:25:37 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 159ms
145ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 01 Dec 2020 10:25:38 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 144ms
143ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 01 Dec 2020 10:25:38 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 143ms
143ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
Bugsnag-Sent-At: 2020-12-01T10:25:38.213Z
Bugsnag-Api-Key: 39f69ce10b9bd0e6c60910cfa37f66af
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 01 Dec 2020 10:25:38 GMT
via: 1.1 google
bugsnag-session-uuid: 264af89a-3400-4260-9eb9-d9c328d1d22a
alt-svc: clear
content-length: 21
content-type: application/json

POST
H2 200 graphql Show response
blog.huntresslabs.com/_/ 93 B
384 B 295ms
294ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2b631da088298ffb7653f3eb6b1e319a6b222c9379cc9605a190d9bdbf037a63

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 714c26ff478b0eb1
Medium-Frontend-Path: /tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
Medium-Frontend-App: lite/main-20201201-010343-3c8b048983
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20201201-010343-3c8b048983
ot-tracer-spanid: 03b2440a3fdfd038

Response headers

date: Tue, 01 Dec 2020 10:25:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"5d-QwBrcqJDw702K0bASN4NRtANU3M"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, rito/main-20201130-215411-06322a06bb, tutu/medium-43121
x-envoy-upstream-service-time: 153
content-length: 93
x-request-received-at: 1606818338584

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
111 B 145ms
144ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
Bugsnag-Sent-At: 2020-12-01T10:25:38.789Z
Bugsnag-Api-Key: 39f69ce10b9bd0e6c60910cfa37f66af
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 01 Dec 2020 10:25:39 GMT
via: 1.1 google
bugsnag-session-uuid: 39dcab78-b24f-4c1f-ad8a-a6bf8363e792
alt-svc: clear
content-length: 21
content-type: application/json

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 48 KB
19 KB 94ms
27ms Script
application/x-javascript 13.35.253.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-198.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 02:51:05 GMT
Content-Encoding: gzip
Age: 27241
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Thu, 02 Apr 2020 00:28:20 GMT
Server: nginx
ETag: "5e8531a4-c079"
Content-Type: application/x-javascript
Via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: m4mItckyA6TBtEasxsEn9RtYqqo4IUW0fY8iCn1TqwfAD-yC9Y3UAg==
Expires: Wed, 02 Dec 2020 02:51:05 GMT

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 137ms
137ms Fetch
application/octet-stream 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:38 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 144ms
144ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29d41315266bf22651ed4cda3c266fbc8fb1bc0002937fbef60b3fcfe655bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f30e30000c2f9382aa000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1afb0919c2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:39 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 78 KB
24 KB 78ms
27ms Script
text/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=ece4789baa44
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: c7Vvzbb8uKgHcC4eD_pqp123QB.GvKI.
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 19 Nov 2020 17:43:28 GMT
Server: AmazonS3
Age: 244
ETag: "d4ba055ba82c0baa510053e92eb83211"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Tue, 01 Dec 2020 10:21:36 GMT
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 23541
X-Amz-Cf-Id: O5EbERr0a6p0RI6pvzxoe7tcluRr90nvcocc6JL0tbakfaIsXm0yCg==

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 131ms
131ms Fetch
application/octet-stream 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:39 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 132ms
132ms Fetch
application/octet-stream 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:39 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 a16180790160.html
a16180790160.cdn.optimizely.com/client_storage/ Frame 501C 0
0 97ms
34ms Document
text/html 104.111.218.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.144 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-144.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a16180790160.cdn.optimizely.com
:scheme: https
:path: /client_storage/a16180790160.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Response headers

x-amz-id-2: Vzw+XnJsTQpXiK/KcSfHwF+hj1yQ7HZlCKwgOuy5Wz2NGxmobkoo+cjsuAvgQfJhYfTI3r8eh3w=
x-amz-request-id: 3ECC304D22D68ABD
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Nov 2020 17:54:06 GMT
etag: "db1a6fc3079ea3f9814261a4949d7f5b"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: 53ukBAFqSDdejn.KnCYuS5EHihiRyyTn
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 781
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Tue, 01 Dec 2020 10:25:39 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="104.111.218.144";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 1*_TPY6BowD1l6K-FuztN1Vw.png
miro.medium.com/max/753/ 165 KB
165 KB 25ms
25ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/753/1*_TPY6BowD1l6K-FuztN1Vw.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34895e99c0b4f6b864504f51629f132bb39e5e9ed75ad6410d0c4909c34b5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13586
x-envoy-upstream-service-time: 698
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 168675
cf-request-id: 06bf6f34ea0000324887a35000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b017b393248-FRA
expires: Thu, 31 Dec 2020 10:25:40 GMT

GET
H2 200 1*SwPP7Qnr548RZgbMZR8EUA.png
miro.medium.com/max/1198/ 1 MB
1 MB 33ms
32ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1198/1*SwPP7Qnr548RZgbMZR8EUA.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7127bf7cc9ad4e983aa52574cce471c81317cd10c5cc663a9b8afdb4ed08c215

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13597
x-envoy-upstream-service-time: 125
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1083076
cf-request-id: 06bf6f34eb0000324886021000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b017b3c3248-FRA
expires: Thu, 31 Dec 2020 10:25:40 GMT

GET
H2 200 1*6Ty615ti71O2g97TP0AxbQ.png
miro.medium.com/max/1093/ 34 KB
34 KB 21ms
21ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1093/1*6Ty615ti71O2g97TP0AxbQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a199c8cfd1d51b610ec73cc657586c959ace2febc630d1481d036049337b66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3278
x-envoy-upstream-service-time: 173
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 34595
cf-request-id: 06bf6f34eb000032487016a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b017b3f3248-FRA
expires: Thu, 31 Dec 2020 10:25:40 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
740 B 187ms
172ms Script
text/javascript 2600:9000:20eb:8a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.57.1&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:8a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

94d11c23bfdbc17782fa31df87fabc66638bf767c739f4b02226f05321c0aba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 10:25:40 GMT
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty
X-Amz-Cf-Pop: FRA2-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-g1Yz9hNtD/E5VVWV3IlZGH5ULac"
X-Amz-Cf-Id: 3HQV5JNZDBC22faBw9cKqwkC1ius9NFcHwQwYddmGYGBEm7PWbCuCQ==

GET
H/1.1 200
OK /
srv-2020-12-01-10.pixel.parsely.com/plogger/ 43 B
229 B 489ms
121ms Image
image/gif 52.72.211.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-12-01-10.pixel.parsely.com/plogger/?rand=1606818340221&plid=93800831&idsite=medium.com&url=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&sref=&sts=1606818340205&slts=0&title=Tried+and+True+Hacker+Technique%3A+DOS+Obfuscation+%7C+by+John+Hammond+%7C+Nov%2C+2020+%7C+Huntress&date=Tue+Dec+01+2020+11%3A25%3A40+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&js=1&pvid=23620481&u=pid%3Da3c68ea8f14a6a4337b55858ecd2af42
Requested by: Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.211.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-211-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 10:25:12 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 1*6Ty615ti71O2g97TP0AxbQ.png
miro.medium.com/max/700/ 92 KB
92 KB 33ms
33ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*6Ty615ti71O2g97TP0AxbQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36efb6ec136836ace7e2e65c413c1426ec2d57fa5280845d15cfd8d37f02915

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3277
x-envoy-upstream-service-time: 233
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 93827
cf-request-id: 06bf6f35ab00003248389d4000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b02ae123248-FRA
expires: Thu, 31 Dec 2020 10:25:40 GMT

GET
H2 200 1*_TPY6BowD1l6K-FuztN1Vw.png
miro.medium.com/max/700/ 179 KB
179 KB 24ms
23ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*_TPY6BowD1l6K-FuztN1Vw.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3a947be2918a72dddb09e6b3b2b1d2fb4eb3435163ff6bccf5db46789ae960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13586
x-envoy-upstream-service-time: 945
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 183078
cf-request-id: 06bf6f35b600003248389d5000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b02be413248-FRA
expires: Thu, 31 Dec 2020 10:25:40 GMT

GET
H2 200 1*SwPP7Qnr548RZgbMZR8EUA.png
miro.medium.com/max/700/ 343 KB
343 KB 47ms
47ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*SwPP7Qnr548RZgbMZR8EUA.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3c608008784f5d078945e9b46bde4a42aa50a9f19c33195fe7dee97f67c78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13586
x-envoy-upstream-service-time: 607
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 351188
cf-request-id: 06bf6f35dc000032485519e000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b02fee93248-FRA
expires: Thu, 31 Dec 2020 10:25:40 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
640 B 188ms
165ms XHR
application/json 2600:9000:214f:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 3a09c5f2a80ffbe3c3e15513622a052cb71c4059d1ef4073a0fd2d88b0c61205

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 52131719c5234ea4a1b8719d4717dd52-2020120110
content-length: 312
x-amz-cf-id: o6VsLh14WqCKKK5tQbXUc4lcJ20fpMMyirhnsHD42BXYeLgMczTxOw==

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
386 B 113ms
113ms XHR
application/json 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33802cfbd5ef131d705f5d960c2eab42bb23f66bc98bc7a8f2d5c4f47834e7f4

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j2LIIrxB76d6R8rrbYMCCEWI%2Fi9RQLGpN8VffY1n57%2FTOkvS9nlPQRv4X3nx6QCA0EoJlzb9QGfZsUbzcai3rzb4KnAjoca15Ult05z90k%2BHy8i0MkxGzgesMZnT1JXrRzAAZuc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1b048adb0b74-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6f36d600000b74560f2000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 149ms
121ms Other 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f365b00000b7456809000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RsKwFU76T2sjlJkF55NjRwd2Nm61bN9Q7gHjVWDeSquItM2ql2j8WNY72KkUlhsSpOxMy0tOMaqHcqM%2BtdUB5BMi3tb6bKHi1qvqos8hs8o7J%2FChYCu2sBkKUkohZZTkh7o1GxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1b03c90b0b74-AMS

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ Frame 0
0 274ms
89ms Other 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 131ms
131ms Fetch
application/json 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 01 Dec 2020 10:25:40 GMT
content-length: 2
content-type: application/json

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
366 B 470ms
118ms XHR
text/plain 52.200.116.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.116.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-116-103.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 01 Dec 2020 10:25:40 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://blog.huntresslabs.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: c3c9db1d-75c0-46a6-9130-936c52872388

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
578 B 345ms
345ms XHR
application/json 2600:9000:214f:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

afc7668b26d42915889d1d064344124f74732f287fb60d294ca30ea2f97863ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 4e04a70dbece42ed81397ba4f6169412-2020120110
content-length: 180
etag: W/"b4-wpXEmxu82BlMUOswr/vox+HA0sg"
x-amz-cf-id: ok2isoV1dUqaoaNLOL3VNuQC5_180bZbRIVtcK304U3PDpOJ3xLEuA==

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 134ms
134ms Fetch
application/octet-stream 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:40 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
403 B 186ms
186ms XHR
application/json 2600:9000:214f:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f4d846345af241dbaebac90876471f41-2020120110
content-length: 28
x-amz-cf-id: nEON3ZRtDkzrhgqYwnFsOXHsJDFoylpX3TauOtr_eUmcV_Qr7yEE2w==

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
373 B 106ms
106ms XHR
application/json 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eadff83361218ee70c32815fb6d50e62b8d088da2fcaa9b2f1ed3384c3ce12f2

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rNLCHjYT9xNcKCgYJyrTw8nwOz6slzX2S%2Fpfwibl8pLFyUzIGv2wSi3iz3BDJDyY9ylfl85GLzF%2BhzIHJ%2BaSEu4g4QfWDBxFuX7v%2FCbgdhlPGEBdAK%2BcrfC98fmZPOn2Hdsl1%2BA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1b080a790b74-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6f390300000b743cb95000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 111ms
111ms Other 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f389400000b744f35e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FwbYVxTpzSFoAfohB5dhBHJjIQf5Ec8HXjY3F1eIml87QLJu9PfKt7ZLmGMlUMt2%2FKytFq%2BQU0cl%2F8mZCixxet7pGeE75Wgmf%2FHmeNO0flDR6GaprABDTLtj1EvmWF3VkTFioig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1b0758db0b74-AMS

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
402 B 206ms
206ms XHR
application/json 2600:9000:214f:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 9def336ff8d948c5a0fbcda841d7d50e-2020120110
content-length: 28
x-amz-cf-id: 02MwsI6xDqX6Ih3EkA_QLPq4Vo19mfatSFrwO0OA1BU0jAZ5Enem8A==

POST
H2 200 graphql Show response
blog.huntresslabs.com/_/ 282 B
574 B 428ms
428ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 29d88a4c797782f5494e9a76f78a58e0adfe54b883f8b1657e86a67f594e0cf5

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 714c26ff478b0eb1
Medium-Frontend-Path: /tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Graphql-Operation: PostResponsesQuery
content-type: application/json
accept: */*
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Medium-Frontend-App: lite/main-20201201-010343-3c8b048983
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20201201-010343-3c8b048983
ot-tracer-spanid: 03b2440a3fdfd038

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
sepia-upstream: medium
server: nginx
etag: W/"11a-mo/bu1nNNfkJpx7YM8yRoVaqm2U"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, rito/main-20201130-215411-06322a06bb, tutu/medium-43121
x-envoy-upstream-service-time: 294
content-length: 282
x-request-received-at: 1606818341359

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 110ms
109ms Other 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f3b0900000b7454320000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=onMT%2BgDVhoz%2BZBhaYMiZvmFiSJPS6AQZhzuks2d0KxjWvd%2FD%2FFhxADGhU6Cpf8GmOG%2FvwGM1fSBfau1CF4atLO2fh7Qtj5r979Cx%2FgYEl2aI9TWjLb9HZOFNfJtsciYh1MNwg9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1b0b4a230b74-AMS

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
370 B 115ms
115ms XHR
application/json 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0dd21a6e501ed8d34d40f6e7ea47fe53558cb3967eff41b46b66f419844bc5

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T%2FI2pxP1ocOrfqJyPtQVQL2jtEDolN5a5a1J1BOZal8bipovmQ6OmJ52ZejFVKz1YgvcyddbfiZwn0p30EMNG5vgCplqCTFyz9ojcwlG%2BbrpOCBmSjf3OPVTVsVpL93BKN7SjG0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1b0bfb8e0b74-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6f3b7700000b740592b000000001

GET
H2 200 responses.editor.f30a6fce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.f30a6fce.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.acdc9674.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000866562331ee0f5d1e9ba8b22a4c882e1b71edf9843fc627949dcee336f162

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 564436
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7E767C022BD1C248
x-amz-id-2: svPE78qoknnwQhRwg+HoQSZVOEVl//a8dfxvmZZLE9noOodUwxMyT29s5rmxTeN3AhTB7IsDTxo=
last-modified: Tue, 24 Nov 2020 19:38:46 GMT
server: cloudflare
etag: W/"2114c6993318b32c199f79d88765db36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: IlKW_U35gAGnuHkC31xaeOo0FvzGPTMd
cache-control: public, max-age=31536000
cf-request-id: 06bf6f3b5700003248393c4000000001
cf-ray: 5fac1b0bbe673248-FRA
expires: Wed, 01 Dec 2021 10:25:41 GMT

GET
H2 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 23ms
22ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d89fe2a311259082cd33278005e53e6e1da24c19665a9fcf832005f615808bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66365
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f3b610000c2f9b9b08000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b0bce4bc2f9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:25:41 GMT

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
611 B 123ms
122ms XHR
application/json 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a9945dec45e66dced789ec0856edf067f53f27f6197041ce2bcd25340ba8a5

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AFdKSXPeBd9rDm1DCcYvIxgKWRGE1jKIbxIWjjWUGeDLjILtt%2B4fWqaWYwVQOWrC5Td2cwo5a1kTIe6%2FdarmZJX8iehcDVm6xzpyHhSHFJz4JhVB%2BFsU89NjXLrDcxE2KqR4qYE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1b0f0ae30b74-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6f3d6200000b741712a000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 109ms
109ms Other 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:25:42 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f3cf700000b741711f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U1VY8rZzmRVySn3wbEw%2FNy1GgicqBkjfYRY%2Bm1cmAqQwGOn2nZvdBijklGghYPCCrhtbPmhPrfSNqmOYJSQhQKOMo4PTVkDI%2BtOJ01ocSUdtOG7CjtQCXJIkSPXrb1LF0Oc0Smw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1b0e59580b74-AMS

POST
H2 200 batch Show response
blog.huntresslabs.com/_/ 17 B
246 B 282ms
282ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-175-111.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:44 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb
x-envoy-upstream-service-time: 143
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 107ms
106ms Other 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:25:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f491100000b741614a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C36V5ozpMdQ7wvFCdEUAbS5VkPdKU7GVcq5mw557XYQ0Qv8LzzS1rOQmxaRVuHcv6mTurIi71jIfg32H8hLokU4cbjs4uuQcYQy2ZWyuJGlNdyuVSnqTH3kwCkA1%2BDf55cjFMLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1b21bdbb0b74-AMS

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
384 B 111ms
110ms XHR
application/json 2606:4700:e2::ac40:8b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03453c16cd9fcd2e8b5f88c13437c04cf2ef7429699ac8115010d34857fad8

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:25:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KWMJbsy%2BZQ%2BlYr90AY3Ij204NYF8nKdphESBoDEOhMwhoROFSgTrbYVLAL1V13OhFFF6559Shlvw3Ji7yOTPK8kMZoun6sW8w66V1gp0MaDKJIR0R8NIuhBk1FHY4PBo8Do0oYQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
cf-ray: 5fac1b225f810b74-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6f497c00000b746f834000000001

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.huntresslabs.com/	1970-01-19 14:20:20	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd%22%2C%22sref%22:%22%22%2C%22sts%22:1606818340205%2C%22slts%22:0}
blog.huntresslabs.com/	1970-01-19 14:30:23	Name: lightstep_session_id Value: 33b2891c43d224c2
.huntresslabs.com/	1970-01-19 14:20:18	Name: _gat Value: 1
.huntresslabs.com/	1970-01-20 07:51:30	Name: _ga Value: GA1.2.1666800607.1606818338
blog.huntresslabs.com/	1970-01-19 14:30:23	Name: lightstep_guid/lite-web Value: 5000a21d111a8126
blog.huntresslabs.com/	1970-01-19 23:05:54	Name: optimizelyEndUserId Value: lo_7ac8a3c91d24
.huntresslabs.com/	1970-01-19 14:21:44	Name: _gid Value: GA1.2.198774791.1606818338
blog.huntresslabs.com/	1970-01-19 23:05:54	Name: sid Value: 1:kKgHBSzdwVED0jvT8KzL0RZRXAcHbrV5cz8zPaKA6RYLgixyxtSi6ERBNwxchuUT
.huntresslabs.com/	1970-01-19 23:49:42	Name: _parsely_visitor Value: {%22id%22:%22pid=a3c68ea8f14a6a4337b55858ecd2af42%22%2C%22session_count%22:1%2C%22last_session_ts%22:1606818340205}
.huntresslabs.com/	1970-01-19 18:39:30	Name: optimizelyEndUserId Value: lo_7ac8a3c91d24
blog.huntresslabs.com/	1970-01-19 23:05:54	Name: uid Value: lo_7ac8a3c91d24

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e
console-api	debug	URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js(Line 2) Message: [bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	allow-from medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a16180790160.cdn.optimizely.com
api2.branch.io
app.link
blog.huntresslabs.com
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
d1z2jf7jlzjs58.cloudfront.net
glyph.medium.com
lightstep.medium.systems
logx.optimizely.com
medium.com
miro.medium.com
sessions.bugsnag.com
srv-2020-12-01-10.pixel.parsely.com
www.google-analytics.com
104.111.218.144
13.35.253.198
143.204.89.85
2600:1901:0:7a0b::
2600:1f18:24e6:b900:2edd:c3ca:8973:80e9
2600:9000:20eb:8a00:19:9934:6a80:93a1
2600:9000:214f:6800:11:f728:3040:93a1
2606:4700::6810:787f
2606:4700::6810:7991
2606:4700:e2::ac40:8b24
2a00:1450:4001:824::200e
2a02:26f0:6c00:2a0::13b8
52.200.116.103
52.4.175.111
52.72.211.240
000866562331ee0f5d1e9ba8b22a4c882e1b71edf9843fc627949dcee336f162
00a9945dec45e66dced789ec0856edf067f53f27f6197041ce2bcd25340ba8a5
05a7dcabcc1bde6b5b7d90eca8e955d02b7b4edb967d68f0c3ca69cb70ce5c09
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0eb2f8591bf82b158baed4b3df098f534abe34facad67d2d4089a0cd0ebc27fc
1422f4481001a4b056cb5eb392f37a870c27b6dd8699d76339693171f861dd6c
189ac6b4e8e9d2ed6a5d9f6b7bae5f6f72f80b8db10aaa944e42891e7b5c949a
1a8e1bdc1cf7180514bd05280615b4fa921e306cdd3d52bc04e7d96f4b94ee4b
1ff0062c9941bbb37fef46b01a764f394f912a5c32f243e7b83f68d2e2a4c45e
29d88a4c797782f5494e9a76f78a58e0adfe54b883f8b1657e86a67f594e0cf5
2b631da088298ffb7653f3eb6b1e319a6b222c9379cc9605a190d9bdbf037a63
2e5b87d5599d46165267a954b9c301e780c0fb3dfc1a67cdefc30c893e5a7dd0
2e7fdfacc4e27e4fff3082c27b10bbc44bca8ecb2f0997479f274945f3db046f
33802cfbd5ef131d705f5d960c2eab42bb23f66bc98bc7a8f2d5c4f47834e7f4
3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0
364f6c75955774aebff7e991251b546bc3be8bd6b8c2ec6992093954d2880ad1
387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3
3985530cca8fee2517132a65973535519fdb04a6909a724e72d915117f64a933
3a09c5f2a80ffbe3c3e15513622a052cb71c4059d1ef4073a0fd2d88b0c61205
3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c
3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb
40ac6fe649aa853633a57ab2ec0710a69fff6c8be308aae4aad815fb0deacc97
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4517fcc6a48b5aaeffa03c10355d940ac8eae23c2cf3a084236ec81d00f5c731
4cdc0d6a177fee9c9b7e878073d2e6643c9df2c2bbd200f40e4d69d9dd99d3ff
4d86f6376b7093cad80381bdbb47a15083da4e39fe2824597fb472cafff39265
521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019
559b03b627bb2a5cfa4390b674bdca59d21dfacfc9eea75a3e60d30382685d0b
571b2cbec52c4926a9344c8012553bdfd286dbe0fc5142027ff21b26d25fc76f
5bfdf5bcbd4190fae04b2917aaea593bd3b8d94ddf83e5920ec43561f229a911
5d763c16430d1b2bcf5bce9ccd775da63565aff441188d0f6f43346d7aa0125d
60f518c4f68845a3a5927592ebf038d67343b43aa8c4478ac08d27eb53300419
63ab6ef08adb3d2774fd7cbfa6d3b3674772f0f25da1b6e277ee27faa36817a5
6466f6c63fc6762dafcdab568fc0ba0fd6888964894962c7fd2e2fcacd049632
657f85f1f717dfcf71d54955f08094c8f627c55434576788f1fc5a9139c139d5
69fe1932aee01b8f2dd7e1e6b2a8855823b5d1dc105b7ece0ca2ea52d0f2589b
6af4a8188ece57bc71daa046d0f437469aa30bdec3b73e970e87baec45fb7cbf
7127bf7cc9ad4e983aa52574cce471c81317cd10c5cc663a9b8afdb4ed08c215
73514d2935414357d01b7dd044fa60f60e09a4d042c635bb501c8a18dc34d748
7886e0489f83052da46abf4683899d44b8fe057cd74877415952ae20a874a740
7a199c8cfd1d51b610ec73cc657586c959ace2febc630d1481d036049337b66f
7f0dd21a6e501ed8d34d40f6e7ea47fe53558cb3967eff41b46b66f419844bc5
82a83255ce888723b163f1e95d1a2f7b6d7e2a241aaaa910ab6a311c9b009176
853cb1692f14bfc48f727e3df77c2e7b1b90148d177f6b29b0568889b5c99cf7
87964eb6355d30f094783ac455d82db486e8708f4173849e9877816b99b34463
8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b
92a54050b72f702187bfbfca6be8216d42a8ab3d41561c79a30c9072d928df4d
93e2bdab31c9b4426963c8a650f70d7949866a4183bc4d92f0748167387c70c4
945265fc049de4e7c7240b6a9d3d5b2d924d894cea9cbf9a326822fda82528e4
94d11c23bfdbc17782fa31df87fabc66638bf767c739f4b02226f05321c0aba5
986bc1611e70a77171c4eb0f4cb97704e8e5213a1887cc97c1d2a65222cc2719
9c7eaa5bb774e38aefe57a609919b7ccb17a04ed6814b4f393813c459e1e34af
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a36efb6ec136836ace7e2e65c413c1426ec2d57fa5280845d15cfd8d37f02915
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a43927eb145c7567726c39d80ead36af48e7361fbcbe694a6a1547b1caab03cd
a6b01d33c6e2769909fd8f9c98c2ff5baeddd97018283bb69277254bf2f4a50a
a77af1069d7c8977e9150bbadd688736c38a51f37e47b7081e873cadabbda138
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a939d4d689b48d14f71cd65a597c64e139b37b4fb3b9c8347f38a7bd743918f7
a95c2d1819e4bc6d85452583779766ee4ad70cf9a9796ce5bae59ca402c97412
ac1de75b338674502d461c30831f74d7b3ce3188e4c9079971325b86f2fd6574
ac9017980afd649d3aa1245d7fcfa6c649dc837f75148c8a1734751a0ddacaba
ae3f007d404f170174f9a55d9860a17f7de63dacb881568d50042759316c2ca3
afc7668b26d42915889d1d064344124f74732f287fb60d294ca30ea2f97863ec
b4262a3cd34acac878ec9d934916863a4e79daebd8d6ab56865abcdea4305258
c277e6855ceaaed1944ea649f9c3f3e79f2c5a2a7cd4f1b667aabae4cad0b78c
c290ad72854fbe941062590695d72b90a25a8dc5856cd4c418bb69f14e918d5c
c29d41315266bf22651ed4cda3c266fbc8fb1bc0002937fbef60b3fcfe655bb8
c771333a7ff915d044d909b4934c00ed1d37502f12083cdff379b23f7a7adffd
c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737
ce3c608008784f5d078945e9b46bde4a42aa50a9f19c33195fe7dee97f67c78e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0834746873c1735612ac9b0c5f7da3d42c983f086fd7eb891005cceb93429c7
d1cf57b09a005b072eaeaac7afa0eadc241b3f37119e919c5b321d180ede1d6f
d22c4a9b9a7e6f5285b1555fa5041b0c809bdcaae42ac7ed733eecec9e00c10e
d34895e99c0b4f6b864504f51629f132bb39e5e9ed75ad6410d0c4909c34b5d8
d3a947be2918a72dddb09e6b3b2b1d2fb4eb3435163ff6bccf5db46789ae960e
d89fe2a311259082cd33278005e53e6e1da24c19665a9fcf832005f615808bf7
d9f4969854fa4004e00ddf84c2ca5ada59216aef292c3f6e7a5b1a73d90646f9
dccd53f97210b2d324484de530c8ffcbf41ebc6bf65682b000f967dcddbe00ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e460ff9134a80b4745d13464f518042d06fac2d9298b2ee35147fa7a6e3ee469
e543d83cad5f3e4973f7bb52280a9a1722a20ef3d71c4b99b7a7b60770bb2ac8
e8138c096e0fe75403f6c983d40d1867ffe44f231422bd4b66b19e02bdaf3f84
eadff83361218ee70c32815fb6d50e62b8d088da2fcaa9b2f1ed3384c3ce12f2
ecfd67952d341851f49558fd5b3314f9c54869c362801f51552e1a9df07c8ba8
ed08fb474169940e30e7861510226dd49b64853fb29496c2d304fcec88351ad0
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62
ff03453c16cd9fcd2e8b5f88c13437c04cf2ef7429699ac8115010d34857fad8
ffa9c4b69929fbb25e3176266ef56aeda4d621cf66d6dfb059834c92e7c6d904

blog.huntresslabs.com Open in urlscan Pro 52.4.175.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

100 %HTTPS

60 %IPv6

11 Domains

17 Subdomains

14 IPs

4 Countries

2961 kBTransfer

4935 kBSize

11 Cookies

39 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.huntresslabs.com Open in urlscan Pro
52.4.175.111 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

17
Subdomains

14
IPs

4
Countries

2961 kB
Transfer

4935 kB
Size

11
Cookies

111 HTTP transactions
0 data transactions