blog.huntresslabs.com Open in urlscan Pro
52.4.225.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Effective URL:
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
Submission: On December 01 via api (December 1st 2020, 10:26:24 am UTC) from US

Summary HTTP 108 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 108 HTTP transactions. The main IP is 52.4.225.124, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is blog.huntresslabs.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 30th 2019. Valid for: a year.

This is the only time blog.huntresslabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	52.4.225.124 52.4.225.124	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6810:7c7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
74	2606:4700::68... 2606:4700::6810:7591	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	13.35.253.82 13.35.253.82	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.89.2 143.204.89.2	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.144 104.111.218.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:b600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.174.23.13 54.174.23.13	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:214... 2600:9000:214f:5200:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:e2:... 2606:4700:e2::ac40:8a24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9	14618 (AMAZON-AES) (AMAZON-AES)
1	52.200.116.103 52.200.116.103	14618 (AMAZON-AES) (AMAZON-AES)
108	14

9 52.4.225.124 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-225-124.compute-1.amazonaws.com

blog.huntresslabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7c7f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 2606:4700::6810:7591 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-82.fra6.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-2.fra50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.144 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-144.deploy.static.akamaitechnologies.com

a16180790160.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:b600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.23.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-23-13.compute-1.amazonaws.com

srv-2020-12-01-10.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:5200:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:e2::ac40:8a24 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.116.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-116-103.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	3 MB
10	medium.systems lightstep.medium.systems	2 KB
9	huntresslabs.com 1 redirects blog.huntresslabs.com	44 KB
5	branch.io cdn.branch.io api2.branch.io	26 KB
3	optimizely.com cdn.optimizely.com a16180790160.cdn.optimizely.com logx.optimizely.com	93 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
2	google-analytics.com www.google-analytics.com	19 KB
1	parsely.com srv-2020-12-01-10.pixel.parsely.com	229 B
1	app.link app.link	742 B
1	cloudflare.com cdnjs.cloudflare.com	17 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	19 KB
108	11

	Domain	Requested by
33	cdn-client.medium.com	blog.huntresslabs.com cdn-client.medium.com
30	miro.medium.com	blog.huntresslabs.com
11	glyph.medium.com	blog.huntresslabs.com glyph.medium.com
10	lightstep.medium.systems	cdn-client.medium.com
9	blog.huntresslabs.com	1 redirects cdn-client.medium.com
4	api2.branch.io	cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	www.google-analytics.com	blog.huntresslabs.com www.google-analytics.com
1	logx.optimizely.com	cdn-client.medium.com
1	srv-2020-12-01-10.pixel.parsely.com	blog.huntresslabs.com
1	app.link	cdn.branch.io
1	a16180790160.cdn.optimizely.com	cdn.optimizely.com
1	cdn.branch.io	blog.huntresslabs.com
1	cdnjs.cloudflare.com	blog.huntresslabs.com
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	cdn.optimizely.com	blog.huntresslabs.com
1	medium.com	1 redirects
108	17

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
huntresslabs.com
www.bleepingcomputer.com
www.virustotal.com
www.youtube.com
vickieli.medium.com
ryancor.medium.com
about.medium.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
blog.huntresslabs.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-30` - `2020-12-29`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2020-08-19` - `2022-10-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
appipv4.link Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-11-27` - `2021-02-25`	3 months	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
logx.optimizely.com Amazon	`2020-09-21` - `2021-10-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
Frame ID: 2F116F2D27FF06B11BB1D246EE9AE799
Requests: 101 HTTP requests in this frame

Frame: https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html
Frame ID: E7247DA1240F5B5A4C04CD127EA6A0DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-an... HTTP 302
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

108
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

17
Subdomains

14
IPs

4
Countries

2978 kB
Transfer

4996 kB
Size

11
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_page-----400b57cd7dd---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F400b57cd7dd&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----400b57cd7dd--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_page-----400b57cd7dd---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://huntresslabs.com/?source=post_page-----400b57cd7dd--------------------------------
Title: Company

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=responses-----400b57cd7dd---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=-----400b57cd7dd---------------------smart_meter-----------
Title: Sign up for Medium and get an extra one

Search URL Search Domain Scan URL

URL: https://medium.com/@johnhammond010?source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Ff9c5b8e8daa3&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_page-f9c5b8e8daa3----400b57cd7dd---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/trickbot-turns-100-latest-malware-released-with-new-features/
Title: 100th version

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/58c4bea082b2f44f0beab5356ae2bc9bc73c3f13ab0491861bc2ba24690da103/detection
Title: https://www.virustotal.com/gui/file/58c4bea082b2f44f0beab5356ae2bc9bc73c3f13ab0491861bc2ba24690da103/detection

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0RADvfJysuA
Title: https://www.youtube.com/watch?v=0RADvfJysuA

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_sidebar-----400b57cd7dd---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_sidebar-----400b57cd7dd---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_actions_footer-----400b57cd7dd---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@johnhammond010?source=follow_footer-------------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Ff9c5b8e8daa3%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=follow_footer-f9c5b8e8daa3-------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fhuntresslabs%2F400b57cd7dd&operation=register&redirect=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&source=follow_footer--------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@annie.ballew?source=post_internal_links---------0----------------------------
Title: Annie Ballew

Search URL Search Domain Scan URL

URL: https://medium.com/@lily.teplow?source=post_internal_links---------1----------------------------
Title: Lily Teplow

Search URL Search Domain Scan URL

URL: https://medium.com/@johnhammond010?source=post_internal_links---------2----------------------------
Title: John Hammond

Search URL Search Domain Scan URL

URL: https://medium.com/@annie.ballew?source=post_internal_links---------3----------------------------
Title: Annie Ballew

Search URL Search Domain Scan URL

URL: https://medium.com/@annie.ballew?source=post_internal_links---------4----------------------------
Title: Annie Ballew

Search URL Search Domain Scan URL

URL: https://medium.com/@jdferrell3?source=post_internal_links---------5----------------------------
Title: John Ferrell

Search URL Search Domain Scan URL

URL: https://medium.com/bugbountywriteup/diving-into-yargen-9e8c00e18b65?source=post_internal_links---------6----------------------------
Title: Diving into YarGen

Search URL Search Domain Scan URL

URL: https://vickieli.medium.com/?source=post_internal_links---------6----------------------------
Title: Vickie Li

Search URL Search Domain Scan URL

URL: https://medium.com/bugbountywriteup?source=post_internal_links---------6----------------------------
Title: InfoSec Write-ups

Search URL Search Domain Scan URL

URL: https://ryancor.medium.com/extracting-embedded-payloads-from-malware-aaca8e9aa1a9?source=post_internal_links---------7----------------------------
Title: Extracting Embedded Payloads From Malware

Search URL Search Domain Scan URL

URL: https://ryancor.medium.com/?source=post_internal_links---------7----------------------------
Title: Ryan Cornateanu

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----400b57cd7dd--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----400b57cd7dd--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=post_page-----400b57cd7dd--------------------------------
Title: Share your thinking.

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----400b57cd7dd--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----400b57cd7dd--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----400b57cd7dd--------------------------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd HTTP 302
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd Show response
blog.huntresslabs.com/
Redirect Chain

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

199 KB
43 KB

881ms
881ms

Document
text/html

52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-225-124.compute-1.amazonaws.com

Software

nginx /

Resource Hash

62b5dfcf7005f076e5109792efcc0073d9fa704322b739d5a21a59383962da16

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: blog.huntresslabs.com
:scheme: https
:path: /tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 01 Dec 2020 10:26:04 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
etag: W/"31d32-YQ7CKcNghNstzK8NUytDzBolPyI"
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, lite/main-20201201-010343-3c8b048983, rito/main-20201130-215411-06322a06bb, tutu/medium-43121
set-cookie: uid=lo_2d4ea9fd97aa; Path=/; Expires=Wed, 01 Dec 2021 10:26:03 GMT; HttpOnly; Secure; SameSite=None sid=1:kKgHBSzdwVED0jvT8KzL0dYPt4bmEga4hkAh2EYSqunkpqiYQ3jkHEFMSECFEMAw; Path=/; Expires=Wed, 01 Dec 2021 10:26:03 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_2d4ea9fd97aa; Path=/; Expires=Wed, 01 Dec 2021 10:26:03 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 765
x-frame-options: allow-from medium.com

Redirect headers

date: Tue, 01 Dec 2020 10:26:03 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: __cfduid=d89e9a1f0b47c9191438ffd3789983eba1606818363; expires=Thu, 31-Dec-20 10:26:03 GMT; path=/; domain=.medium.com; HttpOnly; SameSite=Lax uid=lo_2d4ea9fd97aa; Path=/; Domain=medium.com; Expires=Wed, 01 Dec 2021 10:26:03 GMT; HttpOnly; Secure sid=1:HI3V8HTkaKapjbJDFfEe+n8Pzvps5wamXac8beaoN1LbtAYGjFq7tCPd0fyHh2RU; Path=/; Domain=medium.com; Expires=Wed, 01 Dec 2021 10:26:03 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_2d4ea9fd97aa; Path=/; Domain=medium.com; Expires=Wed, 01 Dec 2021 10:26:03 GMT; Secure; SameSite=None __cfruid=e95132cfed10eca707512b05ec7e49ad5e8fbf43-1606818363; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 55
x-frame-options: sameorigin
x-obvious-info: 20201201-0313-root,7bc51ca4
x-obvious-tid: 1606818363384:48246237f7d0
x-opentracing: {"ot-tracer-spanid":"48ca25dc7062046b","ot-tracer-traceid":"97b4abc35d80884","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f8f9e00009710bd3c1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fac1b9299959710-FRA

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 320 KB
93 KB 21ms
7ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1422f4481001a4b056cb5eb392f37a870c27b6dd8699d76339693171f861dd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: NAwucNm1EVKhCUd7ZYqmFSki9DH9D53t
content-encoding: gzip
etag: "7d393b6bc75567b380d3008247f1d10d"
x-amz-request-id: AXCW2YFYFY9X1NAJ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 5192
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 94464
x-amz-id-2: PIrDU+wJT31bpNWHHrzM4MgSVbCwfBvp1gP1DH1sn1h4UZH9ktsb7UoF1xXt9y0Dr8ZAi3eMH5M=
last-modified: Tue, 24 Nov 2020 17:54:14 GMT
server: AmazonS3
date: Tue, 01 Dec 2020 10:26:04 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 unbound.css
glyph.medium.com/css/ 10 KB
1 KB 46ms
26ms Stylesheet
text/css 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f93ea00000eb38c22f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 5fac1b997bcf0eb3-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 01 Dec 2020 14:26:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2173
date: Tue, 01 Dec 2020 09:49:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 01 Dec 2020 11:49:51 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 14ms
14ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=234494699&t=pageview&_s=1&dl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd%3Fgi%3Da8e0fc2b7125&ul=en-us&de=UTF-8&dt=Tried%20and%20True%20Hacker%20Technique%3A%20DOS%20Obfuscation%20%7C%20by%20John%20Hammond%20%7C%20Nov%2C%202020%20%7C%20Huntress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1272324841&gjid=1502544703&cid=1076928947.1606818364&tid=UA-24232453-2&_gid=940561326.1606818364&_r=1&_slc=1&z=988567882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.huntresslabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1*JzHsjsiFbLfEtiS8aUsNmQ.png
miro.medium.com/max/290/ 6 KB
7 KB 23ms
19ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/290/1*JzHsjsiFbLfEtiS8aUsNmQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e7fdfacc4e27e4fff3082c27b10bbc44bca8ecb2f0997479f274945f3db046f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1970737
x-envoy-upstream-service-time: 48
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6646
cf-request-id: 06bf6f943e00000eb381125000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b99fced0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*fDAN_hGsCdpZAbDAO_YSCQ.png
miro.medium.com/fit/c/96/96/ 11 KB
11 KB 28ms
24ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*fDAN_hGsCdpZAbDAO_YSCQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d86f6376b7093cad80381bdbb47a15083da4e39fe2824597fb472cafff39265

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587308
x-envoy-upstream-service-time: 35
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 10896
cf-request-id: 06bf6f943d00000eb371867000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b99fcea0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*SwPP7Qnr548RZgbMZR8EUA.png
miro.medium.com/max/60/ 4 KB
4 KB 53ms
49ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*SwPP7Qnr548RZgbMZR8EUA.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82a83255ce888723b163f1e95d1a2f7b6d7e2a241aaaa910ab6a311c9b009176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 576839
x-envoy-upstream-service-time: 27
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4370
cf-request-id: 06bf6f943d00000eb32d3b8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b99fce80eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*_TPY6BowD1l6K-FuztN1Vw.png
miro.medium.com/max/60/ 3 KB
3 KB 52ms
48ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*_TPY6BowD1l6K-FuztN1Vw.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fe1932aee01b8f2dd7e1e6b2a8855823b5d1dc105b7ece0ca2ea52d0f2589b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2843
cf-request-id: 06bf6f943d00000eb3279e7000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b99fceb0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*6Ty615ti71O2g97TP0AxbQ.png
miro.medium.com/max/60/ 2 KB
2 KB 37ms
33ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*6Ty615ti71O2g97TP0AxbQ.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d763c16430d1b2bcf5bce9ccd775da63565aff441188d0f6f43346d7aa0125d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
x-envoy-upstream-service-time: 104
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1871
cf-request-id: 06bf6f943e00000eb350ad6000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b99fcf20eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*ufCEj-2GofGmDrnNMIaD2Q.png
miro.medium.com/max/60/ 2 KB
2 KB 37ms
34ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ufCEj-2GofGmDrnNMIaD2Q.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c771333a7ff915d044d909b4934c00ed1d37502f12083cdff379b23f7a7adffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
x-envoy-upstream-service-time: 37
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1708
cf-request-id: 06bf6f943e00000eb336a61000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b99fcf30eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*lW90BHUZv_tHIfzrpfh8sA.png
miro.medium.com/max/60/ 2 KB
2 KB 27ms
26ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*lW90BHUZv_tHIfzrpfh8sA.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3985530cca8fee2517132a65973535519fdb04a6909a724e72d915117f64a933

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
x-envoy-upstream-service-time: 72
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1764
cf-request-id: 06bf6f945000000eb3192c5000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a1d4d0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*1kO_SHQZhwWrv5c1vnqKEw.png
miro.medium.com/max/60/ 2 KB
2 KB 51ms
50ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*1kO_SHQZhwWrv5c1vnqKEw.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b01d33c6e2769909fd8f9c98c2ff5baeddd97018283bb69277254bf2f4a50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1682
cf-request-id: 06bf6f945700000eb35114a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a2d720eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*Q4zPf3qamTKg0mSDVFAldQ.png
miro.medium.com/max/60/ 3 KB
3 KB 100ms
100ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*Q4zPf3qamTKg0mSDVFAldQ.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853cb1692f14bfc48f727e3df77c2e7b1b90148d177f6b29b0568889b5c99cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3132
cf-request-id: 06bf6f946600000eb3872b4000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a3dae0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 0*SeRj1W_i8AhACDn-
miro.medium.com/max/60/ 853 B
1020 B 154ms
154ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*SeRj1W_i8AhACDn-?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4262a3cd34acac878ec9d934916863a4e79daebd8d6ab56865abcdea4305258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 15
content-length: 853
cf-request-id: 06bf6f946000000eb357b10000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a3daf0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 UTC

GET
H2 200 1*fDAN_hGsCdpZAbDAO_YSCQ.png
miro.medium.com/fit/c/160/160/ 25 KB
25 KB 33ms
33ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*fDAN_hGsCdpZAbDAO_YSCQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43927eb145c7567726c39d80ead36af48e7361fbcbe694a6a1547b1caab03cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587308
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 25675
cf-request-id: 06bf6f946f00000eb374167000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a4df90eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*fR5n43D-i3z88ODTtgO1ag.png
miro.medium.com/fit/c/160/160/ 12 KB
12 KB 62ms
61ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*fR5n43D-i3z88ODTtgO1ag.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87964eb6355d30f094783ac455d82db486e8708f4173849e9877816b99b34463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657598
x-envoy-upstream-service-time: 72
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 12544
cf-request-id: 06bf6f946e00000eb32a070000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a4e110eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*fDAN_hGsCdpZAbDAO_YSCQ.png
miro.medium.com/fit/c/80/80/ 8 KB
8 KB 39ms
39ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*fDAN_hGsCdpZAbDAO_YSCQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a54050b72f702187bfbfca6be8216d42a8ab3d41561c79a30c9072d928df4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587308
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 7805
cf-request-id: 06bf6f947000000eb33e2a8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a4e210eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*fR5n43D-i3z88ODTtgO1ag.png
miro.medium.com/fit/c/80/80/ 5 KB
5 KB 27ms
27ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*fR5n43D-i3z88ODTtgO1ag.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bfdf5bcbd4190fae04b2917aaea593bd3b8d94ddf83e5920ec43561f229a911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 657598
x-envoy-upstream-service-time: 50
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 5203
cf-request-id: 06bf6f948a00000eb327261000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a7eab0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 0*7ls_zdVmsUywKSmq
miro.medium.com/max/60/ 5 KB
5 KB 173ms
173ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*7ls_zdVmsUywKSmq?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ab6ef08adb3d2774fd7cbfa6d3b3674772f0f25da1b6e277ee27faa36817a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 14
content-length: 4922
cf-request-id: 06bf6f948d00000eb338335000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a7eb90eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 UTC

GET
H2 200 0*OWtXi7MAfC9NDq5O
miro.medium.com/max/60/ 3 KB
4 KB 149ms
149ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*OWtXi7MAfC9NDq5O?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3f007d404f170174f9a55d9860a17f7de63dacb881568d50042759316c2ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 17
content-length: 3442
cf-request-id: 06bf6f949700000eb37003a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9a8edd0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 UTC

GET
H2 200 1*1vUs6otUEXWKMdo33TnYGw.png
miro.medium.com/max/60/ 5 KB
5 KB 31ms
31ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*1vUs6otUEXWKMdo33TnYGw.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73514d2935414357d01b7dd044fa60f60e09a4d042c635bb501c8a18dc34d748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 587308
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4621
cf-request-id: 06bf6f94a600000eb31422b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9aaf170eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*gdP1lMQbo4kShelzhChiMw@2x.png
miro.medium.com/max/60/ 2 KB
2 KB 27ms
26ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*gdP1lMQbo4kShelzhChiMw@2x.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60f518c4f68845a3a5927592ebf038d67343b43aa8c4478ac08d27eb53300419

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 498051
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2108
cf-request-id: 06bf6f94ac00000eb36bb39000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9aaf300eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*cf3Shx37mHWAoxC9CpbAzg@2x.png
miro.medium.com/max/60/ 2 KB
2 KB 27ms
27ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*cf3Shx37mHWAoxC9CpbAzg@2x.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945265fc049de4e7c7240b6a9d3d5b2d924d894cea9cbf9a326822fda82528e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 905237
x-envoy-upstream-service-time: 60
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2054
cf-request-id: 06bf6f94ca00000eb32a07b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5fac1b9adf830eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*zBI6b6H7ksrZoyn0d_aW9g.png
miro.medium.com/max/60/ 5 KB
5 KB 25ms
24ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*zBI6b6H7ksrZoyn0d_aW9g.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cdc0d6a177fee9c9b7e878073d2e6643c9df2c2bbd200f40e4d69d9dd99d3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 576839
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4631
cf-request-id: 06bf6f94c600000eb3189ba000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9adf860eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 0*xCawCf4U2AN0qXCU
miro.medium.com/max/60/ 854 B
1 KB 158ms
158ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*xCawCf4U2AN0qXCU?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed08fb474169940e30e7861510226dd49b64853fb29496c2d304fcec88351ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 20
content-length: 854
cf-request-id: 06bf6f94c600000eb3872b7000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9adf890eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 UTC

GET
H2 200 1*4gvqh_vdl-zN4dQlS6hwhA.png
miro.medium.com/max/60/ 6 KB
6 KB 28ms
28ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*4gvqh_vdl-zN4dQlS6hwhA.png?q=20

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a939d4d689b48d14f71cd65a597c64e139b37b4fb3b9c8347f38a7bd743918f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2071173
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6202
cf-request-id: 06bf6f94e300000eb377be7000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9affcc0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/270/ 10 KB
10 KB 16ms
16ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2101991
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 9821
cf-request-id: 06bf6f94e000000eb37187b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20200804-190312-d5d253b55e
accept-ranges: bytes
cf-ray: 5fac1b9b0fd80eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/270/ 7 KB
7 KB 27ms
26ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2175906
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6839
cf-request-id: 06bf6f94f300000eb38eaed000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1b9b182e0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:04 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 56ms
40ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1790840
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945400002c2a67a68000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a1bc22c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 90ms
73ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1790840
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945500002c2ac0973000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a2bd72c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
14 KB 55ms
39ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1904930
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945400002c2a5699f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a2bca2c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 18 KB
18 KB 60ms
44ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1790840
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945500002c2a6e1c2000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a2bce2c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 42ms
27ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568395
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945400002c2a0d075000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a1bc72c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 charter-700-italic.woff
glyph.medium.com/font/77a0c0c/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 11 KB
11 KB 96ms
80ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/77a0c0c/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f4969854fa4004e00ddf84c2ca5ada59216aef292c3f6e7a5b1a73d90646f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 128688
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945500002c2a7b117000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a2bd02c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 48ms
33ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568395
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945600002c2a2cb6a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a2bd52c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 56ms
41ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568395
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f945500002c2a16a08000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1b9a2bd32c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 manifest.acdc9674.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
4 KB 33ms
26ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.acdc9674.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ff0062c9941bbb37fef46b01a764f394f912a5c32f243e7b83f68d2e2a4c45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35850
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 98CAE3ED1526897C
x-amz-id-2: Dfz/CsWrxKpBhEzvyqHidwUl5gtGAnhRQWsqBi4VKld+IyjjHt1LmgPWxW+FefxkqbFLtCcPOHM=
last-modified: Tue, 01 Dec 2020 00:20:46 GMT
server: cloudflare
etag: W/"9dbcd9ba14fd8d50c0757d541b9d48f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 3wkA.ks.rmO_uw2ESV6BnkTjbIGzwynD
cache-control: public, max-age=31536000
cf-request-id: 06bf6f950400000eb37b88e000000001
cf-ray: 5fac1b9b38890eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 8705.537fdf35.js Show response
cdn-client.medium.com/lite/static/js/ 706 KB
208 KB 37ms
31ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1cf57b09a005b072eaeaac7afa0eadc241b3f37119e919c5b321d180ede1d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 664012
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: D97BEC7070D56235
x-amz-id-2: xItjuSI98I6p44jAc0MRkVdD9dRRSIcFpH6d9eFDo68GMZL8RM1CxfYELQd85y9HyWsVsfa0CFY=
last-modified: Mon, 23 Nov 2020 17:52:50 GMT
server: cloudflare
etag: W/"7dfd1cae8043ec3b248af0f0b6c4a5da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: npq70KX6RM0eCzypfh5L2dBL3drqqigY
cache-control: public, max-age=31536000
cf-request-id: 06bf6f950400000eb35e199000000001
cf-ray: 5fac1b9b38810eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 main.9b87b49d.js Show response
cdn-client.medium.com/lite/static/js/ 527 KB
137 KB 29ms
23ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e5b87d5599d46165267a954b9c301e780c0fb3dfc1a67cdefc30c893e5a7dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32423
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7FDEFF60D1C4D698
x-amz-id-2: mIY7txo3z98u8pEpockOv//cjVdWaYI4bsnV+9+olLxnrVAM3m1C5HpYg0BVRUGNRQC+QdOiHvk=
last-modified: Tue, 01 Dec 2020 01:22:48 GMT
server: cloudflare
etag: W/"c3946a9f77c64abf18816318e2810e3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MsBbP97tHW5zCMSZZoKCnGlxUCwbJ_mn
cache-control: public, max-age=31536000
cf-request-id: 06bf6f950500000eb377beb000000001
cf-ray: 5fac1b9b38900eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 5573.71c7b89b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 25ms
19ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364f6c75955774aebff7e991251b546bc3be8bd6b8c2ec6992093954d2880ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 802283
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5F1FD4DB55DDDE8A
x-amz-id-2: B84Imc8lpoqsoNjOt1mesrdf9/0oYNrEFAWkKUWZAUodSqYcPc1wn8nS9+NkLEXQZZGikjHaOj4=
last-modified: Thu, 05 Nov 2020 06:35:09 GMT
server: cloudflare
etag: W/"5ea86fb250e41d2afbeafce6d98f43fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: n6sjS3in91J8r._SfEa8RwndCZwis75f
cache-control: public, max-age=31536000
cf-request-id: 06bf6f950500000eb38113c000000001
cf-ray: 5fac1b9b388d0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 instrumentation.b159e062.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 42ms
36ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.b159e062.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8138c096e0fe75403f6c983d40d1867ffe44f231422bd4b66b19e02bdaf3f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 894057
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A670D983870BC000
x-amz-id-2: 07SOoqSoYak488uciyldnrtUUUDHcqrZcpxLcaDKQArrT5fvAStylGLmnoS90Ya9yWDCAnlADBM=
last-modified: Sat, 07 Nov 2020 01:12:55 GMT
server: cloudflare
etag: W/"f58deca85e2c997a1e2fec2e3e465940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5TPzxF68abpDXNCV7.A5sPoBuwOMN3X0
cache-control: public, max-age=31536000
cf-request-id: 06bf6f950500000eb321102000000001
cf-ray: 5fac1b9b38950eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 reporting.a97391eb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
980 B 37ms
31ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.a97391eb.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559b03b627bb2a5cfa4390b674bdca59d21dfacfc9eea75a3e60d30382685d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 888508
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3261F28620D55017
x-amz-id-2: YTYd2b3Qz7CPk4VezcqT7RzsLInd+74BKhc7reFuniO4oSIXQ2ikaT6sgA8S34+t3IqeBtqdyMo=
last-modified: Fri, 20 Nov 2020 06:56:54 GMT
server: cloudflare
etag: W/"fe7638c63ed535f5a1e5b02bc60ec02e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: BK9mkdoaQYaX4J2lvUNS9CBPHAxu2l3U
cache-control: public, max-age=31536000
cf-request-id: 06bf6f950500000eb3312f1000000001
cf-ray: 5fac1b9b38920eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 1826.bc1ea69a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
11 KB 19ms
19ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1826.bc1ea69a.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a7dcabcc1bde6b5b7d90eca8e955d02b7b4edb967d68f0c3ca69cb70ce5c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1048778
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B8CCE21D67F8AB31
x-amz-id-2: bMooRsF86w6b4A0jMMBQYyWh/tD2SX6G9Mc7XiDBG+GXgtnj7RQfvMINcqVMjN2c03kEg8BaqN8=
last-modified: Fri, 06 Nov 2020 05:38:50 GMT
server: cloudflare
etag: W/"b09f67d7284461212d661f0679868da7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kJMY8C_4scfydNNyEn3HLn8CL2KriZkt
cache-control: public, max-age=31536000
cf-request-id: 06bf6f951800000eb38c253000000001
cf-ray: 5fac1b9b58f90eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 4464.18d417d4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4464.18d417d4.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ac6fe649aa853633a57ab2ec0710a69fff6c8be308aae4aad815fb0deacc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1054821
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E9E10B07E400D94C
x-amz-id-2: p/aEzLVqx1d7evpnFwiW+nWI0+8m9JcO1/qEkPOXBVCNFhY+c92MxfP4ekvqDmKxnEc+Xw4buSE=
last-modified: Fri, 06 Nov 2020 01:56:37 GMT
server: cloudflare
etag: W/"96f0b868bf92c7fd790272d73e2f9870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: mxMTb78Psp5MmS3X3oIvlmlN4WNgm2gH
cache-control: public, max-age=31536000
cf-request-id: 06bf6f951e00000eb32d3c5000000001
cf-ray: 5fac1b9b69080eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 8342.a58cc356.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
34 KB 42ms
41ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8342.a58cc356.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a77af1069d7c8977e9150bbadd688736c38a51f37e47b7081e873cadabbda138

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47006
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FA0330BEB691E402
x-amz-id-2: Q/0wUatl1um6vfEDJVFNuOuV43OLk2NXOlX0JZ/KEb7L1Sso/O7c20vOH2JBGNaesOdX63ePuG0=
last-modified: Mon, 16 Nov 2020 20:56:41 GMT
server: cloudflare
etag: W/"c2d2cb7b44ca8f4bc0de3484bc998db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: DwU8AkLlh8txbyATJg0hucJBYrfafhA.
cache-control: public, max-age=31536000
cf-request-id: 06bf6f952400000eb3279f6000000001
cf-ray: 5fac1b9b691d0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 1148.9eac293a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 56ms
56ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1148.9eac293a.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

657f85f1f717dfcf71d54955f08094c8f627c55434576788f1fc5a9139c139d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 927705
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 779F169689CFA39A
x-amz-id-2: Dz1EIn+5O7SLVN68rqexaBmts5ZRK38DCYryYMEvvpPxWpQhWrUQgRe4ErqQpVB6YQn0n7LANGg=
last-modified: Fri, 20 Nov 2020 06:56:29 GMT
server: cloudflare
etag: W/"db69beca199f14b1d0c0b61593e3f93e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bhKUKs_.a4w88c947WDlrPKcTLeG6VSL
cache-control: public, max-age=31536000
cf-request-id: 06bf6f952800000eb34b3e9000000001
cf-ray: 5fac1b9b792f0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 5064.e657005a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 115 KB
32 KB 21ms
19ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5064.e657005a.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1de75b338674502d461c30831f74d7b3ce3188e4c9079971325b86f2fd6574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41787
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 005BC0DE39C40ADA
x-amz-id-2: UmXkt/n5Vc8pntKX2nn+98HtHrH2GROmOM4fGo+OXjqbT82pW8x+hJXPPnjuXhJswSS61pIuxG4=
last-modified: Mon, 30 Nov 2020 17:09:07 GMT
server: cloudflare
etag: W/"138e6889463c542a3027a923e5df0824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: l9WQ5Q5VsK7r_r9v3I8Sc6.RkwHPZC5F
cache-control: public, max-age=31536000
cf-request-id: 06bf6f952d00000eb380a82000000001
cf-ray: 5fac1b9b793b0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 9274.63eefcdc.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 22ms
20ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9274.63eefcdc.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfd67952d341851f49558fd5b3314f9c54869c362801f51552e1a9df07c8ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1161042
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8789100A0E8D619A
x-amz-id-2: vH8/mSYKXpiYKY3JcaxHMI8XHYwb+I5Yemlp4jPgdHT1XE5QdXtuqmmv7Dn3lQosLyvlDm8sGcw=
last-modified: Sat, 07 Nov 2020 01:12:39 GMT
server: cloudflare
etag: W/"ccd80c9d1d3b3cda451c47c801e9b0de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: FRqbYNlJiTTdTybej.YNfzRZXN68YXRN
cache-control: public, max-age=31536000
cf-request-id: 06bf6f952e00000eb35bb4d000000001
cf-ray: 5fac1b9b793f0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 2846.6b6ebf22.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 25ms
25ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2846.6b6ebf22.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e543d83cad5f3e4973f7bb52280a9a1722a20ef3d71c4b99b7a7b60770bb2ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 793650
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5A245C02CF5FA5BA
x-amz-id-2: hjS5bDcD0048VFwBVD+f+LR3rrRNxuqdBq/ZffYevV/nMWbZRST6tzwp+IKg8QnFvsYrVXOZna4=
last-modified: Thu, 05 Nov 2020 06:35:08 GMT
server: cloudflare
etag: W/"15657365d9509fb2670441fb19640fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Z5N_3t7pg0ArqX57LA2TCVyXx0lI6cVG
cache-control: public, max-age=31536000
cf-request-id: 06bf6f953400000eb38eaf5000000001
cf-ray: 5fac1b9b89570eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 8308.2c4ffe63.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 45 KB
13 KB 38ms
37ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8308.2c4ffe63.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

986bc1611e70a77171c4eb0f4cb97704e8e5213a1887cc97c1d2a65222cc2719

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39827
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 855D55DF7EF06AA5
x-amz-id-2: PwwidOoHd8hSMwBqZVzp66TnrvQEw1lWhJqTWrOTFvTItguhXAnrl0qF4DUUEZHyX5KnoV7xFQY=
last-modified: Mon, 30 Nov 2020 23:12:29 GMT
server: cloudflare
etag: W/"530241e006b8d196dee06ca1d7abee1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LNzMbWdaZd6QRjOO9KXaWKdBMacpL9o1
cache-control: public, max-age=31536000
cf-request-id: 06bf6f954100000eb34b9c3000000001
cf-ray: 5fac1b9b997f0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 7993.d2090e9e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
8 KB 21ms
21ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7993.d2090e9e.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7886e0489f83052da46abf4683899d44b8fe057cd74877415952ae20a874a740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 713581
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FA5A56F4EEBCC85D
x-amz-id-2: H62t//ICALdlRV9eO+nd24N0QJPpjv2qtbTwXDj6vDKq6YeXBi/fs7All4U2RuWVqtNLcL60DHc=
last-modified: Thu, 05 Nov 2020 05:27:18 GMT
server: cloudflare
etag: W/"e98a333e611f6294eb5502aa6f2401bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: SMyXsQDDO7Ip6xpBtgBCpZyFKWLXtrQ3
cache-control: public, max-age=31536000
cf-request-id: 06bf6f954200000eb370051000000001
cf-ray: 5fac1b9b99820eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 6839.ef1685ae.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 19ms
18ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6839.ef1685ae.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6466f6c63fc6762dafcdab568fc0ba0fd6888964894962c7fd2e2fcacd049632

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1140268
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 551702CCF861956B
x-amz-id-2: 6Hmh3yUj6YfPtQrP2nmtPaZJNT6KLa0fLYAH8MpTX9fQyyLPNaM7ySxQYryoDFIU15xO+9hzFj0=
last-modified: Sat, 07 Nov 2020 01:12:39 GMT
server: cloudflare
etag: W/"ad2f6f805c2629c7f760c7112f9cf69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kSxdEgy6Ar_UgvDrjQQIco1bvJQeBFD0
cache-control: public, max-age=31536000
cf-request-id: 06bf6f954500000eb38eaf6000000001
cf-ray: 5fac1b9ba9910eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 353.46aadb89.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
9 KB 26ms
24ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/353.46aadb89.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dccd53f97210b2d324484de530c8ffcbf41ebc6bf65682b000f967dcddbe00ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 496716
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 27C4B7CFDE9C09B8
x-amz-id-2: 4Q0Ler8Av2dSFusK5/sZ0/vC/3lEVHDZgrITDpyl2IRJ4yathNRQX6rolAmFsmK7j2DxR7ZKzis=
last-modified: Wed, 11 Nov 2020 16:20:07 GMT
server: cloudflare
etag: W/"b68f27e1c17f92de1bbc470517163283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 3puxyNQg6LGCq3XZaAA7NK00mX22bLl3
cache-control: public, max-age=31536000
cf-request-id: 06bf6f954f00000eb36bb4a000000001
cf-ray: 5fac1b9bb9bf0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 8751.7be7f6ef.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 21ms
20ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8751.7be7f6ef.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4517fcc6a48b5aaeffa03c10355d940ac8eae23c2cf3a084236ec81d00f5c731

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 636247
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 315A72FF3AFBB251
x-amz-id-2: /ti8F+Pl4q+7CpopL2dbSoaGrpSFuRn/8/q6OIA53wM2TuBNLJ05cJEDKN6qi29uvbp3le3wOgA=
last-modified: Tue, 24 Nov 2020 01:32:39 GMT
server: cloudflare
etag: W/"b633e5846f0a7c324d940b62d5457708"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 7mWerE1GzhdKCO6mHzmYvvDZBaGd25J7
cache-control: public, max-age=31536000
cf-request-id: 06bf6f955000000eb3192db000000001
cf-ray: 5fac1b9bb9c40eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 2054.5733b9dd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 29ms
28ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2054.5733b9dd.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7eaa5bb774e38aefe57a609919b7ccb17a04ed6814b4f393813c459e1e34af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1088372
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3A33DEDC7F97E982
x-amz-id-2: 7G/RdEYnCVBPAOUHGLNinDrBBTpJ985ynW57ZOBDuJDL2U5e/Cu+ofkkGp2CY6TeLZyORvur4Uk=
last-modified: Wed, 18 Nov 2020 19:58:45 GMT
server: cloudflare
etag: W/"035f1560e73cd49a51eee93caa286e22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HETC0CpJ55zy2oXc.TJyIy_107vrrnMV
cache-control: public, max-age=31536000
cf-request-id: 06bf6f955a00000eb38eaf9000000001
cf-ray: 5fac1b9bc9f80eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 8127.bb1718e7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8127.bb1718e7.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e460ff9134a80b4745d13464f518042d06fac2d9298b2ee35147fa7a6e3ee469

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1088372
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 64F44B33A41CD8EF
x-amz-id-2: HPiPIs+FvTY0mDI1xvCe35x4/Lf8ZZczambB7XkYVVF1Kb9+r2p96DL+WAhNFfRzZ8tAXoJuNt8=
last-modified: Wed, 18 Nov 2020 19:58:45 GMT
server: cloudflare
etag: W/"20bdbe68cb1d776ba26819d15e783c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .CMh6bPd_l0ClpFkl7LE97HFxWJxCVQr
cache-control: public, max-age=31536000
cf-request-id: 06bf6f955900000eb381149000000001
cf-ray: 5fac1b9bc9fb0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 7131.5e83a949.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 21ms
20ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7131.5e83a949.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb2f8591bf82b158baed4b3df098f534abe34facad67d2d4089a0cd0ebc27fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 411562
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 66F14A7E30EBF13F
x-amz-id-2: j04XaJLhVfVXGfpGDyCVEVU+oNC5rvJbYWaxtN17lK/EZ7XyMn6MR/hkkRSkszUXkBvQO+S1Vj0=
last-modified: Thu, 12 Nov 2020 15:59:09 GMT
server: cloudflare
etag: W/"b98b66cce608835612c487edb8548473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _N_KjP_DsOGCW5tv3vKyUtXRQdqQwL4x
cache-control: public, max-age=31536000
cf-request-id: 06bf6f956100000eb37b899000000001
cf-ray: 5fac1b9bca170eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 8825.f977dc39.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 24ms
24ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8825.f977dc39.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93e2bdab31c9b4426963c8a650f70d7949866a4183bc4d92f0748167387c70c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549662
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AD8022D87A3D2653
x-amz-id-2: zML3cZNawiwc6qVPBv3jVw2EMIbRrXLQOkfrb4Qiva6NIsRrG5d9HHscwrkdgbY9207uAw0942s=
last-modified: Wed, 25 Nov 2020 01:40:56 GMT
server: cloudflare
etag: W/"9c4ab0101c48b0786a0b48df00cb3415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: AeSwP1YEBidh_okEOCrNTrtwG1l0zp31
cache-control: public, max-age=31536000
cf-request-id: 06bf6f956b00000eb351171000000001
cf-ray: 5fac1b9bda350eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 5279.bdd449a3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
6 KB 21ms
20ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5279.bdd449a3.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d22c4a9b9a7e6f5285b1555fa5041b0c809bdcaae42ac7ed733eecec9e00c10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568273
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7T1K6R9K2Q8M2X0J
x-amz-id-2: sbfNbnOlJv/TlOJGH8k9yPhXjh72qSZKGJtQ72s9OfKdEkkBhlMG+BFGu9wqnM6UCTODfCSm4Uo=
last-modified: Tue, 24 Nov 2020 19:38:20 GMT
server: cloudflare
etag: W/"7d58ba9f9a3408a56ac2ec6250723a27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ritN.C6oE5wq3Ojfw0MC3581FqEj_Bmf
cache-control: public, max-age=31536000
cf-request-id: 06bf6f956900000eb37105d000000001
cf-ray: 5fac1b9bda390eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 9978.5d90969f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 39ms
39ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9978.5d90969f.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c290ad72854fbe941062590695d72b90a25a8dc5856cd4c418bb69f14e918d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549618
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1576AB31D8B1E917
x-amz-id-2: a0LzVH23UDa05eyVopqGGdxdutQGrCyHKnTvPR4u48MOvfSn8ddG/ekbh/ImJkLuwdK6N7DKGKc=
last-modified: Wed, 25 Nov 2020 01:40:56 GMT
server: cloudflare
etag: W/"0444179feeef57d6b1ec781cb6160953"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2y2OHaR4XkB2GQ4dtGOk8Xq3iG.6eCRz
cache-control: public, max-age=31536000
cf-request-id: 06bf6f956900000eb334164000000001
cf-ray: 5fac1b9bda3c0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 3721.a4f7e0c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 73 KB
21 KB 43ms
42ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3721.a4f7e0c8.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a95c2d1819e4bc6d85452583779766ee4ad70cf9a9796ce5bae59ca402c97412

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558360
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 61F997DC67747BCC
x-amz-id-2: BRxP2OcVutXTe2VvZTrIyd5RbODCd/DgxNhA27WEFBiMnEhQM1d+YYZtKo1AWeBrdJLKNlLk7i4=
last-modified: Tue, 24 Nov 2020 23:14:46 GMT
server: cloudflare
etag: W/"eeebd7399b8d2ef0183ff5bf250fd9cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1Tj7PejdG6tffpIFGo_S5hJ69edcGd4D
cache-control: public, max-age=31536000
cf-request-id: 06bf6f957000000eb3233aa000000001
cf-ray: 5fac1b9bea570eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 2514.081fe576.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 76ms
75ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2514.081fe576.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9017980afd649d3aa1245d7fcfa6c649dc837f75148c8a1734751a0ddacaba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568273
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4551DB38677C984E
x-amz-id-2: vIhdQE/IbIDvjv0b25E/2HKg+qi1ekcEH+T2Tmw/b7M5HoQ7u2FPgCsYniEpeIInQvzCweoUMvA=
last-modified: Tue, 24 Nov 2020 19:38:20 GMT
server: cloudflare
etag: W/"199f10b64e4818a363fb569993317765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vO7dpO4mBR6Ah2W9HW.Kx1BG2G51Yobt
cache-control: public, max-age=31536000
cf-request-id: 06bf6f957400000eb33c875000000001
cf-ray: 5fac1b9bea6a0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 2602.891716a3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 35ms
35ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2602.891716a3.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a8e1bdc1cf7180514bd05280615b4fa921e306cdd3d52bc04e7d96f4b94ee4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558360
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8933B22097680BAF
x-amz-id-2: Tx0sEI9rdyXBTu6wg7gnh5dPEGE6xTZ4VX/OROnKQNyw1BbWJ0wugl9iS6XGXK5RW90RjBO9l7Q=
last-modified: Tue, 24 Nov 2020 23:14:46 GMT
server: cloudflare
etag: W/"929a8c891c19942cff6bd1f2f0e997b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: N3lSrfh6BPcCfbxoEVKC_yblDrjqWTsm
cache-control: public, max-age=31536000
cf-request-id: 06bf6f957700000eb35e1a3000000001
cf-ray: 5fac1b9bfa700eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 6585.577bd590.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 30ms
29ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6585.577bd590.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189ac6b4e8e9d2ed6a5d9f6b7bae5f6f72f80b8db10aaa944e42891e7b5c949a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549618
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DBEAA9DA8D9386EF
x-amz-id-2: xiz4VhaI0gXzAE77KUEOoB9hwgbN7NBMbinaGkHuYc40oob4tQf2qh5p9kvyzd0Cqq7CPj3Xt8Q=
last-modified: Wed, 25 Nov 2020 01:40:56 GMT
server: cloudflare
etag: W/"b329a6e074f218e3affb130e1fab891c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yDWPcggNc051ymoHy2aA83RTevx0mx6B
cache-control: public, max-age=31536000
cf-request-id: 06bf6f958400000eb3872c8000000001
cf-ray: 5fac1b9bfa8d0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 238.4eef5010.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 119 KB
33 KB 35ms
35ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/238.4eef5010.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0834746873c1735612ac9b0c5f7da3d42c983f086fd7eb891005cceb93429c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 490758
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8D57D528334F39CF
x-amz-id-2: Bju5I/Kwxu1oqEwqpqMjWqM+60+Eyin1nLfjvt0l4btU3F2DMi27hC4LI/0QSWzmhKm8s28yTS8=
last-modified: Wed, 25 Nov 2020 17:59:00 GMT
server: cloudflare
etag: W/"d51935c55a9d59a1b8c3c2309203674f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RWkJAf1.iGFYSHsTnCdD0eBVf84Kp_CL
cache-control: public, max-age=31536000
cf-request-id: 06bf6f957f00000eb35bb55000000001
cf-ray: 5fac1b9bfa900eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 3890.293c3bd1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
10 KB 32ms
31ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3890.293c3bd1.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571b2cbec52c4926a9344c8012553bdfd286dbe0fc5142027ff21b26d25fc76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51583
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0B135A863E5D2BB3
x-amz-id-2: ZTLVRLuCBB1Xr5zCtMwUOB43COODyXKHwUxzhXTMSJ9gRh8T9jozt7LVpw7CIk2Lc/GfiaQ5mYE=
last-modified: Mon, 30 Nov 2020 19:59:03 GMT
server: cloudflare
etag: W/"0f3000ac8f073bf2333ef5bcb81a1246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LFrZNEAzTuZgnzuIedg6RvJWzs_2XGb3
cache-control: public, max-age=31536000
cf-request-id: 06bf6f959200000eb363316000000001
cf-ray: 5fac1b9c1abd0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 3981.001ab26c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3981.001ab26c.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af4a8188ece57bc71daa046d0f437469aa30bdec3b73e970e87baec45fb7cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1186352
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5C16A4D9E82401B5
x-amz-id-2: 37UzEWKmcGAvQ547j+0knzHkLl3csYr2djQFh1MeH30Xt5HwedNczr+KxyRSj26TFfWWZP/cNzc=
last-modified: Tue, 17 Nov 2020 16:42:44 GMT
server: cloudflare
etag: W/"2e3f03206df219baa4cba06dca9ce87d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MSXM8v27LJkZWN4NDt4AvoxPLquM94y9
cache-control: public, max-age=31536000
cf-request-id: 06bf6f959b00000eb351176000000001
cf-ray: 5fac1b9c2ad90eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

GET
H2 200 Post.b670d793.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1001 B 23ms
22ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.b670d793.chunk.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa9c4b69929fbb25e3176266ef56aeda4d621cf66d6dfb059834c92e7c6d904

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 568273
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A33CACBBCAB470B9
x-amz-id-2: HHIMFhgwPy0c9VvLoIv18OmkFpLxmLvfDL6+4QJx9KCm7dT+cGWx5+C47EXPuDLrKhQATzItSE4=
last-modified: Tue, 24 Nov 2020 19:40:03 GMT
server: cloudflare
etag: W/"262d234180463b72858cc578f85cd992"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zB21BbxOEAmGcmW_a6Ayg_R5jzL4DgKZ
cache-control: public, max-age=31536000
cf-request-id: 06bf6f959b00000eb377bf6000000001
cf-ray: 5fac1b9c2adb0eb3-FRA
expires: Wed, 01 Dec 2021 10:26:04 GMT

POST
H2 200 graphql Show response
blog.huntresslabs.com/_/ 93 B
383 B 227ms
227ms Fetch
application/json 52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-225-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2b631da088298ffb7653f3eb6b1e319a6b222c9379cc9605a190d9bdbf037a63

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 42b8bcf37d8a7a71
Medium-Frontend-Path: /tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
Medium-Frontend-App: lite/main-20201201-010343-3c8b048983
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20201201-010343-3c8b048983
ot-tracer-spanid: 39f2c6d94c51b2d5

Response headers

date: Tue, 01 Dec 2020 10:26:05 GMT
sepia-upstream: medium
server: nginx
etag: W/"5d-QwBrcqJDw702K0bASN4NRtANU3M"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, rito/main-20201130-215411-06322a06bb, tutu/medium-43121
x-envoy-upstream-service-time: 108
content-length: 93
x-request-received-at: 1606818365529

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 48 KB
19 KB 103ms
36ms Script
application/x-javascript 13.35.253.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-82.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 02:51:05 GMT
Content-Encoding: gzip
Age: 27268
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Thu, 02 Apr 2020 00:28:20 GMT
Server: nginx
ETag: "5e8531a4-c079"
Content-Type: application/x-javascript
Via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: kIydYhMKNg1hrz7vfo2g01N4E3ZhosBqmQbWTp3jTYaQtqeFA3zKKg==
Expires: Wed, 02 Dec 2020 02:51:05 GMT

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 119ms
118ms Fetch
application/octet-stream 52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-225-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:05 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 19ms
18ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29d41315266bf22651ed4cda3c266fbc8fb1bc0002937fbef60b3fcfe655bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6f9a1d00002c2afd26b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1ba368862c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:05 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 61 KB
17 KB 26ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 948472
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 17086
cf-request-id: 06bf6f9bb10000061036179000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
etag: "5eb03fc1-f4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0VYKAS6j%2FQmRB3VjdVLQJEF6YHvCZHijwM%2FcDvkVj4nCjOab7EP5jQNIDwE%2BcGFirEDpWAerwaeGlccOKp5FcN3t1j2kCWn%2BZchamFWQzbcu7Ov56wyjR3HdjqUOyb9eAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fac1ba5ec960610-FRA
expires: Sun, 21 Nov 2021 10:26:06 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 78 KB
24 KB 108ms
42ms Script
text/javascript 143.204.89.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd?gi=a8e0fc2b7125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: c7Vvzbb8uKgHcC4eD_pqp123QB.GvKI.
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 19 Nov 2020 17:43:28 GMT
Server: AmazonS3
Age: 270
ETag: "d4ba055ba82c0baa510053e92eb83211"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Tue, 01 Dec 2020 10:21:36 GMT
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 23541
X-Amz-Cf-Id: YU4svOt5dKIDmb2kY3LYS5J0ecvMA6afmGW4S9zgFVgtNiUgBBu9ng==

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 118ms
118ms Fetch
application/octet-stream 52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-225-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:06 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 121ms
121ms Fetch
application/octet-stream 52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-225-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:06 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 a16180790160.html
a16180790160.cdn.optimizely.com/client_storage/ Frame E724 0
0 107ms
34ms Document
text/html 104.111.218.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.144 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-144.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a16180790160.cdn.optimizely.com
:scheme: https
:path: /client_storage/a16180790160.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Response headers

x-amz-id-2: Vzw+XnJsTQpXiK/KcSfHwF+hj1yQ7HZlCKwgOuy5Wz2NGxmobkoo+cjsuAvgQfJhYfTI3r8eh3w=
x-amz-request-id: 3ECC304D22D68ABD
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Nov 2020 17:54:06 GMT
etag: "db1a6fc3079ea3f9814261a4949d7f5b"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: 53ukBAFqSDdejn.KnCYuS5EHihiRyyTn
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 781
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Tue, 01 Dec 2020 10:26:06 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="13";dur=0,cdnip;desc="104.111.218.144";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 1*6Ty615ti71O2g97TP0AxbQ.png
miro.medium.com/max/1093/ 34 KB
34 KB 29ms
29ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1093/1*6Ty615ti71O2g97TP0AxbQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a199c8cfd1d51b610ec73cc657586c959ace2febc630d1481d036049337b66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3304
x-envoy-upstream-service-time: 173
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 34595
cf-request-id: 06bf6f9ded00000eb32d098000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1ba97af00eb3-FRA
expires: Thu, 31 Dec 2020 10:26:06 GMT

GET
H2 200 1*SwPP7Qnr548RZgbMZR8EUA.png
miro.medium.com/max/1198/ 1 MB
1 MB 57ms
56ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1198/1*SwPP7Qnr548RZgbMZR8EUA.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7127bf7cc9ad4e983aa52574cce471c81317cd10c5cc663a9b8afdb4ed08c215

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13624
x-envoy-upstream-service-time: 125
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1083076
cf-request-id: 06bf6f9dee00000eb3193b4000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1ba97af20eb3-FRA
expires: Thu, 31 Dec 2020 10:26:07 GMT

GET
H2 200 1*_TPY6BowD1l6K-FuztN1Vw.png
miro.medium.com/max/753/ 165 KB
165 KB 24ms
24ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/753/1*_TPY6BowD1l6K-FuztN1Vw.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34895e99c0b4f6b864504f51629f132bb39e5e9ed75ad6410d0c4909c34b5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13612
x-envoy-upstream-service-time: 698
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 168675
cf-request-id: 06bf6f9dee00000eb380096000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1ba97af30eb3-FRA
expires: Thu, 31 Dec 2020 10:26:06 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
742 B 184ms
168ms Script
text/javascript 2600:9000:20eb:b600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.57.1&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:b600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

605817b4d5fd058853ffe12dc561be62f7caf269e95b5e769113b2e771d58df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 10:26:07 GMT
Via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty
X-Amz-Cf-Pop: FRA2-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-T1Bfja9cn/t1EOwP7PT08lpes74"
X-Amz-Cf-Id: V9mPxd6_mofBjJI6v59GmLgZ30tJzlog-1Hvn9zs90BjaqSYNGWFuQ==

GET
H/1.1 200
OK /
srv-2020-12-01-10.pixel.parsely.com/plogger/ 43 B
229 B 434ms
109ms Image
image/gif 54.174.23.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-12-01-10.pixel.parsely.com/plogger/?rand=1606818367038&plid=77973806&idsite=medium.com&url=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fblog.huntresslabs.com%2Ftried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd&sref=&sts=1606818367020&slts=0&title=Tried+and+True+Hacker+Technique%3A+DOS+Obfuscation+%7C+by+John+Hammond+%7C+Nov%2C+2020+%7C+Huntress&date=Tue+Dec+01+2020+11%3A26%3A07+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&js=1&pvid=69350294&u=pid%3D910f2e040e6793ffd5d0be68826963d1
Requested by: Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.23.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-23-13.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 10:26:07 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 1*6Ty615ti71O2g97TP0AxbQ.png
miro.medium.com/max/700/ 92 KB
92 KB 23ms
22ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*6Ty615ti71O2g97TP0AxbQ.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36efb6ec136836ace7e2e65c413c1426ec2d57fa5280845d15cfd8d37f02915

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3304
x-envoy-upstream-service-time: 233
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 93827
cf-request-id: 06bf6f9e5a00000eb381212000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1baa2c800eb3-FRA
expires: Thu, 31 Dec 2020 10:26:07 GMT

GET
H2 200 1*_TPY6BowD1l6K-FuztN1Vw.png
miro.medium.com/max/700/ 179 KB
179 KB 27ms
27ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*_TPY6BowD1l6K-FuztN1Vw.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3a947be2918a72dddb09e6b3b2b1d2fb4eb3435163ff6bccf5db46789ae960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13613
x-envoy-upstream-service-time: 945
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 183078
cf-request-id: 06bf6f9e5a00000eb3633ec000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1baa2c820eb3-FRA
expires: Thu, 31 Dec 2020 10:26:07 GMT

GET
H2 200 1*SwPP7Qnr548RZgbMZR8EUA.png
miro.medium.com/max/700/ 343 KB
343 KB 25ms
25ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*SwPP7Qnr548RZgbMZR8EUA.png

Requested by

Host: blog.huntresslabs.com
URL: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3c608008784f5d078945e9b46bde4a42aa50a9f19c33195fe7dee97f67c78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13613
x-envoy-upstream-service-time: 607
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 351188
cf-request-id: 06bf6f9e6e00000eb350be5000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5fac1baa4ccd0eb3-FRA
expires: Thu, 31 Dec 2020 10:26:07 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
641 B 184ms
169ms XHR
application/json 2600:9000:214f:5200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f2de7abd6c5f4b9c10f79e60fc223e673d3b724defecb1bc80d427a15541b4c

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 9b85e2babab14ad6975f977ca19f5906-2020120110
content-length: 312
x-amz-cf-id: WnZjp4KD-sxtYobL_64-YZ3c4nDpFCYFJU3cNqsvMMzZMfm6FOeoPg==

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 140ms
111ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-cache-status: DYNAMIC
cf-request-id: 06bf6f9f6000000b5f72a1d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z2JKhJzYzlutFn9C29N8IIVz7DHcNHVpl2I4XVMcU5DqdvpeeToN%2BLc9AHpJhzx1F1qyAB2qjEjdsFe8WRaBJKR8HDhykUXSkKxie25KMMsHtDhVIKz98zzD1cw8xhhtpZmrDrA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1babca910b5f-AMS

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
387 B 112ms
111ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e2342eed6b51923a8e4ce37a9c09b18cf4cd2e22c03baef248fb132546a17f

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Cy7kYWp6LPIdmmuXjhWwai0pIlMIBat4BxUGWUPFmkFNW453KyYrhNqk9lbdaaXfrgAby8chk%2FBE50Iwcy3it5hYIG%2B017W9Axe%2BmwoqqpqYRJGM8ruxnm2xzXBBjRxIWdjRuc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1bac7c360b5f-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6f9fcf00000b5f83a93000000001

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
579 B 176ms
176ms XHR
application/json 2600:9000:214f:5200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:5200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

52801b0894672706591baa59e7ac4f5a5346968a8a0fbe373b8d1e6d3c537af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: e17003b0f647448ea5b30bd4c8e8c943-2020120110
content-length: 180
etag: W/"b4-yXSpLtn5h3Gh8pnPxyHUYHK3jik"
x-amz-cf-id: MBcaOUY7FD8V5_BN0BNNQ7P-IkfuNNCfh1X_goNdjnWz-5mq1_OGlg==

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 153ms
153ms Fetch
application/json 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 01 Dec 2020 10:26:07 GMT
content-length: 2
content-type: application/json

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ Frame 0
0 264ms
87ms Other 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b900:2edd:c3ca:8973:80e9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
366 B 438ms
110ms XHR
text/plain 52.200.116.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.116.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-116-103.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 01 Dec 2020 10:26:07 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://blog.huntresslabs.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 1640c6fa-c7a8-465d-91b1-7e4fe9d79129

POST
H2 200 /
blog.huntresslabs.com/_/clientele/reports/performance/ 0
0 123ms
123ms Fetch
application/octet-stream 52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-225-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, clientele/main-20201120-201559-2db985e3f3
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
403 B 359ms
358ms XHR
application/json 2600:9000:214f:5200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:26:07 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: eb4ad67064e94e0f80124401472b1259-2020120110
content-length: 28
x-amz-cf-id: z-g1jc59sLmSQ8wi2WNnibuo8rVoeCMjYNGqAqz4GszIjZdYHRCKUg==

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
487 B 112ms
112ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a5fc76b6aa724e2fc36aade8ee785b707d26bda1f41cf62af342973ca4b224b

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4M8j3VKG2j%2F7r6sAdMC6q0WeBy0E3TFaFTBlo2vbpz%2FRRMT1Lzkn3s5j2NERNX0Wwje3J2JlwKogcfinE%2BrVjrUGPecF82H21VZCBzfd3G%2BRRq8IkraRBZclvTwqvBR%2BIoEfLAo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
cf-ray: 5fac1bb06d230b5f-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6fa24400000b5f31102000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 118ms
118ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 06bf6fa1cc00000b5f310f6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cd9O03EcYbXqxr%2FRC2LgwbyspzLZMrerZYAAsqnLnQcf9eymVMSOogGcjb3LLDjpVjuoN24jDte775NiBVp%2BUkQ7tbYalxeV4eipvRM3eguAMIn5eVQ0T4%2BWPs6HHY73QCf0W94%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1bafab300b5f-AMS

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
403 B 173ms
173ms XHR
application/json 2600:9000:214f:5200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 071ac9fec0854448bdf259195f1fddb4-2020120110
content-length: 28
x-amz-cf-id: nvThBWxZSRaxpxHoBbykszeYxnseRNOwtoMp1RbScTcfaUIdgGJWBA==

POST
H2 200 graphql Show response
blog.huntresslabs.com/_/ 282 B
573 B 201ms
200ms Fetch
application/json 52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-225-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 29d88a4c797782f5494e9a76f78a58e0adfe54b883f8b1657e86a67f594e0cf5

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 42b8bcf37d8a7a71
Medium-Frontend-Path: /tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Graphql-Operation: PostResponsesQuery
content-type: application/json
accept: */*
Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
Medium-Frontend-App: lite/main-20201201-010343-3c8b048983
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20201201-010343-3c8b048983
ot-tracer-spanid: 39f2c6d94c51b2d5

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
sepia-upstream: medium
server: nginx
etag: W/"11a-mo/bu1nNNfkJpx7YM8yRoVaqm2U"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb, rito/main-20201130-215411-06322a06bb, tutu/medium-43121
x-envoy-upstream-service-time: 82
content-length: 282
x-request-received-at: 1606818368065

GET
H2 200 responses.editor.f30a6fce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.f30a6fce.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.acdc9674.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000866562331ee0f5d1e9ba8b22a4c882e1b71edf9843fc627949dcee336f162

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 564463
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7E767C022BD1C248
x-amz-id-2: svPE78qoknnwQhRwg+HoQSZVOEVl//a8dfxvmZZLE9noOodUwxMyT29s5rmxTeN3AhTB7IsDTxo=
last-modified: Tue, 24 Nov 2020 19:38:46 GMT
server: cloudflare
etag: W/"2114c6993318b32c199f79d88765db36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: IlKW_U35gAGnuHkC31xaeOo0FvzGPTMd
cache-control: public, max-age=31536000
cf-request-id: 06bf6fa2d600000eb31738e000000001
cf-ray: 5fac1bb15db80eb3-FRA
expires: Wed, 01 Dec 2021 10:26:08 GMT

GET
H2 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 19ms
18ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d89fe2a311259082cd33278005e53e6e1da24c19665a9fcf832005f615808bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.huntresslabs.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66392
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06bf6fa2e100002c2a7425c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5fac1bb16ab12c2a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 01 Dec 2021 10:26:08 GMT

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
372 B 153ms
153ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffe4cab84315204cd425a4a90179490a0f5d8c2d0a91d1371133519c3e0f71b2

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nLh%2B01HFzj%2F0AH2kddlcgu%2FiAc175T36m6xuTA571KiFIQvp%2Bcv51ek%2BhRBWnF5j50nb4MoYrF%2BRJzFfQ5kKKKCjaQ91CA5kzIQoyyYpIEelNDrN3DVw1u29qDgJURy24Ef35Ok%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1bb458410b5f-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6fa4b900000b5f3029c000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 107ms
106ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:26:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 06bf6fa44d00000b5f29078000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FW8mg7l7XYcWILg7F8m4yji9uFkl%2BO7cqH8%2FLtoJjnh5SYssZpI%2BWsnwBrLVGod4ks4nF56V9B9Xb8zf00UyC0%2F2VDb33ObtweWzH0NEQXttohk%2FKKJhwKz6jMfqhOmTnhSFX%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1bb3ae940b5f-AMS

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
613 B 111ms
111ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb46b5b46d7d03ea7d44d386f197b08c41b470ba5d4e218ebdb2ddcd64033a9

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t%2BeH1Z6QxNhrV1rteat1TE7Lk%2F9Dr8FYuOPNdK4jB85EwhBM83DNZeaCQxrjVDGyg4F%2F2LMc%2B9GMUqbL35ou0VhojSLRJqvtiFC6koNpExw%2Fx3fl38pacd0Xex1z%2BFIt1GqltzY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1bb7ea800b5f-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6fa6ef00000b5f290c3000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 111ms
111ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:26:09 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 06bf6fa68000000b5f33350000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eLLcX1GNhsCHYeAemR1UHImw%2BhVtWVUubKXQPtq%2BCypR%2BSYRMnD7P%2F%2BHDOjmt7R25j2wvh5Nf8%2BoQaz26eeaeQwjd%2FgW9p3Kdw7XNJpyqXvDD7k01hey%2Bza%2Bs9DqBlj8DAzVbeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1bb7390c0b5f-AMS

POST
H2 200 batch Show response
blog.huntresslabs.com/_/ 17 B
245 B 265ms
265ms Fetch
application/json 52.4.225.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.huntresslabs.com/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.225.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-225-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:10 GMT
medium-fulfilled-by: valencia/main-20201130-215411-06322a06bb
x-envoy-upstream-service-time: 141
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 109ms
109ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://blog.huntresslabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Dec 2020 10:26:11 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 06bf6faf7100000b5f35ad8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=06Fj66nEjvlm7V%2B7W9d0qUTIZ7WJHBTlXZ6odLy2OgqUDGEvRnHvREjOGgJG3EZAC7fTAX4B3XnTn2dVk34MJrO2GQe0j4F9fyYCsj3TDuY76i2c73geSe2hAj7kRJalGfOdlSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fac1bc58d040b5f-AMS

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
389 B 118ms
118ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/8705.537fdf35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34fa078adb6ac32185b7fc2d675426d67c9f0e42ce386b809db3760116dc8664

Request headers

Referer: https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Dec 2020 10:26:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TleCjUsZv%2F8V9ZBtzSEscCJc%2F64tU6pLQ5VI3VYBcfEjqd8eX1XxNHg0S5HrIwQb1%2BdomCd%2F%2F15qRVTBTatVfdUsSPDNK1aI4iQAFFsIV3CeKp%2BOMPNjzoZzkRyDtYaG7ICBSkI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5fac1bc62e6e0b5f-AMS
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 06bf6fafde00000b5f350d7000000001

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.huntresslabs.com/	1970-01-19 14:20:20	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd%22%2C%22sref%22:%22%22%2C%22sts%22:1606818367020%2C%22slts%22:0}
blog.huntresslabs.com/	1970-01-19 14:30:23	Name: lightstep_session_id Value: 02ab92823ec01467
.huntresslabs.com/	1970-01-19 14:20:18	Name: _gat Value: 1
.huntresslabs.com/	1970-01-20 07:51:30	Name: _ga Value: GA1.2.1076928947.1606818364
blog.huntresslabs.com/	1970-01-19 14:30:23	Name: lightstep_guid/lite-web Value: 4c550a6e0fa22765
blog.huntresslabs.com/	1970-01-19 23:05:54	Name: optimizelyEndUserId Value: lo_2d4ea9fd97aa
.huntresslabs.com/	1970-01-19 14:21:44	Name: _gid Value: GA1.2.940561326.1606818364
blog.huntresslabs.com/	1970-01-19 23:05:54	Name: sid Value: 1:kKgHBSzdwVED0jvT8KzL0dYPt4bmEga4hkAh2EYSqunkpqiYQ3jkHEFMSECFEMAw
.huntresslabs.com/	1970-01-19 23:49:42	Name: _parsely_visitor Value: {%22id%22:%22pid=910f2e040e6793ffd5d0be68826963d1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1606818367020}
.huntresslabs.com/	1970-01-19 18:39:30	Name: optimizelyEndUserId Value: lo_2d4ea9fd97aa
blog.huntresslabs.com/	1970-01-19 23:05:54	Name: uid Value: lo_2d4ea9fd97aa

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.9b87b49d.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	allow-from medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a16180790160.cdn.optimizely.com
api2.branch.io
app.link
blog.huntresslabs.com
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
cdnjs.cloudflare.com
d1z2jf7jlzjs58.cloudfront.net
glyph.medium.com
lightstep.medium.systems
logx.optimizely.com
medium.com
miro.medium.com
srv-2020-12-01-10.pixel.parsely.com
www.google-analytics.com
104.111.218.144
13.35.253.82
143.204.89.2
2600:1f18:24e6:b900:2edd:c3ca:8973:80e9
2600:9000:20eb:b600:19:9934:6a80:93a1
2600:9000:214f:5200:11:f728:3040:93a1
2606:4700::6810:125e
2606:4700::6810:7591
2606:4700::6810:7c7f
2606:4700:e2::ac40:8a24
2a00:1450:4001:824::200e
2a02:26f0:6c00:2a0::13b8
52.200.116.103
52.4.225.124
54.174.23.13
000866562331ee0f5d1e9ba8b22a4c882e1b71edf9843fc627949dcee336f162
05a7dcabcc1bde6b5b7d90eca8e955d02b7b4edb967d68f0c3ca69cb70ce5c09
0eb2f8591bf82b158baed4b3df098f534abe34facad67d2d4089a0cd0ebc27fc
1422f4481001a4b056cb5eb392f37a870c27b6dd8699d76339693171f861dd6c
189ac6b4e8e9d2ed6a5d9f6b7bae5f6f72f80b8db10aaa944e42891e7b5c949a
19e2342eed6b51923a8e4ce37a9c09b18cf4cd2e22c03baef248fb132546a17f
1a8e1bdc1cf7180514bd05280615b4fa921e306cdd3d52bc04e7d96f4b94ee4b
1ff0062c9941bbb37fef46b01a764f394f912a5c32f243e7b83f68d2e2a4c45e
29d88a4c797782f5494e9a76f78a58e0adfe54b883f8b1657e86a67f594e0cf5
2b631da088298ffb7653f3eb6b1e319a6b222c9379cc9605a190d9bdbf037a63
2e5b87d5599d46165267a954b9c301e780c0fb3dfc1a67cdefc30c893e5a7dd0
2e7fdfacc4e27e4fff3082c27b10bbc44bca8ecb2f0997479f274945f3db046f
34fa078adb6ac32185b7fc2d675426d67c9f0e42ce386b809db3760116dc8664
3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0
364f6c75955774aebff7e991251b546bc3be8bd6b8c2ec6992093954d2880ad1
387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3
3985530cca8fee2517132a65973535519fdb04a6909a724e72d915117f64a933
3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c
3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb
40ac6fe649aa853633a57ab2ec0710a69fff6c8be308aae4aad815fb0deacc97
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4517fcc6a48b5aaeffa03c10355d940ac8eae23c2cf3a084236ec81d00f5c731
4cdc0d6a177fee9c9b7e878073d2e6643c9df2c2bbd200f40e4d69d9dd99d3ff
4d86f6376b7093cad80381bdbb47a15083da4e39fe2824597fb472cafff39265
521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019
52801b0894672706591baa59e7ac4f5a5346968a8a0fbe373b8d1e6d3c537af8
559b03b627bb2a5cfa4390b674bdca59d21dfacfc9eea75a3e60d30382685d0b
571b2cbec52c4926a9344c8012553bdfd286dbe0fc5142027ff21b26d25fc76f
5bfdf5bcbd4190fae04b2917aaea593bd3b8d94ddf83e5920ec43561f229a911
5d763c16430d1b2bcf5bce9ccd775da63565aff441188d0f6f43346d7aa0125d
605817b4d5fd058853ffe12dc561be62f7caf269e95b5e769113b2e771d58df9
60f518c4f68845a3a5927592ebf038d67343b43aa8c4478ac08d27eb53300419
62b5dfcf7005f076e5109792efcc0073d9fa704322b739d5a21a59383962da16
63ab6ef08adb3d2774fd7cbfa6d3b3674772f0f25da1b6e277ee27faa36817a5
6466f6c63fc6762dafcdab568fc0ba0fd6888964894962c7fd2e2fcacd049632
657f85f1f717dfcf71d54955f08094c8f627c55434576788f1fc5a9139c139d5
69fe1932aee01b8f2dd7e1e6b2a8855823b5d1dc105b7ece0ca2ea52d0f2589b
6af4a8188ece57bc71daa046d0f437469aa30bdec3b73e970e87baec45fb7cbf
7127bf7cc9ad4e983aa52574cce471c81317cd10c5cc663a9b8afdb4ed08c215
73514d2935414357d01b7dd044fa60f60e09a4d042c635bb501c8a18dc34d748
7886e0489f83052da46abf4683899d44b8fe057cd74877415952ae20a874a740
7a199c8cfd1d51b610ec73cc657586c959ace2febc630d1481d036049337b66f
7f2de7abd6c5f4b9c10f79e60fc223e673d3b724defecb1bc80d427a15541b4c
82a83255ce888723b163f1e95d1a2f7b6d7e2a241aaaa910ab6a311c9b009176
853cb1692f14bfc48f727e3df77c2e7b1b90148d177f6b29b0568889b5c99cf7
87964eb6355d30f094783ac455d82db486e8708f4173849e9877816b99b34463
8a5fc76b6aa724e2fc36aade8ee785b707d26bda1f41cf62af342973ca4b224b
8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
92a54050b72f702187bfbfca6be8216d42a8ab3d41561c79a30c9072d928df4d
93e2bdab31c9b4426963c8a650f70d7949866a4183bc4d92f0748167387c70c4
945265fc049de4e7c7240b6a9d3d5b2d924d894cea9cbf9a326822fda82528e4
986bc1611e70a77171c4eb0f4cb97704e8e5213a1887cc97c1d2a65222cc2719
9c7eaa5bb774e38aefe57a609919b7ccb17a04ed6814b4f393813c459e1e34af
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a36efb6ec136836ace7e2e65c413c1426ec2d57fa5280845d15cfd8d37f02915
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a43927eb145c7567726c39d80ead36af48e7361fbcbe694a6a1547b1caab03cd
a6b01d33c6e2769909fd8f9c98c2ff5baeddd97018283bb69277254bf2f4a50a
a77af1069d7c8977e9150bbadd688736c38a51f37e47b7081e873cadabbda138
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a939d4d689b48d14f71cd65a597c64e139b37b4fb3b9c8347f38a7bd743918f7
a95c2d1819e4bc6d85452583779766ee4ad70cf9a9796ce5bae59ca402c97412
ac1de75b338674502d461c30831f74d7b3ce3188e4c9079971325b86f2fd6574
ac9017980afd649d3aa1245d7fcfa6c649dc837f75148c8a1734751a0ddacaba
ae3f007d404f170174f9a55d9860a17f7de63dacb881568d50042759316c2ca3
b4262a3cd34acac878ec9d934916863a4e79daebd8d6ab56865abcdea4305258
c290ad72854fbe941062590695d72b90a25a8dc5856cd4c418bb69f14e918d5c
c29d41315266bf22651ed4cda3c266fbc8fb1bc0002937fbef60b3fcfe655bb8
c771333a7ff915d044d909b4934c00ed1d37502f12083cdff379b23f7a7adffd
c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737
ce3c608008784f5d078945e9b46bde4a42aa50a9f19c33195fe7dee97f67c78e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0834746873c1735612ac9b0c5f7da3d42c983f086fd7eb891005cceb93429c7
d1cf57b09a005b072eaeaac7afa0eadc241b3f37119e919c5b321d180ede1d6f
d22c4a9b9a7e6f5285b1555fa5041b0c809bdcaae42ac7ed733eecec9e00c10e
d34895e99c0b4f6b864504f51629f132bb39e5e9ed75ad6410d0c4909c34b5d8
d3a947be2918a72dddb09e6b3b2b1d2fb4eb3435163ff6bccf5db46789ae960e
d89fe2a311259082cd33278005e53e6e1da24c19665a9fcf832005f615808bf7
d9f4969854fa4004e00ddf84c2ca5ada59216aef292c3f6e7a5b1a73d90646f9
dccd53f97210b2d324484de530c8ffcbf41ebc6bf65682b000f967dcddbe00ea
dfb46b5b46d7d03ea7d44d386f197b08c41b470ba5d4e218ebdb2ddcd64033a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e460ff9134a80b4745d13464f518042d06fac2d9298b2ee35147fa7a6e3ee469
e543d83cad5f3e4973f7bb52280a9a1722a20ef3d71c4b99b7a7b60770bb2ac8
e8138c096e0fe75403f6c983d40d1867ffe44f231422bd4b66b19e02bdaf3f84
ecfd67952d341851f49558fd5b3314f9c54869c362801f51552e1a9df07c8ba8
ed08fb474169940e30e7861510226dd49b64853fb29496c2d304fcec88351ad0
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62
ffa9c4b69929fbb25e3176266ef56aeda4d621cf66d6dfb059834c92e7c6d904
ffe4cab84315204cd425a4a90179490a0f5d8c2d0a91d1371133519c3e0f71b2

blog.huntresslabs.com Open in urlscan Pro 52.4.225.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

100 %HTTPS

60 %IPv6

11 Domains

17 Subdomains

14 IPs

4 Countries

2978 kBTransfer

4996 kBSize

11 Cookies

40 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.huntresslabs.com Open in urlscan Pro
52.4.225.124 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

17
Subdomains

14
IPs

4
Countries

2978 kB
Transfer

4996 kB
Size

11
Cookies

108 HTTP transactions
0 data transactions