blog.prevailion.com Open in urlscan Pro
162.159.152.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubs.li/Q016Vdcr0
Effective URL:
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_mediu...
Submission: On March 28 via api (March 28th 2022, 3:25:34 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 86 HTTP transactions. The main IP is 162.159.152.4, located in and belongs to CLOUDFLARENET, US. The main domain is blog.prevailion.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 23rd 2022. Valid for: a year.

This is the only time blog.prevailion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:b34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	162.159.152.4 162.159.152.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 61	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	108.157.4.26 108.157.4.26	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:9e00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:6a00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
86	8

1 2606:4700::6812:b34 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hubs.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 162.159.152.4 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blog.prevailion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-26.dus51.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9e00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:6a00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 10286 glyph.medium.com — Cisco Umbrella Rank: 27326 miro.medium.com — Cisco Umbrella Rank: 17086 cdn-client.medium.com — Cisco Umbrella Rank: 30115	981 KB
16	prevailion.com 1 redirects blog.prevailion.com	35 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 784 api2.branch.io — Cisco Umbrella Rank: 458	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 98	20 KB
1	app.link app.link — Cisco Umbrella Rank: 2302	565 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1479	5 KB
1	hubs.li 1 redirects hubs.li — Cisco Umbrella Rank: 247388	564 B
86	7

	Domain	Requested by
50	cdn-client.medium.com	blog.prevailion.com cdn-client.medium.com
16	blog.prevailion.com	1 redirects cdn-client.medium.com
6	miro.medium.com	blog.prevailion.com
6	glyph.medium.com	blog.prevailion.com glyph.medium.com
4	api2.branch.io	cdn-client.medium.com
2	www.google-analytics.com	blog.prevailion.com cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	blog.prevailion.com
1	static.cloudflareinsights.com	blog.prevailion.com
1	medium.com	1 redirects
1	hubs.li	1 redirects
86	11

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
policy.medium.com
www.bleepingcomputer.com
knowable.fyi
christiantaillon.medium.com
help.medium.com
medium.statuspage.io
about.medium.com
blog.medium.com

Subject Issuer	Validity	Valid
blog.prevailion.com Cloudflare Inc ECC CA-3	`2022-03-23` - `2023-03-22`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2022-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Frame ID: BA0952AC316CA38F7D87B621D4B38FB7
Requests: 86 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IcedID, IcedID baby…. Today, Bleeping Computer reported on a… | by Prevailion | Mar, 2022 | Medium

Page URL History Show full URLs

https://hubs.li/Q016Vdcr0 HTTP 301
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?utm_content=202497615&utm_medium=social&utm_s... HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-ice... HTTP 302
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

86
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1065 kB
Transfer

3408 kB
Size

11
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?$canonical_url=https%3A%2F%2Fmedium.com/p/73d2c82d9d8&~feature=LoOpenInAppButton&~channel=ShowPostUnderUser&~stage=mobileNavBar
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=post_page--------------------------nav_reg--------------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=post_page--------------------------nav_reg--------------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fnotifications&source=--------------------------notifications_sidenav--------------
Title: Notifications

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Flists&source=--------------------------lists_sidenav--------------
Title: Lists

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fstories%2Fdrafts&source=--------------------------stories_sidenav--------------
Title: Stories

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=--------------------------new_post_sidenav--------------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=post_page--------------------------lo_home_nav--------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-rules-30e5502c4eb4?source=responses-----73d2c82d9d8-----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=-----73d2c82d9d8---------------------respond_sidebar--------------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fa634af22a2bc&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=post_page-a634af22a2bc----73d2c82d9d8---------------------follow_byline--------------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F73d2c82d9d8&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&source=--------------------------bookmark_header--------------

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/microsoft-exchange-targeted-for-icedid-reply-chain-hijacking-attacks/
Title: reported

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F73d2c82d9d8&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=-----73d2c82d9d8---------------------clap_footer--------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fa634af22a2bc%2F73d2c82d9d8&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=post_page-a634af22a2bc----73d2c82d9d8---------------------follow_footer--------------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fusers%2Fa634af22a2bc%2Flazily-enable-writer-subscription&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=-----73d2c82d9d8---------------------subscribe_user--------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/security?source=post_page-----73d2c82d9d8---------------security--------------------
Title: Security

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F48107cfae57&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Fteach-a-man-to-phish-48107cfae57&source=-----73d2c82d9d8----0-----------------bookmark_preview--------------

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page_footer_cta_write----------------------------------------
Title: Write on Medium

Search URL Search Domain Scan URL

URL: https://medium.com/tag/shieldsup?source=post_page-----73d2c82d9d8---------------shieldsup--------------------
Title: Shieldsup

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Ff402820ab658&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Fare-your-shields-up-f402820ab658&source=-----73d2c82d9d8----1-----------------bookmark_preview--------------

Search URL Search Domain Scan URL

URL: https://knowable.fyi/?utm_source=medium&utm_medium=referral&utm_campaign=medium-post-footer&source=post_page-----73d2c82d9d8-----------------------------------
Title: Try Knowable

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fa634af22a2bc&operation=register&redirect=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&user=Prevailion&userId=a634af22a2bc&source=post_page-a634af22a2bc-------------------------follow_profile--------------
Title: Follow

Search URL Search Domain Scan URL

URL: https://christiantaillon.medium.com/prophet-spider-exploits-citrix-sharefile-to-deploy-webshell-d2689abd4301?source=read_next_recirc---------0---------------------63c410fc_02de_45ba_97fc_91ead0b83d5a----------
Title: Prophet Spider Exploits Citrix ShareFile to Deploy Webshell

Search URL Search Domain Scan URL

URL: https://medium.com/@munishp/green-bubble-bullying-encryption-3ec44e330118?source=read_next_recirc---------1---------------------63c410fc_02de_45ba_97fc_91ead0b83d5a----------
Title: Green Bubble Bullying & EncryptionI have been a bit late with my new year posts. Too much thinking and scratching down ideas, and not enough posting. Here is one to keep you…

Search URL Search Domain Scan URL

URL: https://medium.com/@tingyeah/getting-pass-the-passwords-7a52878b1091?source=read_next_recirc---------2---------------------63c410fc_02de_45ba_97fc_91ead0b83d5a----------
Title: Getting Pass the PasswordsPasswords are as ubiquitous as water, but sometimes they are also the troublemaker. Can we live without them?

Search URL Search Domain Scan URL

URL: https://medium.com/@Perimeterwatch/the-downfall-of-revil-1519a5c37f0c?source=read_next_recirc---------3---------------------63c410fc_02de_45ba_97fc_91ead0b83d5a----------
Title: The Downfall of REvilBackground

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1
Title: About

Search URL Search Domain Scan URL

URL: https://knowable.fyi/
Title: Knowable

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubs.li/Q016Vdcr0 HTTP 301
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?utm_content=202497615&utm_medium=social&utm_source=twitter&hss_channel=tw-983606922338295808 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8%3Fhss_channel%3Dtw-983606922338295808%26utm_content%3D202497615%26utm_medium%3Dsocial%26utm_source%3Dtwitter HTTP 302
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request icedid-icedid-baby-73d2c82d9d8 Show response
blog.prevailion.com/
Redirect Chain

https://hubs.li/Q016Vdcr0
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?utm_content=202497615&utm_medium=social&utm_source=twitter&hss_channel=tw-983606922338295808
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8%3Fhss_channel%3Dtw-983606922338295808%26utm_content%3D202497615%26utm_medium%3Dso...
https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5

116 KB
27 KB

927ms
926ms

Document
text/html

162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31d3a5d319d49f6205104487d2a4e9539eb11e1aceec687e03baed4750730c17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-type: text/html; charset=utf-8
cf-ray: 6f3160ab8a0092b4-FRA
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self' https://medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, lite/main-20220328-114252-799dd3d863, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
medium-missing-time: 497
x-content-type-options: nosniff
x-envoy-upstream-service-time: 675
x-request-received-at: 1648481118112
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 28 Mar 2022 15:25:17 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
cf-ray: 6f3160aa6f0c6933-FRA
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2
pragma: no-cache
worker-missing-cookies: 2
x-content-type-options: nosniff
x-envoy-upstream-service-time: 38
x-frame-options: sameorigin
x-obvious-info: 20220328-1412-root,db81b62e
x-obvious-tid: 1648481117909:6a546397384f
x-opentracing: {"ot-tracer-spanid":"57a5662f12512e6f","ot-tracer-traceid":"31118d0ad5da8436","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 unbound.css
glyph.medium.com/css/ 12 KB
1 KB 33ms
24ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1723
x-envoy-upstream-service-time: 27
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 6f3160b18c206933-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Mon, 28 Mar 2022 17:25:18 GMT

GET
H2 200 1*YqvpTFSoxKsGAoITzbsLmw.png
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 128ms
118ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*YqvpTFSoxKsGAoITzbsLmw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c008de256364f60ad15b90d5410cb2e07f577438a99e4a51104083160fa10bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4215
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f3160b18c296933-FRA
expires: Wed, 27 Apr 2022 15:25:19 GMT

GET
H2 200 1*YqvpTFSoxKsGAoITzbsLmw.png
miro.medium.com/fit/c/176/176/ 10 KB
10 KB 118ms
118ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/176/176/1*YqvpTFSoxKsGAoITzbsLmw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b6fbb7ba1ecb2fd5eb93deabd95da93e61e71bd51e1521a7028285c206545c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9749
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f3160b18c236933-FRA
expires: Wed, 27 Apr 2022 15:25:19 GMT

GET
H2 200 0*MBjPm15e5dKfBE2K
miro.medium.com/focal/116/116/50/50/ 5 KB
5 KB 123ms
122ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/116/116/50/50/0*MBjPm15e5dKfBE2K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

335eaeb9c9cd6782e0d870ec0044df95c063a4a15c73957f50da22aeabad0189

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4970
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220318-173603-4801247b54
accept-ranges: bytes
cf-ray: 6f3160b18c266933-FRA
expires: Wed, 27 Apr 2022 15:25:19 GMT

GET
H2 200 1*882dbev4gCTSQyBiOOS1-A.jpeg
miro.medium.com/focal/116/116/50/50/ 3 KB
3 KB 22ms
21ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/116/116/50/50/1*882dbev4gCTSQyBiOOS1-A.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678cc8f251bdf5bdc7e4d10bf4d306971f64a1e80a708917cb450515b7001594

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13606
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2775
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220309-195817-93688b9a29
accept-ranges: bytes
cf-ray: 6f3160b18c276933-FRA
expires: Wed, 27 Apr 2022 15:25:18 GMT

GET
H3 200 0*7rywuW_rb4z0Sxe3.png
miro.medium.com/focal/116/116/50/50/ 21 KB
21 KB 49ms
28ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/116/116/50/50/0*7rywuW_rb4z0Sxe3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7c4d6b75c90365ce4bf34f3171ffae43a6a7959a065b1507e7e271f8d60045

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7013
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21274
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f3160b1de9d90ec-FRA
expires: Wed, 27 Apr 2022 15:25:19 GMT

GET
H2 200 manifest.27d769dc.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
9 KB 43ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53cf508fcbc8dc0ff7cb5dec4d7880062bf7388c13e3a95dd1de926821010ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12172
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVME9KSYS956Z75H
x-amz-id-2: SNsKUY/oBB6z6RjDUiD1mdejNJ1G6WDo5QXoV3WczzgIO3aLP1hiPNd43FodoMP9+9Tdkpq+9AQ=
last-modified: Mon, 28 Mar 2022 11:52:30 GMT
server: cloudflare
etag: W/"ef9991658a9a45e643975135e0cc9600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 9zxeg.aRc5SldcuyU23m9.o19KJuVcry
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b19c406933-FRA
expires: Tue, 28 Mar 2023 15:25:18 GMT

GET
H2 200 5786.875f6653.js Show response
cdn-client.medium.com/lite/static/js/ 694 KB
214 KB 34ms
26ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b6e70c1394c3674f594a67c516951e72cc55a78258bc5c07c20b19c32c84d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1088317
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: P2D83FG5GK22C8CE
x-amz-id-2: HwEPgIuuBToKkvWXx3kBFNgIRh9qXLakUdL3eto6kpgjTwBxVFpQT9cI/txExGYBn/qgpHbnCcI=
last-modified: Wed, 16 Mar 2022 00:17:47 GMT
server: cloudflare
etag: W/"4d35ffc3fe18287d59feeb978a40b02a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PBIi_VEzbsQXRZFfsYJIx2JgdPdcOgqp
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b19c396933-FRA
expires: Tue, 28 Mar 2023 15:25:18 GMT

GET
H2 200 main.a56dff99.js Show response
cdn-client.medium.com/lite/static/js/ 757 KB
187 KB 43ms
35ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f846234e07013c87c7fd3f86706df5e29a3f49020f8473e679de97d56a6b8187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12172
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVM04G1GFMVTZTRX
x-amz-id-2: Txdyr9T+2QiyTslzaEK5ADY9+FKMpmAQLNtpSejuGsrygKgPwl7UjuytXkrI3oWtd8k4uSe02Sw=
last-modified: Mon, 28 Mar 2022 07:40:05 GMT
server: cloudflare
etag: W/"0ca2b542e958ff2e54f6ab4cd380fb24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QvnR18i_RH8CzrMvzjnQvmwqqtVA2Fin
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b19c336933-FRA
expires: Tue, 28 Mar 2023 15:25:18 GMT

GET
H2 200 45573.4354ed57.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 33ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/45573.4354ed57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc001c0ba3d95353f2c8d38764e28c442347c6dadddea149097ce0b7699f2f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344955
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5Y52RH89SSH2XCFV
x-amz-id-2: uSKZPTAjtnaN7avFVqdyaJpMWtAtVhIx8QoDXqGBmPdSSXi2NZwzhPCQhQlStVTpGkpWC3Tl7aM=
last-modified: Mon, 04 Oct 2021 08:07:06 GMT
server: cloudflare
etag: W/"6a81d283b5003925b4a970b292bfcc5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: V72xGN9kaRcaybYuNsFR7RB7.fBonGvn
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b19c386933-FRA
expires: Tue, 28 Mar 2023 15:25:18 GMT

GET
H2 200 instrumentation.2147e77b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 31ms
24ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.2147e77b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc493c7b8e589367178f75c582b4e396cabd35c689ce76f55a8b9b4013f7f2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1018173
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9STDGRS55QZXJZYE
x-amz-id-2: 7PAk93EJIVctwTBwk6wyazsYQaaNv1FsPXJ1CuWQXhvfZVBLPOP0stswYFDxzY3U9FdXSVlpHdU=
last-modified: Wed, 16 Mar 2022 19:39:27 GMT
server: cloudflare
etag: W/"5dd442f84b5ac0b482e8d80c7e2499de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6qnqbjyGzG2a3AZzBA2yPWykJlD8rERb
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b19c366933-FRA
expires: Tue, 28 Mar 2023 15:25:18 GMT

GET
H2 200 10407.21469f6d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
8 KB 33ms
26ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/10407.21469f6d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32191fc1bbf7c6f43177169a896545a7efd8fc22a1fe1dcc46111c5b1e0eb9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1088317
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: P2D1K6NJNG1GSN9X
x-amz-id-2: jqB2JO54Jxkzx88WsbtBZRx+ndVl1hCr0hjvfdHRKForOvc9/0Hag86HxgYs33ly1g3vzHeSEiA=
last-modified: Wed, 16 Mar 2022 00:17:41 GMT
server: cloudflare
etag: W/"e875ec45f424aa3dca539beacbbeb6e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: M1p69xdI2LmhiA8Jrt9Iu_.bZhzYd0k2
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b19c346933-FRA
expires: Tue, 28 Mar 2023 15:25:18 GMT

GET
H3 200 49216.e3d3bf0a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 84ms
61ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/49216.e3d3bf0a.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba6d360084e097356f245ce7543f766c5248e0bee278d8ae9c8521ea12d4d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 595948
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0C8GDSPF0V2WNSZ9
x-amz-id-2: 6rNxWGQOxAB87bRvngdm7Ed+6Za7s2GSUuQ2NGhmLT1XZmwIq0Eqx0MsSzAu3EtDkhwYVpWBomU=
last-modified: Fri, 18 Mar 2022 18:28:38 GMT
server: cloudflare
etag: W/"631270a91dd93346b720a496a8f02732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: WAbNkiZ2Eo5.MkcHO0Bu8fSTVe4iu0Bg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e98e9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 AppLayout.9e8bd71c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 132 KB
26 KB 70ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AppLayout.9e8bd71c.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806e3de44965e1b8cb6b9035fd2f59890098395d9470bb138f2f1c7c520b8838

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12173
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVM19RHZ06XMETK1
x-amz-id-2: FkH4W10QNHDl4XbyXmOMHl5mslwFHj2fF0g4gSghMQDTiGDc4QmpMYtDG+bBxf4PoCA1OeJD8DQ=
last-modified: Mon, 28 Mar 2022 11:51:59 GMT
server: cloudflare
etag: W/"3ba25f2cda42fb0ccf9519611c274c4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ZK5zkuHUaF2X9xcUVb9sNiLDIvcYYLLn
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9819b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 reporting.55ddfe42.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 81ms
58ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.55ddfe42.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dcbb057aaa3f3862fa62e59268a0f84712ff18d95e58f6054b5e8e65da1811f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1102471
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6YVR4GHVAEF070S2
x-amz-id-2: wk9vu8KW0+sqQZz/RXrzjjKEa71T7ctb6W6uDFhACYuGKVgvnMz1bJi3eTKr2Vow+rIeQUsN5dE=
last-modified: Tue, 15 Mar 2022 19:22:19 GMT
server: cloudflare
etag: W/"7c194265458086c4dcb2319dd596fa3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: RkWTEv_52vi_a1c5MoizPgkqSDVmVA.n
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9829b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 79678.176160d5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 62ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/79678.176160d5.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b10267c3ee88798046b073d686b67c08c9944d07dcd31cdaf75283bb81c164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 240822
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z79CZF52G1JTHRZZ
x-amz-id-2: zjltxMeDK0lyVzNgMEVWoEdJXv2Fk3Dt1SVMyOKT8CCmtLPQhuoaNT+X457lpHSlVzKOlnvdEPk=
last-modified: Thu, 24 Mar 2022 21:28:17 GMT
server: cloudflare
etag: W/"33d3b4223ea00dbb910fa14f7ccf65ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6jOeHf2XmIqs8cPak0uZ8MxQOqfcVIqt
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9839b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
11 KB 62ms
40ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 539020
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KZ14F4DJ39Z3KD31
x-amz-id-2: EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified: Tue, 25 May 2021 18:36:29 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9849b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 7794.9590314e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 47ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549086
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZZ2GZ8XPEV2XSK8Q
x-amz-id-2: ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified: Tue, 25 May 2021 18:36:34 GMT
server: cloudflare
etag: W/"fdb51abd005c8009b18f0a8ff313072f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: edEnQQoOPA8J97QSUBTjXG.e16leDLA5
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9879b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 88316.3eb3bc8f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 66ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/88316.3eb3bc8f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66204696736f067a6c6b6aef7c31fb60ce32c0d3ee7e2fcfdd02968cfafbc3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1195306
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZEQ25AK45R9393FV
x-amz-id-2: o3Li30tN0FIycMY01bsau1HnmfHqF0+J9WgndUqhl8QJuWe1Rd96Nmwe/u6zK8kRSHZ7YIf/+DE=
last-modified: Mon, 28 Feb 2022 17:18:29 GMT
server: cloudflare
etag: W/"f8437eeda19b5b0b7bbd4144ccc8b183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: rZihHMQwz7gke6RRwtG9A3xuCP7UrTwK
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9899b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 82405.da63a51f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 67ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/82405.da63a51f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36b50ada1e5255d17ab3aa7055033497f20988643ee23d7dfd092afb32bb03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 244096
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DD7TT13F22A2YPMZ
x-amz-id-2: iFsLZukumsxXBzDSTZt3MqTUNhnE+x5+TxbYD0Uxo6INTVeCEfVkNGNDUJGxSPmCGe7/rSdO3HM=
last-modified: Fri, 11 Mar 2022 19:12:25 GMT
server: cloudflare
etag: W/"c083a6f887e38853c2f4a6d2ec8b8b36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Z_5ec7cs0VtfN5cbXbRTdRxJlRN.j9Tn
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e98b9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 75221.85bec25f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
7 KB 67ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/75221.85bec25f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

286d3c3c2d224f290f81501749d9b8144daf45545f4ede6b5dd0b1f87cc9b67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 244838
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VVK6X2S6WVP4FAGN
x-amz-id-2: ypYYbcpYxfBDbpyBisgVItzWx4R/2eNjYYEpL1QE6fVICOXoSMwYMQ3fOX9vQJunD0iCxSQ+y4g=
last-modified: Fri, 25 Mar 2022 18:59:03 GMT
server: cloudflare
etag: W/"500b0a7eea2dbaa45d43cae11cb1e58f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: lcqHyNV8Gt3ulhJE0ECWdY_hEEm4lZwA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e98c9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 27927.0c766d23.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 84ms
60ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/27927.0c766d23.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b1b357db4257d5d724fd3239cd33eea42ecbb19c70bd187ec1c27cc0ab569a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 595948
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0C8G0JW61DT86VNX
x-amz-id-2: dlWnM8CYYHT1RulpsJ2xne4Ah9uAn+D/ZMBbb0etjouS+liGC1bYwFUTFvGA2IhqSsXqyMMUw3E=
last-modified: Mon, 21 Mar 2022 16:47:22 GMT
server: cloudflare
etag: W/"b114132a37ad716cd78cad4f1cb2211d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 7TvBdccZ798tHqQ_ieRuyjjTs7PA.l7t
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9909b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 90786.25ebc206.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
1 KB 84ms
60ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/90786.25ebc206.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d927df45675ebfc6562b3c3cf41584e4aaf1382fcde2a277975527cf636cd3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 859896
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4Z2V17SW1CAFTSF2
x-amz-id-2: DdH0oxIcYaHpDLjQtQyJXXuIcn22yBNd94EuQaD5HdIrFCu5JUD2bymcO64BGYL5VPUw3R9SOU4=
last-modified: Thu, 17 Mar 2022 19:42:19 GMT
server: cloudflare
etag: W/"a7e7f17a6bf00754fedfc8a0dbef764a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Ghh41hKxMkS6Yxv.cqh7J2YbJIMXcnyt
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9929b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 95472.20329d15.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
1 KB 84ms
60ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/95472.20329d15.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddac8b642d7667b3fb9605ac5b043dcf21976aed041ad4d6221f0a0cc10a4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1052750
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VB7JM0MZD9N64C19
x-amz-id-2: 62pM59jlUpmPyB/NNbajRR6XJY8YHDj/vx2TJxtmYdhvjShIP2d0FF/SbMW7rjlXgOjsU6OBoek=
last-modified: Tue, 01 Feb 2022 17:29:46 GMT
server: cloudflare
etag: W/"50de8fb5ce00ed751fbb823a16e97e8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: XIHWq71pTxwdb1WMRePNF6jkHZia6sWW
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9939b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 59984.cee64d0e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 85ms
61ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/59984.cee64d0e.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7138bbd639d7c1f2fcc600aa16cce34b19c848458d60c3dbfc99548bcbbd4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 495206
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: X59FV7MHW7VY858W
x-amz-id-2: wTYZ45mXrTUJf06onN+BMzlnRSv0ATrf7ePk2/LC7ehJ5hcDWupPb7OJRmE58SJRHzGm5HGM2XQ=
last-modified: Tue, 22 Mar 2022 20:41:23 GMT
server: cloudflare
etag: W/"4348b75573b0e28421a6901f5587704b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: C0T9YgyCq1oir3KRpx.IJ5luttbsaTfs
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9949b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 47464.370de892.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 47 KB
14 KB 87ms
63ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/47464.370de892.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455375050d88ead9a24ecfe2d52327b76550c32b50bf1f07dc4eccc92c6bff16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 495206
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: X59E3GVD0VTZMPF0
x-amz-id-2: XOZ/oWDk+33Vny3EVCGGUE0rZkiZ0066DOBJcVHiJoiPllIijtrlleG07g0awX7Oum2Nx09nUyA=
last-modified: Tue, 22 Mar 2022 20:41:21 GMT
server: cloudflare
etag: W/"0f1ac145961d4cbd66c43327b773623b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: vuchsM.xMRL6S6AS2aJvxPg5plAT.EEg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9969b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 43303.6bbe36a7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 148 KB
38 KB 90ms
66ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/43303.6bbe36a7.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

811f0a6cd7059bcda8803ba795f70485266059400c6358a9e0a33dadc4473fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WMWG76RG3TGB63
x-amz-id-2: NUTMluNTvVuc3ES6z3eMXoZF6pDvFa/vkaE61oce4MeFBwILGQUw0eKapkNatWYKagUHxMCfNfM=
last-modified: Fri, 25 Mar 2022 11:12:16 GMT
server: cloudflare
etag: W/"f397d464e13b3c8184c625243c70915f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 2g6vEbbuxN9M.9iSYvy6JU9EDaS5q3Cu
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9979b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 69865.f2530e98.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
5 KB 58ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/69865.f2530e98.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

784539c7817ce17c2c5e79f4f230d64f515d66fe1b5f246b58ac68d52ae70541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 519923
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YKCQKB7CVVSKGBEZ
x-amz-id-2: xhxMA7nohbM/4GVYO+u0DW/jknLj68NV89TkBBl2m00Td4xbobuFVuPA/k43aqx6L98xHqmUuOU=
last-modified: Tue, 22 Mar 2022 14:19:03 GMT
server: cloudflare
etag: W/"07730d76737349c5419a6d30f286d360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6AnieVXvl.UU3.bZnZQjfJ.Az7GabtRD
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e97d9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 53818.52296386.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 44ms
23ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/53818.52296386.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d8da77d47f02b6a412aa009da47e063f92481c8998cea7ffb8f3151f209a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WW6917674VBAJF
x-amz-id-2: KRE6oA7efjLeLZxErxRTf0ylgtaIlTN1LTbk8r+wSsaN4/PLuR8mKicv0gViDyp6XQXPP+sPJAQ=
last-modified: Fri, 25 Mar 2022 17:23:57 GMT
server: cloudflare
etag: W/"6a5c5e0f86022f0800c3d958d1fa0779"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: iHBrLx30PLd7eTFcKY.JppYB7eWal2jh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9779b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 85057.d191adbc.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 77ms
56ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/85057.d191adbc.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4e7e7eecad1f5d66ee0eba4ec8caa34f97505d75f13d581a12e07e5125065d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235815
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HYTTHYA1W9V0PCGD
x-amz-id-2: MWR0kGl70jbYfoMvD5JSxqVd4YxkHd8/quwsnrhp1tRwhc442sSOV8yrAOPB5gcF2mLwAe3MGYI=
last-modified: Fri, 25 Mar 2022 21:22:20 GMT
server: cloudflare
etag: W/"b1a5453d84fc6c97ed8a1aeb8839a98f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Hq_oj50E_.smbpQIzlc579g1ZplnYQv5
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e97a9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 88246.12665b2e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 76ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/88246.12665b2e.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

becc68a7c505991521f9b9d7d3c36cbade7c1d60b11bf2ad2a4003111893f896

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WSC2SXNCDSCEZY
x-amz-id-2: SZU8gq4/Ry5+RiaC+8TmSgnzbbosVWecAAmavAAN77TcHZVuFcMoGpXYdC9+3FAqg82ysm/tM2I=
last-modified: Fri, 25 Mar 2022 11:12:22 GMT
server: cloudflare
etag: W/"c71921b5ba62c4e3f3fee917ae976f9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: iVyPLu5XNh6.YQ6eawsv8YF291Dl6SUx
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e97b9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 97332.3eda0eaa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 46ms
24ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/97332.3eda0eaa.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7037bc99db5e94064097d2c834521e7a848c30e5e28755f2be8edd6da733f100

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 399888
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A0W472VNGMPQBKGM
x-amz-id-2: 5LxB1c5TnxHDztZACm1sgpUONfe2XY9Xdf9GjF/40h2vzS8IY88fS2kJoICDcR+v9WsDkEXN1oc=
last-modified: Wed, 23 Mar 2022 21:12:16 GMT
server: cloudflare
etag: W/"575b7926a269102edfb77fc162f661bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 7eSc15bxUwsqliZjgPn7iCN_tgf27oPF
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e97c9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 28491.cf9aa3ed.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 40 KB
12 KB 69ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/28491.cf9aa3ed.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ef842e3ae27dc91e3b5638d688827e0440705b1bfd524795b9b9868003c8f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 850632
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 689WT1HJ8DWDXS46
x-amz-id-2: z9ocqxZdrgBSYrEnYeHoPuoBcmnpVDjEE9GDHcjmXJYtSF2khFiDyDo37MSBPs5mSOYKs+3lfkg=
last-modified: Fri, 18 Mar 2022 18:59:01 GMT
server: cloudflare
etag: W/"9ac1fb2203f159bd0cd64ba8183649ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: T6Dc6sh5_OyWYOiO3JdMVH.m1MJV_2bt
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e97e9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 31229.263afd61.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
9 KB 58ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/31229.263afd61.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0f46d99c8da6a8558f3939b77812880a265d53ab92fb19d20b5e1cc873c79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WNF33BK62HFXB8
x-amz-id-2: HWstKcraiRHvE+DEiIYKwdYkbhWE2dBJmHow4YbZJdhTO7Xy+HQTBL/TddKT6j8RNbvt3oi4Eco=
last-modified: Fri, 25 Mar 2022 11:12:14 GMT
server: cloudflare
etag: W/"5f64f1902f5cc84ef948b7850e6de795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: sj0TN4f_zmx7EyxTXg6lm06hLlWj5fbz
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9809b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 6562.02748b96.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 98ms
74ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6562.02748b96.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1291d6defeedae5742e64b55758a73014d4b3ad0d8a1d7178235c9d3bbb4c71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YKVG7H17FQBPQDK9
x-amz-id-2: vxg/OI86Q3ukPSsdQ67kQnlJTbjS1higUg4EtbqV9UhFce6uxU7Plf7PWTVJBI/KOIVyfFppeco=
last-modified: Thu, 17 Mar 2022 22:10:50 GMT
server: cloudflare
etag: W/"d1e6fb978b6a0e3464d41c63fe535e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PA6E0boEwLKL8wuXllx1rh8qQCt4Myjk
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9989b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 83284.3f2fce3d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 100ms
77ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/83284.3f2fce3d.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2297349f8e5107d539a75a74743999718116501fa0a7dbd2dbf9338bb680be85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WT7FFAJ91564H8
x-amz-id-2: 4h2H1PXDZbNCytWA02PKo3DpVRdSMn2P+FJd833Ue7ATJu5oOHnaBNqotl95twFOMcfawsSsZu4=
last-modified: Fri, 25 Mar 2022 11:12:21 GMT
server: cloudflare
etag: W/"062779d7478e6b357845cc8ab2daab6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Khn3.rXiUMwVSbLQ5nzhlTt59rNFuy27
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9999b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 50864.38e6c977.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
6 KB 101ms
78ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/50864.38e6c977.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806f2580733cea3a8c6e923ebb4d6b8f34a8f1584a9a70ac8d77fd6b0268f848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WJKWM8EXR5FE8N
x-amz-id-2: zJJVn3Ahr4uKuqWGzQQQLmEjDINTuETbfbNDT3h0z9tOcacwmhQM7hA4vowTo5EtE4VrMRjMzfU=
last-modified: Fri, 25 Mar 2022 11:12:18 GMT
server: cloudflare
etag: W/"d08b71b7706dd15b95e65419850bf5f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Pj0Cd1SGpemAeQZ9WvSJYeEMdlVKsS3u
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e99a9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 50082.93fc8de3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 102ms
79ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/50082.93fc8de3.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8a80bdd5cc9be1a7d3298446a05234198a2d54b76cfcd1c92cd45c7892a4f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19255
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PHKAFZJQB83R99FG
x-amz-id-2: hX4x0PP1R+y7RREOKij4TTQH/ZR/w49BIQvq0jL0vq/bVS9m5h4o5dCH3FNnNyq2RuFAdw4Y6KI=
last-modified: Wed, 23 Feb 2022 21:14:16 GMT
server: cloudflare
etag: W/"a29920d1a8f6d47d2d8f997210a88c1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jhoHMeUqdx2NrrG4dgUgsu2HeXnJRyNh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e99b9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 59616.82d95d9f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 104ms
81ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/59616.82d95d9f.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b92b3aa76fd104750c65fb109764aa542454a8415cd7076c4b07add95a242f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246022
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WX6KJDXX9M9S4D
x-amz-id-2: Cn4vMW50PFHKfl/ZvSUZmsANZqT5q8kx74fQ+FXVf9VP8FY+rF/XOpCDw/BQ2aYtdxZzosoHr4o=
last-modified: Fri, 25 Mar 2022 11:12:19 GMT
server: cloudflare
etag: W/"d4e8ddd27abdfe7cb7e8b06573f948f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: qThh_.MKYuDG4nfk6pV2vOCyM2ESXalc
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e99c9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 86970.ac2ccbc2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 86 KB
12 KB 104ms
81ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/86970.ac2ccbc2.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167f40a21d869faa7d5930bc4abf9372127482a203f7f682ddf80f0ad37d5b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 240822
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z7935YZ1JVTH6RXV
x-amz-id-2: Nfmx+U5eb4kAyfhcMjwd6VXtJzcwBluts47PreQE061rLhD5HcGuHswjIJgkz6Sq2/r/thu+dbg=
last-modified: Fri, 25 Mar 2022 19:11:48 GMT
server: cloudflare
etag: W/"ccd794d49bc46ba10a33784bacdfbbd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: DYzl.rZKM2tT1dFx3Fao4jkNBQLW.UMo
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e99f9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 28360.8df461a9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
11 KB 108ms
85ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/28360.8df461a9.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c26b078ee638c1a936dbcb0e537645e1dec1a12f2f8535389e460cc0ebed1ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235766
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HYTZAGMWBJEHBX8S
x-amz-id-2: gZA0AJq6twWp8dle0jdnShsLNH0BqmuhPvE8/0tXS5/3J7dWIrAL8dWAlfosctSrQYL/LUpXays=
last-modified: Fri, 25 Mar 2022 21:22:14 GMT
server: cloudflare
etag: W/"09d6d2d92b04b1e9953ac7282869f9fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QjfkNa.KDR_58xc0ygq_7OjgDj.Kncdw
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a09b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 65281.92cfc4b6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
3 KB 110ms
87ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/65281.92cfc4b6.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b816ada7ecfcf06e2f4aea734743505802467bcae5d6e20b6b0e0608791e1a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 286034
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: H09T05FC0BDM7FH2
x-amz-id-2: FwD9lkE15YH8ODUdfVMTRHcbi0f8UmG8LuqSRI4N3IVIS58V/LeOGCk3GkOkvd0gJA/vwbwWoKk=
last-modified: Mon, 28 Feb 2022 20:43:35 GMT
server: cloudflare
etag: W/"f40d011a367a2060d70d298fdff0f8be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hFuAJaZyLXS9.FUmr2yzZ8K8rxuihcUu
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a39b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 74991.d7c10f4b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 110ms
87ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/74991.d7c10f4b.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f4d750850d06bd78363c7231aaf2541025cf62064dfc8f9433cdf57821e8d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246021
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WYHVW7ABES3DGM
x-amz-id-2: 15afpk0JfGt7Z/HPIB1Eu03dtTic1ViP/PB3Ofy1lXQuVom/Jianq6yfrT1Do6k1DYBFiP4sFZc=
last-modified: Fri, 25 Mar 2022 11:12:20 GMT
server: cloudflare
etag: W/"251055d84ebe9fec2f95a811750e9790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jl_k5ky4qOwY10Tw61EHCVAEK4qhltvK
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a49b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 68054.da9be6f8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 111ms
87ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/68054.da9be6f8.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a98995e01c3796312d5d2cbf98cacfffd61c756a21a72f5458c234e01e8149a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246021
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 29WNP3W6GFFZC8V6
x-amz-id-2: F2DghT8ddSJHl9NhLTiQIFWDjnl2DPOuaZr+pNycQPbhm48/6k2GYRKnw46p4mgrZczJZoZLDHw=
last-modified: Fri, 25 Mar 2022 17:24:00 GMT
server: cloudflare
etag: W/"7263ce163217587d4c166cf87d5574db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: K13TIEP6QXG84Hpp552rAD1wwvmfg7ay
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a59b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 11914.8c229c33.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 32 KB
8 KB 117ms
94ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/11914.8c229c33.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd9df00e1e31db99807286a06e7655d4f71d7dfabe4f8daaf31114661288e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 244838
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VVKAAHZ9E3E8M759
x-amz-id-2: vAdMpxm31okC+8rib4POwhDvXcZrcdRLdKwRcNq7qJu4B1ltSrsgkybzQHFiFNuaYAg21Mkk4kw=
last-modified: Fri, 25 Mar 2022 18:58:54 GMT
server: cloudflare
etag: W/"ddf6a50313618387b824f24cf431527e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: v83aiO0PpYsKO0Ts_9CWHLTJqRUzmo3s
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a69b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 13954.7813077c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 80 KB
21 KB 122ms
98ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/13954.7813077c.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5bc2a61c6907c4fb6b4808d00db36af6134c72f23596a5578880d389ed1ba14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11937
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVMEY8TJGX7TW1EE
x-amz-id-2: mT1DbvMEnVnK0qpNeWTEs4r9zbA3bxQz2vB6/2YwhsmuSAbZf4Sn2nk1pzjUUrCFmTELl+1IOQA=
last-modified: Mon, 28 Mar 2022 09:04:57 GMT
server: cloudflare
etag: W/"428e4a2d7c534c9ecc16cb2f33fe2216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jnTjNRE9_BF4My6WOgPo9JDcKKymT41z
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a79b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 PostPage.MainContent.eea59952.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 82 KB
20 KB 122ms
99ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.eea59952.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf59df3234e1049d7ee781c03518de956d466fe9188913e4f1e6f8b9d8b6307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11903
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CVM4FZF7B93VSEWV
x-amz-id-2: W5XuNTpzs56+vwtM9ZSWvC9lzgRN/4S9T9AU/K7F0wC07HJt6Sku8ENgGIP//nYxEkLfNBSFXVY=
last-modified: Mon, 28 Mar 2022 09:05:21 GMT
server: cloudflare
etag: W/"9ccf95578aca0cf0cc9f2a95e294e818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: MH3xlHpCVRMm9PG2r1x12CnhnCqiflK3
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a89b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 75374.164f9ef6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
7 KB 130ms
107ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/75374.164f9ef6.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f89c031ae620088707128acda9e6f31668363026b0b118896ac601dc54e129f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1012997
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MK8KKA27R05C4XEW
x-amz-id-2: GTlFXQ0y+asnYrCuN+ulYq+o1j4pdMpb/392pPx+rNtXpdnXO2VplOVyTB6ybbIYvRNhk/L6I+g=
last-modified: Wed, 16 Mar 2022 21:07:43 GMT
server: cloudflare
etag: W/"d4ef45bb9a7793f42d0beb282930eebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: EpKUlpmhoU27x5Qd0zW6hYm3NFX67rRE
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9a99b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 PostPage.RightColumnContent.4310602b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 60 KB
15 KB 131ms
108ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.4310602b.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e912800f4c720fd063e5484c6245b4f5edb8c3141bba48fe9695b25966285f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235766
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HYTK6M2XDCGT6VXC
x-amz-id-2: CyKDuGSs/JhJ0ppDeJMMjkArITHX32WNgp5B+XeamNJyvxW0LXfM8rWlxT816rHcKKFuQ1kpiuM=
last-modified: Fri, 25 Mar 2022 21:22:36 GMT
server: cloudflare
etag: W/"530e99582d91aa6317e798b38de6a9c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: DTqK9nzGshYpIosDYKfV.GRRq113ZZEg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b1e9ab9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 71ms
46ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Origin: https://blog.prevailion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6f3160b1d83292ba-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 59ms
41ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4082766
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f3160b1ecc76933-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 40ms
24ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2731120
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f3160b1eccd6933-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 49ms
34ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2731120
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f3160b1eccf6933-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 49ms
33ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2438476
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f3160b1ecd06933-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 84792.d3cd03bb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 92 KB
24 KB 35ms
35ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/84792.d3cd03bb.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf724aa8e1275c52479a57bb65d042eea0484ac82a7355ca0f06ef55e3de13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 505548
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: H9PY76HJ19KVEMEX
x-amz-id-2: TzcNOZ0JhnXUl1WKNG8INb/Rh5+lznYPuunVEzoet1Mns1hBNu9bhtDSx2RE6uvRN2NqzpRhiK8=
last-modified: Tue, 11 Jan 2022 07:30:13 GMT
server: cloudflare
etag: W/"9123da6f6119097d2b86f6a331492e48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: guEmWTWycaWmN4glESZXA43SvXHWyexT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b5f80b9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 17084.0ad6f84c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 68 KB
19 KB 49ms
49ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/17084.0ad6f84c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a9783669bd80b6f8257a3cbc57b59d61ef424f1b95cabef9b15f4ad0f6a7df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 907031
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1NK27DMASCKVB6V9
x-amz-id-2: hmyg1Lm59ebx0V/eeZ1CWiC+ChEd+oBuWgHkKizNB8c03ENgsVLHqK8gi2Is2NxBGoAU8PLuyI8=
last-modified: Tue, 11 Jan 2022 07:30:05 GMT
server: cloudflare
etag: W/"08990a97629f3d698608356a8fe04c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 21J9XTkEPc2DrXwSiueOBhycR_IxpPbA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b6082e9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 28537.5067089b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 22ms
22ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/28537.5067089b.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b7abde05097fdb4edbbb9c6158fa2f58baa4a0395f31dd3a20297b5add78c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1106849
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: V2B0SEHT011ZS67M
x-amz-id-2: klOQVcjKGrdhn6Pp5gmXt6U4K4S20jvVSyw/PaMera1YyNMgsOi1lcCFtAh1gpaAIWYNo1HNujI=
last-modified: Mon, 28 Feb 2022 20:43:30 GMT
server: cloudflare
etag: W/"2def4ef2cd05551c2c82fa356348c7f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: TqG3zS7DW3tbEf9BMHvdPuKEAbN2D4hQ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b5f80e9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 83551.900f4958.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
8 KB 23ms
23ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/83551.900f4958.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca7d3dd894f3d14d18dd2992090092e020a3ec87e8f1d9aaa41d53e6dc314ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246012
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MTT15HXD40HW1WRM
x-amz-id-2: 15GBbYHVZB6MPG3NOFETzvA0VPC21Jz8cTT2N4TsD640sdN8ax8lkH7yHFjdP9LaAyACTGKTlFA=
last-modified: Fri, 25 Mar 2022 11:12:22 GMT
server: cloudflare
etag: W/"bda2b96323ae3345ecc94be234dc0f25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PFAlPy82RL1TyS3hgnW8TG_fk0Ys_AEh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b5f8139b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 67700.eeaa7e0c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 94 KB
27 KB 37ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/67700.eeaa7e0c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55df87ec035d89df94f70826361e38e4a6bec0a9832c497bb128c0625dff04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1088317
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BRW29CAS47K1J3VB
x-amz-id-2: e4lFUMMq2yxU9RfklPr2C5DTHJ9atDRhyT1XiqiSa6aXPzLhsL2vbqn5qMVClsK8EVu3y+uWZLM=
last-modified: Wed, 16 Mar 2022 00:17:48 GMT
server: cloudflare
etag: W/"bfe1f493706114f4a221c8611744adb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: cdKnVH5ozPK83bXwBae3eve8B5x9sOa7
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b5f8179b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 ThreadedResponsesSidebar.b8cfa963.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
8 KB 24ms
24ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.b8cfa963.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469761414373eddf673415e2f8c1da325b7427f61b2e41dc37fb1ac8df4b5a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246012
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A7QK2KGYFJP670FY
x-amz-id-2: fx4zkTePhnWTCLOO1E5Lnblc3K4yIahGM2IeKoN5TCBRVv2qD9f22WknYZpGqrD1HBYl4ybLuws=
last-modified: Fri, 25 Mar 2022 11:12:46 GMT
server: cloudflare
etag: W/"304403ee78ddf0b04a22d4d85ee712f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8BD7jboMz71uJkd0xsgFJPaRKamKvYnz
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b5f81b9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:19 GMT

GET
H3 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/24/24/ 383 B
790 B 20ms
19ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/24/24/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 245472
x-envoy-upstream-service-time: 25
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 383
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 6f3160b6de9590ec-FRA
expires: Wed, 27 Apr 2022 15:25:19 GMT

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 143 B
594 B 160ms
160ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c0c7f3ee9e569a5c37df54d13ec904f353795e6698e458e392c97e95fdc13f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Graphql-Operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"8f-Xi4MPOrsydasIahaGxhCu3qtEP8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2
cf-ray: 6f3160b7c8d99ba4-FRA
x-request-received-at: 1648481120063

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 108 B
609 B 205ms
204ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Graphql-Operation: PostPageMeterQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f3160b7c8e59ba4-FRA
x-request-received-at: 1648481120048

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 445 B
732 B 149ms
148ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cff798eec6d947de2e72cde3387c88391a1c83f73bbe733cf0021d3aa3696ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Graphql-Operation: UserViewerEdge
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1bd-4Mm9gh2M7CwWefqOP3UzUvVdVvI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f3160b7c8ea9ba4-FRA
x-request-received-at: 1648481120041

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 33 B
518 B 142ms
141ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33
x-xss-protection: 0
server: cloudflare
etag: W/"21-wYWzkSPGnZEMaisoTvxqzNqNGzY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f3160b7c8eb9ba4-FRA
x-request-received-at: 1648481120039

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 281 B
718 B 164ms
164ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb4a3cfbc7c796bcb262a335d645166224bef8cef9ddfca1f788a30906022b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Graphql-Operation: PostViewerEdgeQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"119-EbfDfaTGFcHGJ7+dJMAiW4mhCeU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f3160b7c8ec9ba4-FRA
x-request-received-at: 1648481120039

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 101 B
576 B 133ms
133ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3596252db80a5dc638d16bbff3fe4b2af18b33b74fa79b85d202c0fdbbf185

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 18
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"65-e0XH3U6w9x6zBnGkKIqBa6Mc8IM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2
cf-ray: 6f3160b7c8ee9ba4-FRA
x-request-received-at: 1648481120034

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 95 B
597 B 188ms
187ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc244aa9f9da8143735e6db7e3d7f55a88ecbfb78da3a340c2948b02bc2197bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"5f-+07MDoKsWJ/Yy7v5xKbK1VZNUNg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f3160b7c8ef9ba4-FRA
x-request-received-at: 1648481120062

GET
H3 200 responses.editor.8bef621e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.8bef621e.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.27d769dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30594caa19ac354e70c3a6d9c54d2caf5ebae6fae8fbbb1ba9cc25729a3a7f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 321636
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: T9NZYST264RJQQGC
x-amz-id-2: yOr9/jart2NgUfiCHB4xe+cYSRbIOJ2m4merXiAm07Qetzgbky5xrlCaRFnLRbaqysjbuxelqjU=
last-modified: Thu, 10 Mar 2022 00:22:13 GMT
server: cloudflare
etag: W/"f75b4886e7a40ecf48aa22c1481b0ba7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: RU1Bt7PwbpJtgjZEVBUNb4amD96Sskoq
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f3160b7fafa9b2b-FRA
expires: Tue, 28 Mar 2023 15:25:20 GMT

GET
H3 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 31ms
31ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://blog.prevailion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2764071
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6f3160b808096933-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 28 Mar 2023 15:25:20 GMT

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 462 B
718 B 199ms
198ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

369f3a93b4246b349e3dd661b49d8a758f68ef39d794f8b4a7b1b7072ef2409b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1ce-jJqMkxM0KUxXuoHdPGUr9SEDWqg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220326-005548-4cd76cd133
cf-ray: 6f3160b85a099ba4-FRA
x-request-received-at: 1648481120166

POST
H3 200 rum Show response
blog.prevailion.com/cdn-cgi/ 0
205 B 12ms
10ms XHR
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
content-type: application/json

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://blog.prevailion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6f3160b85a0b9ba4-FRA
vary: Origin

POST
H3 200 /
blog.prevailion.com/_/clientele/reports/performance/ 0
0 158ms
158ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6f3160b9ac9b9ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
blog.prevailion.com/_/clientele/reports/performance/ 0
0 157ms
157ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6f3160b9bca29ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
blog.prevailion.com/_/clientele/reports/performance/ 0
0 151ms
151ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, clientele/main-20220316-184641-e0679cbb6f
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6f3160b9bca39ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4834
date: Mon, 28 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 16:04:46 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 41ms
14ms Script
text/javascript 108.157.4.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: blog.prevailion.com
URL: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8?hss_channel=tw-983606922338295808&utm_content=202497615&utm_medium=social&utm_source=twitter&gi=bc9dfe521a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-26.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id: dPcbo._dc8laXt1CGk.P2lrH66o74Yit
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 16:27:46 GMT
server: AmazonS3
age: 35
etag: "49d34b8e058b253d35893807b3bac09d"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 28 Mar 2022 15:24:46 GMT
x-amz-cf-pop: DUS51-P2
content-length: 23872
x-amz-cf-id: b4NimaqwlOUFmhWfvQs0xb1Z6YTp6GmpmAb6OgBB3IJin98NX0BDQQ==

GET
H2 200 _r Show response
app.link/ 91 B
565 B 200ms
159ms Script
text/javascript 2600:9000:2156:9e00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.59.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9e00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

a77317f37e5948343bd594d5c43a046d9f8f4d8ecce49dd274baf0766ab61f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
etag: W/"5b-dKFKLKoYR1I7zbiPZbL9jmNw9XA"
x-amz-cf-id: CnQv-6-y8A-ZQ9E1pe3-f9xcFy0MKluL92vQNjIcdOATi04iSq5d9w==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=880047599&t=pageview&_s=1&dl=https%3A%2F%2Fblog.prevailion.com%2Ficedid-icedid-baby-73d2c82d9d8&ul=en-us&de=UTF-8&dt=IcedID%2C%20IcedID%20baby%E2%80%A6.%20Today%2C%20Bleeping%20Computer%20reported%20on%20a%E2%80%A6%20%7C%20by%20Prevailion%20%7C%20Mar%2C%202022%20%7C%20Medium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=617926640&gjid=473406233&cid=693579986.1648481121&tid=UA-24232453-2&_gid=1788884717.1648481121&_r=1&_slc=1&z=1760076098

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 15:25:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.prevailion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 graphql Show response
blog.prevailion.com/_/ 7 KB
2 KB 270ms
269ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacb428f5e63dfec55fbd64be54568cc7a782ad8db18bce648f989e92fdd10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
Accept-Language: de-DE,de;q=0.9
ot-tracer-traceid: 5f96da563e3bc19c
Medium-Frontend-Path: /icedid-icedid-baby-73d2c82d9d8
Graphql-Operation: PostNextFiveStoriesUser
content-type: application/json
accept: */*
Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Medium-Frontend-App: lite/main-20220328-114252-799dd3d863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
apollographql-client-version: main-20220328-114252-799dd3d863
ot-tracer-spanid: 24da05c5227a34d5

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 91
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1dde-hDMrQTTexmmlOY7FL+vAnIP8Snk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2, rito/main-20220328-085735-95f207d6f2, tutu/main-20220328-141114-db81b62e3b
cf-ray: 6f3160bbb8f99ba4-FRA
x-request-received-at: 1648481120724

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
628 B 230ms
192ms XHR
application/json 2600:9000:2156:6a00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 351ac7aa04b25a47a8d300bda3af7aa50662ca66f43a38cf780cb74d5d32ee8d

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:25:20 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: d381b51013124dd0bcf1361530563d2b-2022032815
content-length: 316
x-amz-cf-id: -ahhykQQ27G6AFaAcDfpVQOrbq3QQ0_PGSDBkojhGJjrNr012seceg==

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
565 B 193ms
193ms XHR
application/json 2600:9000:2156:6a00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

60bc4ba51e65bf2cd1eb4e1deeb1ae0bd18981b8fa1a0009eeee609fd1e5411c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:25:21 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"b7-9DS6jlrRgo39NKnw+dxgu2Csdh8"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 16651eabe85849f7bc1f89ac712f925b-2022032815
content-length: 183
x-amz-cf-id: xKMuMjaAcwT6VwgshaGKNLIkac_HJogij8tq_aAO_PcEScxwZOEALA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
388 B 174ms
173ms XHR
application/json 2600:9000:2156:6a00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:25:21 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 957d4b3e74de45d8a0797f6c76376397-2022032815
content-length: 28
x-amz-cf-id: jLCugy6kGEVQIeGDjA6YQjaN7Dm32G69n3_psM6iKOWQWmD8PY3ipw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
386 B 203ms
203ms XHR
application/json 2600:9000:2156:6a00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5786.875f6653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Mar 2022 15:25:21 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 1971248918624bc58c0174fe5054f132-2022032815
content-length: 28
x-amz-cf-id: pvnAWVDZcacVFbP8aie8Is17KYed5M0W_PkS82kzKlaUA8dYfKHs1A==

POST
H3 200 batch Show response
blog.prevailion.com/_/ 17 B
363 B 444ms
443ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.prevailion.com/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a56dff99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.prevailion.com/icedid-icedid-baby-73d2c82d9d8
x-xsrf-token: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
content-type: application/json

Response headers

date: Mon, 28 Mar 2022 15:25:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: application/json
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220328-085735-95f207d6f2
x-envoy-upstream-service-time: 169
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6f3160d53f0a9ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.prevailion.com/	1969-12-31 23:59:59	Name: __cfruid Value: c1960bcc4f90df40392ea3ee188cc8f4d902b4b2-1648481117
.medium.com/	1970-01-20 10:40:17	Name: uid Value: lo_f2c6edb4aa63
.medium.com/	1970-01-20 10:40:17	Name: sid Value: 1%3AeGC13afmvlwi8bLeEZ9Fm%2BIgbxgrwo8JC6tmx2lNG1Rv1lPh3lPty%2BbBvf0VIaCL
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 895768e67b250884e1bb5e9616707820c026a72e-1648481117
blog.prevailion.com/	1970-01-20 10:40:17	Name: sid Value: 1:gSa7ex8SLWe1V8FF8ulfCCVtHNGG2ZYQpkvceXlA8AEKGL/KLWdX3vMaj1pqYD/o
blog.prevailion.com/	1970-01-20 10:40:17	Name: uid Value: lo_f2c6edb4aa63
blog.prevailion.com/	1970-01-20 01:54:42	Name: _dd_s Value: rum=0&expire=1648482019676
.prevailion.com/	1970-01-20 19:25:53	Name: _ga Value: GA1.2.693579986.1648481121
.prevailion.com/	1970-01-20 01:56:07	Name: _gid Value: GA1.2.1788884717.1648481121
.prevailion.com/	1970-01-20 01:54:41	Name: _gat Value: 1
.app.link/	1970-01-20 10:40:17	Name: _s Value: iHTTq9nd7CEYoUytEjcuqZR%2BIT2JWbkoD0OMKpAmIe849sTdlJErFC%2BCTtn8JK%2F6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
blog.prevailion.com
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
hubs.li
medium.com
miro.medium.com
static.cloudflareinsights.com
www.google-analytics.com
108.157.4.26
162.159.152.4
2600:9000:2156:6a00:11:f728:3040:93a1
2600:9000:2156:9e00:19:9934:6a80:93a1
2606:4700:440e::ac40:9c1a
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6812:b34
2a00:1450:4001:827::200e
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0b92b3aa76fd104750c65fb109764aa542454a8415cd7076c4b07add95a242f6
0c0c7f3ee9e569a5c37df54d13ec904f353795e6698e458e392c97e95fdc13f8
0cff798eec6d947de2e72cde3387c88391a1c83f73bbe733cf0021d3aa3696ce
1291d6defeedae5742e64b55758a73014d4b3ad0d8a1d7178235c9d3bbb4c71c
167f40a21d869faa7d5930bc4abf9372127482a203f7f682ddf80f0ad37d5b39
1b6e70c1394c3674f594a67c516951e72cc55a78258bc5c07c20b19c32c84d78
1b7abde05097fdb4edbbb9c6158fa2f58baa4a0395f31dd3a20297b5add78c40
2297349f8e5107d539a75a74743999718116501fa0a7dbd2dbf9338bb680be85
286d3c3c2d224f290f81501749d9b8144daf45545f4ede6b5dd0b1f87cc9b67c
30594caa19ac354e70c3a6d9c54d2caf5ebae6fae8fbbb1ba9cc25729a3a7f83
31b6fbb7ba1ecb2fd5eb93deabd95da93e61e71bd51e1521a7028285c206545c
31d3a5d319d49f6205104487d2a4e9539eb11e1aceec687e03baed4750730c17
32191fc1bbf7c6f43177169a896545a7efd8fc22a1fe1dcc46111c5b1e0eb9a4
335eaeb9c9cd6782e0d870ec0044df95c063a4a15c73957f50da22aeabad0189
34b10267c3ee88798046b073d686b67c08c9944d07dcd31cdaf75283bb81c164
351ac7aa04b25a47a8d300bda3af7aa50662ca66f43a38cf780cb74d5d32ee8d
369f3a93b4246b349e3dd661b49d8a758f68ef39d794f8b4a7b1b7072ef2409b
3cd9df00e1e31db99807286a06e7655d4f71d7dfabe4f8daaf31114661288e40
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
3f89c031ae620088707128acda9e6f31668363026b0b118896ac601dc54e129f
455375050d88ead9a24ecfe2d52327b76550c32b50bf1f07dc4eccc92c6bff16
469761414373eddf673415e2f8c1da325b7427f61b2e41dc37fb1ac8df4b5a07
5ba6d360084e097356f245ce7543f766c5248e0bee278d8ae9c8521ea12d4d43
60bc4ba51e65bf2cd1eb4e1deeb1ae0bd18981b8fa1a0009eeee609fd1e5411c
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
66204696736f067a6c6b6aef7c31fb60ce32c0d3ee7e2fcfdd02968cfafbc3da
678cc8f251bdf5bdc7e4d10bf4d306971f64a1e80a708917cb450515b7001594
6c008de256364f60ad15b90d5410cb2e07f577438a99e4a51104083160fa10bb
6c3596252db80a5dc638d16bbff3fe4b2af18b33b74fa79b85d202c0fdbbf185
7037bc99db5e94064097d2c834521e7a848c30e5e28755f2be8edd6da733f100
784539c7817ce17c2c5e79f4f230d64f515d66fe1b5f246b58ac68d52ae70541
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
806e3de44965e1b8cb6b9035fd2f59890098395d9470bb138f2f1c7c520b8838
806f2580733cea3a8c6e923ebb4d6b8f34a8f1584a9a70ac8d77fd6b0268f848
811f0a6cd7059bcda8803ba795f70485266059400c6358a9e0a33dadc4473fd6
8a9783669bd80b6f8257a3cbc57b59d61ef424f1b95cabef9b15f4ad0f6a7df9
8ca7d3dd894f3d14d18dd2992090092e020a3ec87e8f1d9aaa41d53e6dc314ef
8cf724aa8e1275c52479a57bb65d042eea0484ac82a7355ca0f06ef55e3de13c
8dcbb057aaa3f3862fa62e59268a0f84712ff18d95e58f6054b5e8e65da1811f
8ef842e3ae27dc91e3b5638d688827e0440705b1bfd524795b9b9868003c8f2b
8f4d750850d06bd78363c7231aaf2541025cf62064dfc8f9433cdf57821e8d33
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
9cb4a3cfbc7c796bcb262a335d645166224bef8cef9ddfca1f788a30906022b5
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
a77317f37e5948343bd594d5c43a046d9f8f4d8ecce49dd274baf0766ab61f05
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a98995e01c3796312d5d2cbf98cacfffd61c756a21a72f5458c234e01e8149a1
aa0f46d99c8da6a8558f3939b77812880a265d53ab92fb19d20b5e1cc873c79b
abf59df3234e1049d7ee781c03518de956d466fe9188913e4f1e6f8b9d8b6307
afacb428f5e63dfec55fbd64be54568cc7a782ad8db18bce648f989e92fdd10c
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b55df87ec035d89df94f70826361e38e4a6bec0a9832c497bb128c0625dff04c
b5bc2a61c6907c4fb6b4808d00db36af6134c72f23596a5578880d389ed1ba14
b7138bbd639d7c1f2fcc600aa16cce34b19c848458d60c3dbfc99548bcbbd4e5
b816ada7ecfcf06e2f4aea734743505802467bcae5d6e20b6b0e0608791e1a3d
bb4e7e7eecad1f5d66ee0eba4ec8caa34f97505d75f13d581a12e07e5125065d
bc001c0ba3d95353f2c8d38764e28c442347c6dadddea149097ce0b7699f2f94
becc68a7c505991521f9b9d7d3c36cbade7c1d60b11bf2ad2a4003111893f896
c26b078ee638c1a936dbcb0e537645e1dec1a12f2f8535389e460cc0ebed1ace
c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a
cc244aa9f9da8143735e6db7e3d7f55a88ecbfb78da3a340c2948b02bc2197bc
d53cf508fcbc8dc0ff7cb5dec4d7880062bf7388c13e3a95dd1de926821010ab
d927df45675ebfc6562b3c3cf41584e4aaf1382fcde2a277975527cf636cd3f9
dc493c7b8e589367178f75c582b4e396cabd35c689ce76f55a8b9b4013f7f2a8
ddac8b642d7667b3fb9605ac5b043dcf21976aed041ad4d6221f0a0cc10a4376
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a80bdd5cc9be1a7d3298446a05234198a2d54b76cfcd1c92cd45c7892a4f42
e912800f4c720fd063e5484c6245b4f5edb8c3141bba48fe9695b25966285f5b
f1b1b357db4257d5d724fd3239cd33eea42ecbb19c70bd187ec1c27cc0ab569a
f1d8da77d47f02b6a412aa009da47e063f92481c8998cea7ffb8f3151f209a60
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f36b50ada1e5255d17ab3aa7055033497f20988643ee23d7dfd092afb32bb03b
f846234e07013c87c7fd3f86706df5e29a3f49020f8473e679de97d56a6b8187
fa7c4d6b75c90365ce4bf34f3171ffae43a6a7959a065b1507e7e271f8d60045
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

blog.prevailion.com Open in urlscan Pro 162.159.152.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

78 %IPv6

7 Domains

11 Subdomains

8 IPs

3 Countries

1065 kBTransfer

3408 kBSize

11 Cookies

40 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.prevailion.com Open in urlscan Pro
162.159.152.4 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1065 kB
Transfer

3408 kB
Size

11
Cookies

86 HTTP transactions
0 data transactions