securitybytes.io Open in urlscan Pro
52.4.240.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
Effective URL:
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
Submission: On November 16 via api (November 16th 2020, 7:36:48 pm UTC) from US

Summary HTTP 141 Redirects Links 70 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 141 HTTP transactions. The main IP is 52.4.240.221, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is securitybytes.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 16th 2020. Valid for: a year.

This is the only time securitybytes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	52.4.240.221 52.4.240.221	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6810:787f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:284::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
104	2606:4700::68... 2606:4700::6810:7991	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	13.226.156.112 13.226.156.112	16509 (AMAZON-02) (AMAZON-02)
1	13.226.132.83 13.226.132.83	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.144 104.111.218.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:7600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.228.206.191 34.228.206.191	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:218... 2600:9000:2182:8200:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.210.102.70 3.210.102.70	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700:e2:... 2606:4700:e2::ac40:8a24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1	14618 (AMAZON-AES) (AMAZON-AES)
141	14

9 52.4.240.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-240-221.compute-1.amazonaws.com

securitybytes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:787f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:284::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

104 2606:4700::6810:7991 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-112.dus51.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-83.dus51.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.144 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-144.deploy.static.akamaitechnologies.com

a16180790160.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.206.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-206-191.compute-1.amazonaws.com

srv-2020-11-16-19.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2182:8200:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.102.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-102-70.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:e2::ac40:8a24 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
105	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	1 MB
10	medium.systems lightstep.medium.systems	2 KB
9	securitybytes.io 1 redirects securitybytes.io	53 KB
5	branch.io cdn.branch.io api2.branch.io	25 KB
4	bugsnag.com sessions.bugsnag.com	251 B
3	optimizely.com cdn.optimizely.com a16180790160.cdn.optimizely.com logx.optimizely.com	93 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
2	google-analytics.com www.google-analytics.com	19 KB
1	parsely.com srv-2020-11-16-19.pixel.parsely.com	229 B
1	app.link app.link	738 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	19 KB
141	11

	Domain	Requested by
61	miro.medium.com	securitybytes.io
32	cdn-client.medium.com	securitybytes.io cdn-client.medium.com
11	glyph.medium.com	securitybytes.io glyph.medium.com
10	lightstep.medium.systems	cdn-client.medium.com
9	securitybytes.io	1 redirects cdn-client.medium.com
4	api2.branch.io	cdn.branch.io
4	sessions.bugsnag.com	cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	www.google-analytics.com	securitybytes.io www.google-analytics.com
1	logx.optimizely.com	cdn.optimizely.com
1	srv-2020-11-16-19.pixel.parsely.com	securitybytes.io
1	app.link	cdn.branch.io
1	a16180790160.cdn.optimizely.com	cdn.optimizely.com
1	cdn.branch.io	securitybytes.io
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	cdn.optimizely.com	securitybytes.io
1	medium.com	1 redirects
141	17

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
technet.microsoft.com
msdn.microsoft.com
en.wikipedia.org
www.amazon.co.uk
posts.specterops.io
kofiamankwaajr.medium.com
littlefield.co
about.medium.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
securitybytes.io Sectigo RSA Domain Validation Secure Server CA	`2020-11-16` - `2021-11-16`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2020-08-19` - `2022-10-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
appipv4.link Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-09-28` - `2020-12-27`	3 months	crt.sh
logx.optimizely.com Amazon	`2020-09-21` - `2021-10-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
Frame ID: 4A7CA0029A25F53F043F7DF17FE2F2FD
Requests: 132 HTTP requests in this frame

Frame: https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html
Frame ID: 24AD5AB7345A7B04EB8A578073BF8D12
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fun... HTTP 302
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

141
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

17
Subdomains

14
IPs

4
Countries

1427 kB
Transfer

3388 kB
Size

11
Cookies

70 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----759fe15965e2--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_page-----759fe15965e2---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F759fe15965e2&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----759fe15965e2--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_page-----759fe15965e2---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=responses-----759fe15965e2---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/@matheenl?source=responses-----759fe15965e2----0----------------------------
Title: Matheenl Labeeb

Search URL Search Domain Scan URL

URL: https://medium.com/@matheenl/hey-pete-bfff9057a3e3?source=responses-----759fe15965e2----0----------------------------
Title: 7 months ago

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fp%2Fbfff9057a3e3&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=responses-----bfff9057a3e3----0-----------------respond_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@matheenl/hey-pete-bfff9057a3e3?responsesOpen=true&source=responses-----759fe15965e2----0----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@C_h4ck_0?source=responses-----759fe15965e2----1----------------------------
Title: Nir Chako

Search URL Search Domain Scan URL

URL: https://medium.com/@C_h4ck_0/hey-pete-7374facabfce?source=responses-----759fe15965e2----1----------------------------
Title: over 2 years ago

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fp%2F7374facabfce&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=responses-----7374facabfce----1-----------------respond_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@C_h4ck_0/hey-pete-7374facabfce?responsesOpen=true&source=responses-----759fe15965e2----1----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@kishorekumarboddula?source=responses-----759fe15965e2----2----------------------------
Title: Kishore Kumar Boddula

Search URL Search Domain Scan URL

URL: https://medium.com/@kishorekumarboddula/thanks-pete-for-the-article-is-there-a-part-3-to-this-88856578a116?source=responses-----759fe15965e2----2----------------------------
Title: over 1 year ago

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fp%2F88856578a116&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=responses-----88856578a116----2-----------------respond_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@kishorekumarboddula/thanks-pete-for-the-article-is-there-a-part-3-to-this-88856578a116?responsesOpen=true&source=responses-----759fe15965e2----2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@oldmanpete?source=post_page-----759fe15965e2--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Ff238fe8b4dda&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_page-f238fe8b4dda----759fe15965e2---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-gb/sysinternals/bb842062
Title: https://technet.microsoft.com/en-gb/sysinternals/bb842062

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/windows/hardware/drivers/gettingstarted/user-mode-and-kernel-mode
Title: User mode and kernel modeUser mode and kernel modeUser mode and kernel modemsdn.microsoft.com

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Session_Manager_Subsystem
Title: Session Manager Subsystem — WikipediaSession Manager Subsystem, or smss.exe, is a component of the Microsoft Windows NT family of operating systems…en.wikipedia.org

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Winlogon
Title: Winlogon — WikipediaWinlogon sets the protection of the window station and corresponding desktops to ensure that each is properly…en.wikipedia.org

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Control-Alt-Delete
Title: Ctrl+Alt+Delete

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-gb/library/cc939862.aspx
Title: https://technet.microsoft.com/en-gb/library/cc939862.aspx

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Client/Server_Runtime_Subsystem
Title: Client/Server Runtime Subsystem - WikipediaClient/Server Runtime Subsystem, or csrss.exe, is a component of the Windows NT family of operating systems that…en.wikipedia.org

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Service_Control_Manager
Title: Service Control Manager - WikipediaService Control Manager ( SCM) is a special system process under the Windows NT family of operating systems, which…en.wikipedia.org

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Svchost.exe
Title: svchost.exe - Wikipediasvchost.exe ( Service Host, or SvcHost) is a system process that hosts multiple Windows services in the Windows NT…en.wikipedia.org

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Local_Security_Authority_Subsystem_Service
Title: Local Security Authority Subsystem Service - WikipediaLocal Security Authority Subsystem Service ( LSASS) is a process in Microsoft Windows operating systems that is…en.wikipedia.org

Search URL Search Domain Scan URL

URL: https://www.amazon.co.uk/Windows-Internals-Part-Developer-Reference/dp/0735648735
Title: Windows Internals, Part 1: Covering Windows Server 2008 R2 and Windows 7 (Developer Reference…Buy Windows Internals, Part 1: Covering Windows Server 2008 R2 and Windows 7 (Developer Reference (Paperback)) by Mark…www.amazon.co.uk

Search URL Search Domain Scan URL

URL: https://www.amazon.co.uk/Art-Memory-Forensics-Detecting-Malware/dp/1118825098/ref=sr_1_1?s=books&ie=UTF8&qid=1489450693&sr=1-1&keywords=the+art+of+memory+forensics
Title: The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac MemoryBuy The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory by Michael Hale Ligh…www.amazon.co.uk

Search URL Search Domain Scan URL

URL: https://www.amazon.co.uk/Incident-Response-Computer-Forensics-Third/dp/0071798684/ref=sr_1_1?ie=UTF8&qid=1489450725&sr=8-1&keywords=incident+response+and+computer+forensics
Title: Incident Response & Computer Forensics, Third EditionBuy Incident Response & Computer Forensics, Third Edition by Jason T. Luttgens, Matthew Pepe, Kevin Mandia (ISBN…www.amazon.co.uk

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fsecuritybytes%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fsecuritybytes%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_sidebar-----759fe15965e2---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_sidebar-----759fe15965e2---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fsecuritybytes%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_actions_footer-----759fe15965e2---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@oldmanpete?source=follow_footer-------------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Ff238fe8b4dda%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=follow_footer-f238fe8b4dda-------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fsecuritybytes%2F759fe15965e2&operation=register&redirect=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&source=follow_footer--------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/iron-bastion/five-ways-to-detect-phishing-emails-9466f4dd2c04?source=post_internal_links---------0----------------------------
Title: Five ways to identify phishing emails

Search URL Search Domain Scan URL

URL: https://medium.com/@gszathmari?source=post_internal_links---------0----------------------------
Title: Gabor Szathmari

Search URL Search Domain Scan URL

URL: https://medium.com/iron-bastion?source=post_internal_links---------0----------------------------
Title: Iron Bastion

Search URL Search Domain Scan URL

URL: https://medium.com/@igormcoelho/configuring-bazel-build-with-gnu-c-c-on-windows-e27b2c66bed6?source=post_internal_links---------1----------------------------
Title: Configuring Bazel Build with GNU C/C++ on Windows

Search URL Search Domain Scan URL

URL: https://medium.com/@igormcoelho?source=post_internal_links---------1----------------------------
Title: Igor Machado

Search URL Search Domain Scan URL

URL: https://medium.com/threat-intel/what-is-living-off-the-land-ca0c2e932931?source=post_internal_links---------2----------------------------
Title: What is Living off the Land?

Search URL Search Domain Scan URL

URL: https://medium.com/@threatintel?source=post_internal_links---------2----------------------------
Title: Threat Intel

Search URL Search Domain Scan URL

URL: https://medium.com/threat-intel?source=post_internal_links---------2----------------------------
Title: Threat Intel

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/putting-sysmon-v9-0-and-or-grouping-logic-to-the-test-c3ec27263df8?source=post_internal_links---------3----------------------------
Title: Putting Sysmon v9.0 AND/OR Grouping Logic to the Test

Search URL Search Domain Scan URL

URL: https://medium.com/@Cyb3rWard0g?source=post_internal_links---------3----------------------------
Title: Roberto Rodriguez

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/?source=post_internal_links---------3----------------------------
Title: Posts By SpecterOps Team Members

Search URL Search Domain Scan URL

URL: https://medium.com/@wan0net/blue-team-cyber-anxiety-a41273c07ee3?source=post_internal_links---------4----------------------------
Title: Blue Team Cyber Anxiety

Search URL Search Domain Scan URL

URL: https://medium.com/@wan0net?source=post_internal_links---------4----------------------------
Title: Iain Dickson

Search URL Search Domain Scan URL

URL: https://kofiamankwaajr.medium.com/gamers-diary-why-i-never-buy-consoles-at-launch-efd521e6bb21?source=post_internal_links---------5----------------------------
Title: Gamer’s Diary: Why I Never Buy Consoles at Launch

Search URL Search Domain Scan URL

URL: https://kofiamankwaajr.medium.com/?source=post_internal_links---------5----------------------------
Title: Kofi Amankwaa Jr.

Search URL Search Domain Scan URL

URL: https://littlefield.co/threes-a-crowd-new-trickbot-emotet-ryuk-ransomware-16d1e25f72f4?source=post_internal_links---------6----------------------------
Title: Three’s a crowd: New Trickbot, Emotet & Ryuk Ransomware

Search URL Search Domain Scan URL

URL: https://medium.com/@Littl3field?source=post_internal_links---------6----------------------------
Title: Littl3field

Search URL Search Domain Scan URL

URL: https://littlefield.co/?source=post_internal_links---------6----------------------------
Title: Littl3field

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/enter-mordor-pre-recorded-security-events-from-simulated-adversarial-techniques-fdf5555c9eb1?source=post_internal_links---------7----------------------------
Title: Enter Mordor 😈: Pre-recorded Security Events from Simulated Adversarial Techniques 🛡

Search URL Search Domain Scan URL

URL: https://medium.com/@Cyb3rWard0g?source=post_internal_links---------7----------------------------
Title: Roberto Rodriguez

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/?source=post_internal_links---------7----------------------------
Title: Posts By SpecterOps Team Members

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----759fe15965e2--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----759fe15965e2--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=post_page-----759fe15965e2--------------------------------
Title: Share your thinking.

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----759fe15965e2--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----759fe15965e2--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----759fe15965e2--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----759fe15965e2--------------------------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2 HTTP 302
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

141 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request blue-team-fundamentals-part-two-windows-processes-759fe15965e2 Show response
securitybytes.io/
Redirect Chain

https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

273 KB
50 KB

897ms
897ms

Document
text/html

52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-240-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7a106482c2203768493ae731c6401c8a286491cadeee84cfbc653f5b79b9aa76

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: securitybytes.io
:scheme: https
:path: /blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 16 Nov 2020 19:36:30 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
etag: W/"443b2-/HUuQ+/nQCsM/2mjBE4AAxmZdxo"
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b, lite/main-20201116-181835-c41ce67910, rito/main-20201116-185444-df50e72dae, tutu/medium-42984
set-cookie: uid=lo_d2a28c4eddc1; Path=/; Expires=Tue, 16 Nov 2021 19:36:29 GMT; HttpOnly; Secure; SameSite=None sid=1:ljAG0BtgL8wo69lAhiv6ig51NIXA+KFWc4Ai+SjBe2GRHmU0J0YUQGWG55VzyZWj; Path=/; Expires=Tue, 16 Nov 2021 19:36:29 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_d2a28c4eddc1; Path=/; Expires=Tue, 16 Nov 2021 19:36:29 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 788
x-frame-options: allow-from medium.com

Redirect headers

status: 302
date: Mon, 16 Nov 2020 19:36:29 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: __cfduid=df94bcaf816ebaff95fd5062206a6afc11605555389; expires=Wed, 16-Dec-20 19:36:29 GMT; path=/; domain=.medium.com; HttpOnly; SameSite=Lax uid=lo_d2a28c4eddc1; Path=/; Domain=medium.com; Expires=Tue, 16 Nov 2021 19:36:29 GMT; HttpOnly; Secure sid=1:hM1fN3045VouJQZRZQ4Qn1ckphvxJuhRvV48CPoaYjaxjtYs8GZocGjCu+63ztnn; Path=/; Domain=medium.com; Expires=Tue, 16 Nov 2021 19:36:29 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_d2a28c4eddc1; Path=/; Domain=medium.com; Expires=Tue, 16 Nov 2021 19:36:29 GMT; Secure; SameSite=None __cfruid=1c1274d753ada105851f48198bedf91b8cacd3c5-1605555389; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 28
x-frame-options: sameorigin
x-obvious-info: 42987-e497321,e4973212fbd
x-obvious-tid: 1605555389693:854dfce89e1c
x-opentracing: {"ot-tracer-spanid":"4012eadc1e8ca011","ot-tracer-traceid":"558efbad5c5ec5c2","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 0674281c990000c2aeb7ad7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f33a940ff7cc2ae-FRA

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 317 KB
93 KB 23ms
8ms Script
text/javascript 2a02:26f0:6c00:284::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:284::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24e748e21eddd2329725efaae3552c620818f04c36bc5bd6bf35857004cbafca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: MCIuhidlGUybqHrQZr.gOEjvnZGqclLb
content-encoding: gzip
etag: "babbba15f7ec9c10d7a87716cc684e8c"
x-amz-request-id: 500BD54B49033178
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:284::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 94007
x-amz-id-2: 4uT1m/IqxXzlX//6KSZuUwzY2woZKdC6A4v/Y7Ft1AMf8RMcdbIJ5SonN7Es70exvVtzopivRd0=
last-modified: Mon, 16 Nov 2020 19:11:15 GMT
server: AmazonS3
date: Mon, 16 Nov 2020 19:36:30 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 5026
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 unbound.css
glyph.medium.com/css/ 10 KB
1 KB 59ms
40ms Stylesheet
text/css 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2067
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 06742820f00000c2db93866000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 5f33a947eca0c2db-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Mon, 16 Nov 2020 23:36:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6425
date: Mon, 16 Nov 2020 17:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 16 Nov 2020 19:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 14ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1454984760&t=pageview&_s=1&dl=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2%3Fgi%3Dc57a78685737&ul=en-us&de=UTF-8&dt=Blue%20Team%20fundamentals%20Part%20Two%3A%20Windows%20Processes.%20%7C%20by%20Pete%20%7C%20SecurityBytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1219177670&gjid=194070827&cid=971527528.1605555391&tid=UA-24232453-2&_gid=1930115338.1605555391&_r=1&_slc=1&z=1398567241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://securitybytes.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1*uTTiI5amWvXr6SFIP4kyXg.jpeg
miro.medium.com/fit/c/96/96/ 3 KB
3 KB 37ms
36ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*uTTiI5amWvXr6SFIP4kyXg.jpeg

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8029540a7b50ea08504369fb414fc02d49e1edec36470a1d24a0d9a3fa8d1bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194793
status: 200
x-envoy-upstream-service-time: 80
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3102
cf-request-id: 06742821420000c2db28920000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9485d97c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*gfxCo3wHl9MlXKUnRAAJwQ.png
miro.medium.com/max/60/ 409 B
665 B 23ms
22ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*gfxCo3wHl9MlXKUnRAAJwQ.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da03a064bc64d21bd4ace1d742f08cb25391670d0735d78ef6a94db5dafd8c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 409
cf-request-id: 067428213a0000c2dbfcbea000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9485d99c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*kDXNDNrXvRKuinoX3YnjBg.png
miro.medium.com/max/60/ 2 KB
2 KB 32ms
29ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*kDXNDNrXvRKuinoX3YnjBg.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3935c2eae48b2002022398fb816e02f6b172e8f80a7cccfcece2a94205f06cb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 64
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2347
cf-request-id: 06742821440000c2dbbebe0000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a9486dbbc2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*xp0bmbs2cD98lcSb93wpqA.png
miro.medium.com/max/52/ 2 KB
2 KB 46ms
43ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/52/1*xp0bmbs2cD98lcSb93wpqA.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab78042440d660d97113c18db1b803a5504d09047a5143d11950750a14ea791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 36
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2055
cf-request-id: 06742821440000c2dbfcbeb000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9486dbcc2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*L6LV2LI8TyTvv5J-v8cBTA.png
miro.medium.com/max/60/ 1 KB
1 KB 50ms
47ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*L6LV2LI8TyTvv5J-v8cBTA.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a6d0390d0c97c7ed3f30f3c30a05181548333f64dfbc530270522827c8d03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1033
cf-request-id: 06742821440000c2db9c291000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9486dbec2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*F6t243vthVR3pvIr8KHVoQ.png
miro.medium.com/max/60/ 2 KB
2 KB 33ms
31ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*F6t243vthVR3pvIr8KHVoQ.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f434741b9572b7f377cfab6193023b78e6d7d1ececc940b6cdecdbb7706f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1994
cf-request-id: 06742821440000c2dbaf82c000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9486dc0c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*OHYboF1OT-4jKTGg0wgqSg.png
miro.medium.com/max/60/ 3 KB
3 KB 141ms
141ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*OHYboF1OT-4jKTGg0wgqSg.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720fb9810361bb8ffca02d0ffb87b917afb7c4edbc05703d3f2fd13eca0ec73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 47
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2918
cf-request-id: 06742821560000c2dbbd0b1000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a9488df2c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*1G8zQQSh9wRkP6QkSpuzdw.png
miro.medium.com/max/60/ 710 B
936 B 56ms
56ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*1G8zQQSh9wRkP6QkSpuzdw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad04f8eea51f463de72187d7d2e6cb0363b3d48307366ba66f5135c512e2f431

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 710
cf-request-id: 06742821620000c2db8798c000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9489e21c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*IJPOsvklrcEOE-KO99tfqw.png
miro.medium.com/max/52/ 3 KB
3 KB 53ms
52ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/52/1*IJPOsvklrcEOE-KO99tfqw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

659a572fb442fb55d5a8432299fa175f35ce63874a49887bcc9656977c5d39b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 75
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2830
cf-request-id: 06742821620000c2db7f801000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9489e28c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*Wg9OKStaKMlyc7NrcHk78Q.png
miro.medium.com/max/50/ 3 KB
3 KB 93ms
93ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/50/1*Wg9OKStaKMlyc7NrcHk78Q.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

471d08aa62bd27c03bcf96dea7b9153a44b4004c405a6ce05ff4817ed3c0ce08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3110
cf-request-id: 06742821620000c2db8481e000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9489e2ac2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*IGDlZhUtlGxPmeJyKwlQJw.png
miro.medium.com/max/60/ 1 KB
1 KB 48ms
47ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*IGDlZhUtlGxPmeJyKwlQJw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fceb6eadbc29ec2a964360f1ca10c9ef2673c2326ac45d498937df85aff3701

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 54
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1262
cf-request-id: 067428216c0000c2dbb1088000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a948ae53c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*5_w_tIyduUPBLIvQZ82adA.png
miro.medium.com/max/60/ 440 B
539 B 45ms
44ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*5_w_tIyduUPBLIvQZ82adA.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e74ef2aba06c7e1252790f5f11784ed893404592e895f8e8b64801e3061826b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 440
cf-request-id: 06742821790000c2dbb723e000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a948ae5ec2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*jrqgpHt2JXIZXFQGdP_AFg.png
miro.medium.com/max/60/ 343 B
438 B 68ms
68ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*jrqgpHt2JXIZXFQGdP_AFg.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2d409e17216ae3e22a74c39cce61f71dffe952b015d86d3f607db99a3aa7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 343
cf-request-id: 06742821940000c2dba292a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a948eeddc2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*ztUfkWa0r1volwI2YpYo5w.png
miro.medium.com/max/60/ 687 B
818 B 45ms
44ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ztUfkWa0r1volwI2YpYo5w.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a468488260e52744068c9b4c84fcbc041c694944f13a5dd926ed8d8c75373a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 687
cf-request-id: 06742821950000c2db8a9d6000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a948eee0c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*ehXn0D3Dx_tpQOanWDsvPw.png
miro.medium.com/max/60/ 223 B
317 B 75ms
74ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ehXn0D3Dx_tpQOanWDsvPw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf19e354190cf47e1a91f71778e22f8cbe7dbbb85b4ad7a239d8d65b4cbb3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 223
cf-request-id: 067428219b0000c2db8dbb7000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a948fef2c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*6DTyzqE9T1Q8y3pIwZSYlw.png
miro.medium.com/max/48/ 3 KB
3 KB 31ms
31ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/48/1*6DTyzqE9T1Q8y3pIwZSYlw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc7d8375584b2f7ea45ce37db3487f14700fedff7729e3608dcc7b5adb3513d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2960
cf-request-id: 06742821a10000c2db9db48000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a948fef7c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*eQqMSqTPyieqnb4nK3FGeg.png
miro.medium.com/max/60/ 819 B
919 B 33ms
32ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*eQqMSqTPyieqnb4nK3FGeg.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c024b9f5192122592fb6f843342f3543cd156f848e9eb8328f76a09eb3dafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 54
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 819
cf-request-id: 06742821bc0000c2dbcaa0a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9492f68c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*AWpyN7MDNsOKSW2MJ--vtw.png
miro.medium.com/max/60/ 3 KB
3 KB 82ms
82ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*AWpyN7MDNsOKSW2MJ--vtw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b870bfe8df4bd39226198caf1a90f4dd6a27b5e7d506c99d9d4abda2599f1af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 56
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2869
cf-request-id: 06742821bd0000c2dbb830d000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9492f6dc2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*lUMR3_tE95V1AdGx6sDYjA.png
miro.medium.com/max/52/ 4 KB
4 KB 65ms
65ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/52/1*lUMR3_tE95V1AdGx6sDYjA.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b84d7e51bf5ccea7277811867bfe6f75a2f4e620dfdea23748bb4ed5270c8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4065
cf-request-id: 06742821c10000c2db4f0bc000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a9493f81c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*XwDCtWCEztbgFK8H9DFW8w.png
miro.medium.com/max/60/ 1 KB
1 KB 40ms
40ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*XwDCtWCEztbgFK8H9DFW8w.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dfad7e2b15555ede49c5f70421bf9812bea1dff7d90ca9845d0d9a90d06e33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97712
status: 200
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1071
cf-request-id: 06742821df0000c2dbaf840000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9495fe1c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*_JmEsQ9tpNs2wvUR1N_jHw.png
miro.medium.com/max/60/ 3 KB
3 KB 46ms
45ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*_JmEsQ9tpNs2wvUR1N_jHw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f8169653bed20d1de0da7dd6fc3487db2888958934886ff8108244a4d8d5f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 55
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3149
cf-request-id: 06742821df0000c2dba33d8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9496ffbc2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*e0fjq0gud_SDtiDbr_vU2A.png
miro.medium.com/max/60/ 525 B
626 B 59ms
59ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*e0fjq0gud_SDtiDbr_vU2A.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fd498873e21da1ba7c625b72ea29080ebc7bd95d571c52a366de5f826cb4d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 79
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 525
cf-request-id: 06742821e60000c2db6d89f000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9496800c2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*yhiYn-2ShH0DfrjyqCV5DA.png
miro.medium.com/max/46/ 3 KB
3 KB 40ms
39ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/46/1*yhiYn-2ShH0DfrjyqCV5DA.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c5be3def246e01972daceb8b9cc20659850137e14bae251225422dab36f304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110969
status: 200
x-envoy-upstream-service-time: 71
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2734
cf-request-id: 06742821e60000c2dba2936000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949781ac2db-FRA
expires: Wed, 16 Dec 2020 19:36:30 GMT

GET
H2 200 1*5J6sVkThf2phy3PksBtBVA.png
miro.medium.com/max/48/ 3 KB
3 KB 91ms
90ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/48/1*5J6sVkThf2phy3PksBtBVA.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e74f372b2b5bfd8c51b0037dc8690e17c27fd5fb0fcaa755405b93e682091845

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110970
status: 200
x-envoy-upstream-service-time: 50
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2868
cf-request-id: 067428220c0000c2dbb5064000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949a8d3c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*KmMltToX2PgMeQAgapjeGg.png
miro.medium.com/max/60/ 2 KB
2 KB 60ms
57ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*KmMltToX2PgMeQAgapjeGg.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10938d21ecb9c7504a3ea97a6dfc617d7dcd67577f2dfba8df6dbcff6186fae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110970
status: 200
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1805
cf-request-id: 06742822120000c2db8a9e6000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949b8edc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*clOELJpQ2-24o-qNMfqC0A.png
miro.medium.com/max/60/ 2 KB
2 KB 33ms
32ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*clOELJpQ2-24o-qNMfqC0A.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c299c32cd4c96a7429c583bbe14a98ecf3569f51180c4544d78b4aff74a34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97713
status: 200
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1606
cf-request-id: 06742822130000c2db879a1000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949b8f2c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*x0h9dDYhGfHsuueGC1-weg.png
miro.medium.com/max/60/ 703 B
914 B 46ms
45ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*x0h9dDYhGfHsuueGC1-weg.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79bc19e130d6be2d7f37dae6cb5969eb6cc8086e7e4125349c1609d434f33e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110970
status: 200
x-envoy-upstream-service-time: 41
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 703
cf-request-id: 06742822140000c2db853e8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949b8f7c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*6CqoOdWZs-dyMr2ryaLtjw.png
miro.medium.com/max/60/ 1000 B
1 KB 28ms
28ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*6CqoOdWZs-dyMr2ryaLtjw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f060d7fbd4bfd0b793693cd4e837046c5e9e8a24b7eb861699dbeca1db7009

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97713
status: 200
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1000
cf-request-id: 067428221d0000c2dbbd0b8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949c92ac2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*26v122IXWuwMx7_cYBoc-Q.png
miro.medium.com/max/60/ 3 KB
3 KB 52ms
51ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*26v122IXWuwMx7_cYBoc-Q.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7ec18019e1222729a945bbb5c41e20238ab22327419ec34efe974129af51f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110970
status: 200
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2968
cf-request-id: 067428223b0000c2db6d8a6000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949e9afc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*gKO4bgYTIG2T0nlnRLXg0Q.png
miro.medium.com/max/38/ 3 KB
3 KB 59ms
58ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/38/1*gKO4bgYTIG2T0nlnRLXg0Q.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64b51d8e464e49d87bdd400ff448f865a410b08bee92ab38f2a19f26aaa06587

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110970
status: 200
x-envoy-upstream-service-time: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3474
cf-request-id: 067428223e0000c2dba33e8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a949f9bfc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*snqJUZf1mKz8ChWBo3Ff3g.png
miro.medium.com/max/60/ 4 KB
4 KB 57ms
57ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*snqJUZf1mKz8ChWBo3Ff3g.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0cfa992e9c81ff12d2b63cff949313b330cf63d08ec248aadcb6871a868257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97713
status: 200
x-envoy-upstream-service-time: 60
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4225
cf-request-id: 06742822410000c2dba9936000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94a09fac2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 0*gUjIzDz6BNTcNaP2.
miro.medium.com/max/320/ 24 KB
24 KB 167ms
166ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*gUjIzDz6BNTcNaP2.

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

807a289251ad69553fbead5fe8b66001b4adbc92bf82a5e05c690cb593adfb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 16
content-length: 24769
cf-request-id: 067428224e0000c2db47850000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94a1a31c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 UTC

GET
H2 200 0*BeyhZpfrh9-wbm2y.
miro.medium.com/max/320/ 3 KB
3 KB 192ms
191ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*BeyhZpfrh9-wbm2y.

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba1be54bb725594a0386fb00e7212ce5aadb8ad99e6809bb857b9ef7491d9711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 56
content-length: 3029
cf-request-id: 06742822680000c2db7f81e000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94a3aa0c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 UTC

GET
H2 200 0*VQcXKgGwKuwyjxrd.
miro.medium.com/max/320/ 35 KB
35 KB 191ms
191ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*VQcXKgGwKuwyjxrd.

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c219308cc451d69ac97f376d26dfe81bed9e3dd7e40c8315c4c1b6360a4a9819

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 23
content-length: 35677
cf-request-id: 06742822710000c2dbb8324000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94a4ac4c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 UTC

GET
H2 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 69ms
31ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563616
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428216b00001f51588db000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad2b1f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
14 KB 65ms
28ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563616
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428216d00001f515bb68000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad361f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 79ms
41ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344593
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428216c00001f514c172000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad331f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 18 KB
18 KB 62ms
25ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344593
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428216d00001f51a282d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad3e1f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 66ms
29ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 119915
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428217000001f5177034000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad3a1f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 charter-700-italic.woff
glyph.medium.com/font/77a0c0c/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 11 KB
11 KB 60ms
23ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/77a0c0c/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f4969854fa4004e00ddf84c2ca5ada59216aef292c3f6e7a5b1a73d90646f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110968
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428216e00001f515eb09000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad411f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 61ms
25ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563616
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428216c00001f513b17f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad311f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 58ms
22ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563616
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428216e00001f51a93db000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a948ad431f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:30 GMT

GET
H2 200 1*lkWLH2PPHfsK3OatcCjDYQ.png
miro.medium.com/max/54/ 3 KB
3 KB 27ms
25ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/54/1*lkWLH2PPHfsK3OatcCjDYQ.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24f57c8a7488efec49abd16bbc8bcfb374d6483bbd783732481f47b6f194a7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97713
status: 200
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3129
cf-request-id: 06742822790000c2dbb8325000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94a5ad5c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*dBVCKSaAh0Zn1XeVWfq0zw.png
miro.medium.com/max/52/ 3 KB
3 KB 87ms
86ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/52/1*dBVCKSaAh0Zn1XeVWfq0zw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80eb01bd97ffc1c797ba8b391032b0991152a71ce7cddae90034f77cd954ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110970
status: 200
x-envoy-upstream-service-time: 27
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2807
cf-request-id: 06742822950000c2db8e3a3000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94a8b58c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*UUo_cmy6hhEXhZlUnQiWDw.jpeg
miro.medium.com/max/60/ 876 B
1 KB 43ms
43ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*UUo_cmy6hhEXhZlUnQiWDw.jpeg?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

973141fc8f7216e11582d6def8be43f5cf95551ad9f27e2b32b63e0c0fef67c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110970
status: 200
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 876
cf-request-id: 06742822d60000c2db3a9fd000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a94aec2cc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*uTTiI5amWvXr6SFIP4kyXg.jpeg
miro.medium.com/fit/c/160/160/ 6 KB
6 KB 40ms
39ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*uTTiI5amWvXr6SFIP4kyXg.jpeg

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876f2fea84434bb95a6cfb6e130566e51616d483043706f1c6d89c464592e1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 735492
status: 200
x-envoy-upstream-service-time: 28
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 5899
cf-request-id: 06742822e00000c2db853f8000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94afc63c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*NKLgTD8PxqquhV3UXw7SuQ.png
miro.medium.com/fit/c/160/160/ 10 KB
11 KB 28ms
28ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*NKLgTD8PxqquhV3UXw7SuQ.png

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a9ca504e150531457bb325fe90957d6e6d5ca761c95a922281def045f8b9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 901198
status: 200
x-envoy-upstream-service-time: 78
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 10614
cf-request-id: 06742822ea0000c2db8a9fd000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20200916-174204-02beecfda0
accept-ranges: bytes
cf-ray: 5f33a94b0c7fc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*uTTiI5amWvXr6SFIP4kyXg.jpeg
miro.medium.com/fit/c/80/80/ 2 KB
3 KB 33ms
31ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*uTTiI5amWvXr6SFIP4kyXg.jpeg

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0d781b690801626c7da06bb429031718eb18ff1d76b2937c47f5fd7c5fbbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 901198
status: 200
x-envoy-upstream-service-time: 45
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2481
cf-request-id: 06742822f70000c2dbbd0db000000001
pragma: public
sepia-upstream: production
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200514-191947-e45d7283d4
accept-ranges: bytes
cf-ray: 5f33a94b1ca2c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*NKLgTD8PxqquhV3UXw7SuQ.png
miro.medium.com/fit/c/80/80/ 4 KB
4 KB 42ms
41ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*NKLgTD8PxqquhV3UXw7SuQ.png

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a18fc23b24d6a7b7ab6a06c33b6450d99d85b3a5f717f40b96f6a7f22835a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 799787
status: 200
x-envoy-upstream-service-time: 50
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4298
cf-request-id: 06742823020000c2dbbd88f000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a94b2cbdc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*DXR6sgpQQYK82xq000xesg.jpeg
miro.medium.com/max/60/ 835 B
969 B 30ms
30ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*DXR6sgpQQYK82xq000xesg.jpeg?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b6d0c327dff3b25dcc9ee7dfb2a0eba31a951ce81f86f05b053715d46bacf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 810389
status: 200
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 835
cf-request-id: 067428230a0000c2dbbcb7d000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94b3cd8c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*fnqr62NXwy1Fa5DhGiOGFg.png
miro.medium.com/max/60/ 3 KB
3 KB 41ms
41ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*fnqr62NXwy1Fa5DhGiOGFg.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1195c9475f1c0f48a087c622aec403759b7d98b48879fcbaf223835f39dc6a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 180243
status: 200
x-envoy-upstream-service-time: 21
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2691
cf-request-id: 06742823100000c2db5a9b3000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94b4ce8c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*ShEYQI6rgp4WhoMFows5qA.jpeg
miro.medium.com/max/60/ 855 B
1 KB 20ms
20ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ShEYQI6rgp4WhoMFows5qA.jpeg?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

4750033537e1fce0cecb8e2ca493d2878ddecd37b292cf1394fbaf506dff30db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1171279
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3210-6a9380d
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 855
cf-request-id: 06742823140000c2dbcaa2d000000001
pragma: public
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5f33a94b5d12c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*YDlbuijY1qh1K0WhSIRFKw.png
miro.medium.com/max/60/ 4 KB
4 KB 24ms
24ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*YDlbuijY1qh1K0WhSIRFKw.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6656287fa1325f938441be0a1343b7946a17457f95f19770a8981ce392e307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 917331
status: 200
x-envoy-upstream-service-time: 50
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3749
cf-request-id: 06742823210000c2dbb8330000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94b6d3cc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*9kGfTAykvixCdzmRTr9MxQ.gif
miro.medium.com/freeze/max/60/ 939 B
1 KB 29ms
29ms Image
image/gif 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/freeze/max/60/1*9kGfTAykvixCdzmRTr9MxQ.gif?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30bc3404a55d32a699bdc8261bfa42eee98f20509933041c08c866b363676c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1169925
status: 200
x-envoy-upstream-service-time: 36
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 939
cf-request-id: 06742823250000c2db84853000000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200715-164354-345f1b3a44
accept-ranges: bytes
cf-ray: 5f33a94b6d48c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*pt9di8rs-jtyX0jIY6jcwQ.jpeg
miro.medium.com/max/60/ 2 KB
2 KB 38ms
36ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*pt9di8rs-jtyX0jIY6jcwQ.jpeg?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

542f8ca5ea63e208165bc12cea486ffe3827f12ea74df9457e3eb9fb27789932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 99946
status: 200
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2342
cf-request-id: 067428232a0000c2db888c3000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94b7d51c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*jcebPtknjotpAMvZhPSSwQ.png
miro.medium.com/max/60/ 832 B
972 B 34ms
33ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*jcebPtknjotpAMvZhPSSwQ.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3986390b8cc1d94f35926722bdc434fc12571434662e5e5902a9ccb67c34733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1161746
status: 200
x-envoy-upstream-service-time: 59
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 832
cf-request-id: 067428232a0000c2dbce14b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20200916-174204-02beecfda0
accept-ranges: bytes
cf-ray: 5f33a94b7d55c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 0*ji6keNd2kNMsDi-Z.png
miro.medium.com/max/60/ 830 B
973 B 29ms
29ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*ji6keNd2kNMsDi-Z.png?q=20

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3b4f1ce0d89e52e8e1e7e1005bd4ffd61a2124dbd2257a461520986b692a66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 917331
status: 200
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 830
cf-request-id: 067428232b0000c2db8dbe3000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94b7d59c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/270/ 10 KB
10 KB 33ms
33ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 839018
status: 200
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 9821
cf-request-id: 06742823330000c2db4e922000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20200804-190312-d5d253b55e
accept-ranges: bytes
cf-ray: 5f33a94b8d85c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/270/ 7 KB
7 KB 27ms
26ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 912933
status: 200
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6839
cf-request-id: 067428233b0000c2dba9952000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94b8d9ec2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 GMT

GET
H2 200 manifest.f4867d24.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
4 KB 61ms
55ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.f4867d24.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e2f43bbfc3de24925e9d6b80cb78ab9ebba1f492495998f6c799f7d766622a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3759
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: B01A50D58883CB0A
x-amz-id-2: BW14Vpg41y1NZWIPFwXD1bhLpyyAQM8Kn7ughywI1umht2QxHzKIut/22+dFCsToULFJxytWP0M=
last-modified: Mon, 16 Nov 2020 18:26:52 GMT
server: cloudflare
etag: W/"e21d572e465d6230c56c09f129ee69b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: WS0ald1n6XXRC_zFMx4XJzELiU1M4vF6
cache-control: public, max-age=31536000
cf-request-id: 06742822010000c2db8889e000000001
cf-ray: 5f33a9499897c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 648.d1565f9b.js Show response
cdn-client.medium.com/lite/static/js/ 626 KB
184 KB 100ms
94ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/648.d1565f9b.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9375c008536c5d775947c03ee9ea63c5dd5b1f0829b31132e8d42a1e4c2c8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 869297
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 9AD38D622B40CAA1
x-amz-id-2: /B90QAm1P7ehWJaOYOOo1Rc1E2ftPwOUUuQiyOG04h2gAFB1JTdOXETv0TAc2kNspdJp5+dJy5I=
last-modified: Fri, 06 Nov 2020 17:51:36 GMT
server: cloudflare
etag: W/"d5fbf12e1ca575460428692b8b4b9a54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: UfxHdv4SmjTEtNCIFLvqAzZxt_5KTi6u
cache-control: public, max-age=31536000
cf-request-id: 06742822020000c2db8e397000000001
cf-ray: 5f33a9499893c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 main.125948e1.js Show response
cdn-client.medium.com/lite/static/js/ 511 KB
132 KB 64ms
59ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.125948e1.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fadcb7f35bee8ca8c158b704b4b7191463869783b883ce6ae99be68ddde1f6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6243
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 8661D920B6BB4745
x-amz-id-2: j3lCmdoiv2qZ7JFXI8JZAT0F9iRsIIVEJDYtkAkQSobwEFCH6sqIOk6YKv4Su1ZeEBrRWaBSP18=
last-modified: Mon, 16 Nov 2020 17:45:46 GMT
server: cloudflare
etag: W/"5beec41ad3706e456929a2d73bc3e2af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LOvdtYpKRo53cOpTER7KYlHxInFYDtVT
cache-control: public, max-age=31536000
cf-request-id: 06742821ff0000c2dbaaaa8000000001
cf-ray: 5f33a949989ec2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 5573.71c7b89b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 100ms
94ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364f6c75955774aebff7e991251b546bc3be8bd6b8c2ec6992093954d2880ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 748912
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 5F1FD4DB55DDDE8A
x-amz-id-2: B84Imc8lpoqsoNjOt1mesrdf9/0oYNrEFAWkKUWZAUodSqYcPc1wn8nS9+NkLEXQZZGikjHaOj4=
last-modified: Thu, 05 Nov 2020 06:35:09 GMT
server: cloudflare
etag: W/"5ea86fb250e41d2afbeafce6d98f43fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: n6sjS3in91J8r._SfEa8RwndCZwis75f
cache-control: public, max-age=31536000
cf-request-id: 06742821ff0000c2db9db54000000001
cf-ray: 5f33a949989ac2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 instrumentation.b159e062.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.b159e062.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8138c096e0fe75403f6c983d40d1867ffe44f231422bd4b66b19e02bdaf3f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 840688
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 5315D88F29DF1F2C
x-amz-id-2: YN6QiAZ4ManeXcen+qeXC+VxqVxYqiYQoPFhZ6Nm6eTcLPU7G1/ALTpr/0re3nRopwKlNZWZQCc=
last-modified: Tue, 03 Nov 2020 18:43:34 GMT
server: cloudflare
etag: W/"f58deca85e2c997a1e2fec2e3e465940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: YFHiU4DJ.P7H_ae.SeNk1pi2nD2Ht2A2
cache-control: public, max-age=31536000
cf-request-id: 06742822090000c2db97362000000001
cf-ray: 5f33a949a8cdc2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 reporting.a97391eb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 60ms
59ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.a97391eb.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559b03b627bb2a5cfa4390b674bdca59d21dfacfc9eea75a3e60d30382685d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 835136
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 714D6C3493AAD81A
x-amz-id-2: DU1uDIng4TbAdCuNmGSq3RqfILcfJEsTj9637BnVLC3SNh7P9nRMtkYF/hbrM1POi1joCFUON1U=
last-modified: Wed, 04 Nov 2020 01:57:35 GMT
server: cloudflare
etag: W/"fe7638c63ed535f5a1e5b02bc60ec02e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6esBqCB_naXB61URJyQV_cLy9PGN69z9
cache-control: public, max-age=31536000
cf-request-id: 067428220b0000c2db4e8fc000000001
cf-ray: 5f33a949a8d0c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 1826.bc1ea69a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
11 KB 39ms
38ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1826.bc1ea69a.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a7dcabcc1bde6b5b7d90eca8e955d02b7b4edb967d68f0c3ca69cb70ce5c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 995406
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 0FF7AF232C2E43BE
x-amz-id-2: 0Rtiu6h+RCQGjxnZEi8SwfhegNYdzSVbO257J9UZ9TqCr2fwSqa1AbkwAqn76zcSp++dBK6RJ8E=
last-modified: Wed, 28 Oct 2020 18:48:28 GMT
server: cloudflare
etag: W/"b09f67d7284461212d661f0679868da7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bQkXzPSpwfYUjPc23105A8CfJtXN2MvX
cache-control: public, max-age=31536000
cf-request-id: 06742822350000c2db84344000000001
cf-ray: 5f33a949e9a8c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 4464.18d417d4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4464.18d417d4.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ac6fe649aa853633a57ab2ec0710a69fff6c8be308aae4aad815fb0deacc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1001449
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: BCBB7CDD8DB97356
x-amz-id-2: XmOqSX255eXHWAiT4DY6exPOr9BNq/04z7LUxlEjCiMvVfi5S5PWMd8a0PfZtwMmD62o8FCsdPo=
last-modified: Wed, 28 Oct 2020 18:48:28 GMT
server: cloudflare
etag: W/"96f0b868bf92c7fd790272d73e2f9870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1jga9dH94HXTT96DG3QkYxK4I.UnZVaF
cache-control: public, max-age=31536000
cf-request-id: 067428223f0000c2dbb831d000000001
cf-ray: 5f33a949f9cfc2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 1148.9eac293a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 31ms
31ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1148.9eac293a.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

657f85f1f717dfcf71d54955f08094c8f627c55434576788f1fc5a9139c139d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 874333
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: C84B4590D9E5EBA9
x-amz-id-2: V56nBoWEfjkNr+snUPflVoKk6vrYrLKlD/a1zzihKO3ipKCbE/K8d4ijqnFvnK+UeDzGsQXmRM8=
last-modified: Fri, 06 Nov 2020 16:36:56 GMT
server: cloudflare
etag: W/"db69beca199f14b1d0c0b61593e3f93e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: UgWEBq93VeftXXaACCrQhQPqXIRJaijm
cache-control: public, max-age=31536000
cf-request-id: 06742822450000c2db9c2ad000000001
cf-ray: 5f33a94a0a00c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 5064.331896b3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 117 KB
33 KB 53ms
53ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5064.331896b3.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff01f58a98bd955f348d127f7efc2f72bcf1748671d9cbc01869e8e7e715eaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 582969
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: FFBFCBE303DF49B3
x-amz-id-2: 7pVonDOzM++QbLphlXZwL9JDt0FKIlW4EXv/Tnb9RI8JLBR6tXEEGIgjzbeBrRaDqljwYf5akAI=
last-modified: Fri, 06 Nov 2020 01:56:37 GMT
server: cloudflare
etag: W/"07825a764f375b59a9ee9d2115b2d7ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: UaV6vxi1O7wSXrM6EuDkhy3PIgCCX7nU
cache-control: public, max-age=31536000
cf-request-id: 067428224b0000c2db9db61000000001
cf-ray: 5f33a94a0a06c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 9274.63eefcdc.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 35ms
34ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9274.63eefcdc.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfd67952d341851f49558fd5b3314f9c54869c362801f51552e1a9df07c8ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107670
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 250E469B69926BBC
x-amz-id-2: jMmcaQHoptMDLoGWgaRD3pVM/vGXECxwCfXIRXPnZnxjBgXan7uc3WsiXL5uA5AB3Hw3zAoaqa4=
last-modified: Tue, 03 Nov 2020 23:47:48 GMT
server: cloudflare
etag: W/"ccd80c9d1d3b3cda451c47c801e9b0de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zXTUe4s6qtTbA9e3dwLhgzmXwQHwws6J
cache-control: public, max-age=31536000
cf-request-id: 06742822520000c2db6d8aa000000001
cf-ray: 5f33a94a1a45c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 2846.6b6ebf22.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 41ms
40ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2846.6b6ebf22.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e543d83cad5f3e4973f7bb52280a9a1722a20ef3d71c4b99b7a7b60770bb2ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 740278
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 5A245C02CF5FA5BA
x-amz-id-2: hjS5bDcD0048VFwBVD+f+LR3rrRNxuqdBq/ZffYevV/nMWbZRST6tzwp+IKg8QnFvsYrVXOZna4=
last-modified: Thu, 05 Nov 2020 06:35:08 GMT
server: cloudflare
etag: W/"15657365d9509fb2670441fb19640fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Z5N_3t7pg0ArqX57LA2TCVyXx0lI6cVG
cache-control: public, max-age=31536000
cf-request-id: 067428225a0000c2dba9939000000001
cf-ray: 5f33a94a2a69c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 7993.d2090e9e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
8 KB 48ms
47ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7993.d2090e9e.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7886e0489f83052da46abf4683899d44b8fe057cd74877415952ae20a874a740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 660210
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: FA5A56F4EEBCC85D
x-amz-id-2: H62t//ICALdlRV9eO+nd24N0QJPpjv2qtbTwXDj6vDKq6YeXBi/fs7All4U2RuWVqtNLcL60DHc=
last-modified: Thu, 05 Nov 2020 05:27:18 GMT
server: cloudflare
etag: W/"e98a333e611f6294eb5502aa6f2401bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: SMyXsQDDO7Ip6xpBtgBCpZyFKWLXtrQ3
cache-control: public, max-age=31536000
cf-request-id: 06742822630000c2db8a9f0000000001
cf-ray: 5f33a94a3a8ec2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 1142.ff0dd948.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 41 KB
12 KB 36ms
35ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1142.ff0dd948.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fba11f3d9d0d4d78b9457b678f2117ab60bc87ba0d81dce357ea312e363799f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75827
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 07FFC55DC390003E
x-amz-id-2: EEDrQa/ozI28nIck9SF9/JWJVhbv/y/LkKpWuNTGo8N53MwPh5a90oWp/QTez/8OhIAdheBR6Rk=
last-modified: Fri, 13 Nov 2020 23:43:02 GMT
server: cloudflare
etag: W/"aa805afa65958feeac0035ecf7540d82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: cnq4aKNy7j_THXFNPvy3OKJnDXsi1Qk1
cache-control: public, max-age=31536000
cf-request-id: 06742822640000c2db19a26000000001
cf-ray: 5f33a94a3a9ac2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 6839.ef1685ae.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 32ms
30ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6839.ef1685ae.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6466f6c63fc6762dafcdab568fc0ba0fd6888964894962c7fd2e2fcacd049632

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1086896
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 7F3CE7E3D9789152
x-amz-id-2: jyZ6IGubIcDhb0aGkczrPWz4x0zCH9iOqPV+5GgEkPGTLddjXQQVqOEGxbddoLm5i6/ElJD+6pA=
last-modified: Wed, 28 Oct 2020 18:48:28 GMT
server: cloudflare
etag: W/"ad2f6f805c2629c7f760c7112f9cf69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: FQzdwvcMtnRmpT.0b5XfOF4talslkvdY
cache-control: public, max-age=31536000
cf-request-id: 06742822780000c2dba294b000000001
cf-ray: 5f33a94a5ad3c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 353.46aadb89.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
9 KB 33ms
31ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/353.46aadb89.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dccd53f97210b2d324484de530c8ffcbf41ebc6bf65682b000f967dcddbe00ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 443344
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 27C4B7CFDE9C09B8
x-amz-id-2: 4Q0Ler8Av2dSFusK5/sZ0/vC/3lEVHDZgrITDpyl2IRJ4yathNRQX6rolAmFsmK7j2DxR7ZKzis=
last-modified: Wed, 11 Nov 2020 16:20:07 GMT
server: cloudflare
etag: W/"b68f27e1c17f92de1bbc470517163283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 3puxyNQg6LGCq3XZaAA7NK00mX22bLl3
cache-control: public, max-age=31536000
cf-request-id: 067428227c0000c2db8434d000000001
cf-ray: 5f33a94a5adcc2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 2054.b71a798f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 31ms
31ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2054.b71a798f.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9afec6e91090ff2f1bf657e98654e05d653e8718a14638b247be040fe10c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345831
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 55FF370F2179E186
x-amz-id-2: 8VYrxpHYfyL2QXmi8yNenwupsUYJATARCxsQGYYmBTo3LEEUmDj2FywjkwkdY9sqsoMTNhX9yG0=
last-modified: Thu, 12 Nov 2020 18:06:17 GMT
server: cloudflare
etag: W/"a893a8770826316712f8ef2238c6dfd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: esYadRiFX3v1y.0_XHN4ccYvBtbf6FqP
cache-control: public, max-age=31536000
cf-request-id: 067428227c0000c2db7f822000000001
cf-ray: 5f33a94a5adfc2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 8127.f0814c08.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 26ms
25ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8127.f0814c08.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee85e7820e4db6aa33b17a052ab770693f094b0492ee9baa58def69a9cfd9f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345831
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 99786256924BA0B8
x-amz-id-2: ruNr9tcoBqe4enHUQ3gcBnaLdoqnwSFvaydcuoB0ntMNRs7v7B7ALf6/48itUUjpxEK/b5eSBR8=
last-modified: Thu, 12 Nov 2020 18:06:17 GMT
server: cloudflare
etag: W/"43f7cf74f56622e1208d61f78d5494c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: iCykzTdAmuGKUOUC5OJvp.bsOoGobG.M
cache-control: public, max-age=31536000
cf-request-id: 06742822880000c2dbaaab3000000001
cf-ray: 5f33a94a7b16c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 7131.5e83a949.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 91ms
90ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7131.5e83a949.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb2f8591bf82b158baed4b3df098f534abe34facad67d2d4089a0cd0ebc27fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 358190
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 66F14A7E30EBF13F
x-amz-id-2: j04XaJLhVfVXGfpGDyCVEVU+oNC5rvJbYWaxtN17lK/EZ7XyMn6MR/hkkRSkszUXkBvQO+S1Vj0=
last-modified: Thu, 12 Nov 2020 15:59:09 GMT
server: cloudflare
etag: W/"b98b66cce608835612c487edb8548473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _N_KjP_DsOGCW5tv3vKyUtXRQdqQwL4x
cache-control: public, max-age=31536000
cf-request-id: 067428228c0000c2db93897000000001
cf-ray: 5f33a94a7b1ac2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 8751.41d7c840.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 32ms
32ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8751.41d7c840.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c23802b3b7ab8a4ca7aa15e98b2008293dcd58cd44b61c8b1a1df4d4cc1bf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 362029
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 2G8K6R8R8P4T5K9W
x-amz-id-2: xFSTfVtjAH/DStT+m52RXh/Tqup0vrJTVKiwsDQ03t1zxLA2ghpwwNt1oPGPFOg+QyMzgUIvpl8=
last-modified: Thu, 12 Nov 2020 00:25:05 GMT
server: cloudflare
etag: W/"8b3bbfe23b38bb534ea6ddc1b9393f67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: DSzSPiAgQ7Wk8NVMoLl2nIvRWUQGozQN
cache-control: public, max-age=31536000
cf-request-id: 067428228f0000c2db19a2a000000001
cf-ray: 5f33a94a7b32c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 9978.59f6d2e0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 33ms
33ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9978.59f6d2e0.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

927d508644d0dd1666ced2bd42d8bd9ea9c82fb3f2d48272b973867864db9cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1086894
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: FDC819F594AD1F81
x-amz-id-2: 6Vo/dnkU8iRd+b2oYJhO5YA/Uem1YgK+J0Ys6acTMq+7L6sPrHLntFdICZzpiE+ehZf/timXEM4=
last-modified: Wed, 28 Oct 2020 18:48:29 GMT
server: cloudflare
etag: W/"dac46199ee43ea5c73458dfbccf3feed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: WeqqN1.dAT0nQpXAo6VX8XPQWg9QbtS6
cache-control: public, max-age=31536000
cf-request-id: 06742822960000c2db47856000000001
cf-ray: 5f33a94a8b5ec2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 1316.e12c2e47.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 82 KB
23 KB 32ms
31ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1316.e12c2e47.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bab91ce8758c3811a300e5cca673756bf1e5dcf93131b262bee2dd15535db953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273671
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: D2B120137F8DC58D
x-amz-id-2: E+yrc+R68neS5yYGcJIgju+8bCtvGL4Z0LiteJGgPjBTDJbhIZrRA57CQyQ8tMzSexQDn7URwlo=
last-modified: Fri, 13 Nov 2020 00:17:13 GMT
server: cloudflare
etag: W/"d46d27b82cb970f1d9ad7bb70297dfa1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: CG3oBnh0eT_SScABIhAZBaWsLuu12o5D
cache-control: public, max-age=31536000
cf-request-id: 067428229b0000c2db28944000000001
cf-ray: 5f33a94a8b64c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 5962.26fbbe98.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
7 KB 110ms
110ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5962.26fbbe98.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cba880c00a1c21a8d204a51bfc732ec7bbfca358504388404dddbdbd9c5ae460

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75827
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 1B1ED6D6F588E6CD
x-amz-id-2: 6pgEItDzHyyiaz1tv598Fr41mEmGNkFtfGCpJqMRQIQr/awKVa0KLWiSXiSYNC2+EujW+bAhYT0=
last-modified: Sat, 14 Nov 2020 00:07:32 GMT
server: cloudflare
etag: W/"327a7b8caca30500a391fbbce04c69a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dcwAlViAjoqJxxlAOq1I_XWr3xldb1LA
cache-control: public, max-age=31536000
cf-request-id: 067428229a0000c2dbb8328000000001
cf-ray: 5f33a94a8b69c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 6098.b9a96515.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 24ms
24ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6098.b9a96515.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5148cc08102f35ee30d3396e36bfaa0b511915a08fea408b67969dda8e604d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 835073
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 6H1GDP2HDZFX0Y3W
x-amz-id-2: k0gOxtg+4kYulnSieT5+T4xzG70hpsk9IFifcmppaG20rPNMz6N2RYYmg6qzfGI30awpTr15tPo=
last-modified: Fri, 06 Nov 2020 16:36:56 GMT
server: cloudflare
etag: W/"12c9e879f6e366d4d93aff4447e9a54a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6GEPe0xCmznftbFRGDJp8BJfTw7FgL3l
cache-control: public, max-age=31536000
cf-request-id: 06742822a10000c2db9db6a000000001
cf-ray: 5f33a94a9b77c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 6983.097b14d4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 99 KB
27 KB 34ms
33ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6983.097b14d4.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c944c926aefc4daf6b9ee3c17c385ea554c47fba975fa4b3db1f556567a2d5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 253490
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: D0645FA8E0E16971
x-amz-id-2: 6hH2TOCpm72egrBKE2qIz0c04rTjMV4e1p0psCeXEXMytfXNFF+3RjMHrPPAOdISjaTxNFZFPkk=
last-modified: Fri, 13 Nov 2020 21:09:48 GMT
server: cloudflare
etag: W/"71f08b8adc8b4367967bc8b48f65ff4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ONIUl8sQpaXKmHo_LZSOZ08CpeBBDhvK
cache-control: public, max-age=31536000
cf-request-id: 06742822b20000c2dbb7263000000001
cf-ray: 5f33a94aaba4c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 2740.386638e5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
5 KB 23ms
22ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2740.386638e5.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345091912e4ce82252bdf62685ac7fdd1877218b124300c6fe631bde2dc8e2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273671
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: E3A527F9BD570E4B
x-amz-id-2: 7SP3hXbn4hpe3B2t3POKElVS14h7Kl78NNnQSPGscYRVGK+N8335tyH3HkNr/bxbWWZjA/zVbnU=
last-modified: Thu, 12 Nov 2020 22:32:33 GMT
server: cloudflare
etag: W/"e81af464d43f82b9ba700a3cf34b8776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: e8poMMawUSJivi4ULrCwLT7aDRJqoEg1
cache-control: public, max-age=31536000
cf-request-id: 06742822ba0000c2db888b3000000001
cf-ray: 5f33a94acbc2c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 9889.1b129083.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
7 KB 46ms
45ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9889.1b129083.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a720da25a9c8316d379c0e3a6b9e1a165b9255fad1396480c9ed5e0931ae58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75827
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 32F43025471920A1
x-amz-id-2: 8PkY4avcma9xDJ5UcMUh13Ja3HZOsTEoFnC2ibv8EXoD0CxyeSigcx5ATDWMAit6v5uA5fABO4o=
last-modified: Sat, 14 Nov 2020 00:07:32 GMT
server: cloudflare
etag: W/"6a3eeeb55b519649d4c6abf20c2840a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: EjcYGK7hj.vuc9BArZwIudHpn3RHnzuN
cache-control: public, max-age=31536000
cf-request-id: 06742822bb0000c2dbcaa21000000001
cf-ray: 5f33a94acbc8c2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 3981.98e075e0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 64ms
64ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3981.98e075e0.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79b0efd4fb918327ca4526a8c51c24d96b7f7fe430e99230539b7d61e8d2189

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3758
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 86CC81DAA45A315E
x-amz-id-2: dosygG19IeeTzAWRfu+ZsbxGAGzxrTyUFj1J9hqie1SC0EGzJE6oY9nAEzy2dihiVfLGNLN//fs=
last-modified: Mon, 16 Nov 2020 18:26:29 GMT
server: cloudflare
etag: W/"2ce25ee4ed9f20e278132519a323a6e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: fBT0RWAnLlhjKLyaOJwiWmtHEeQHmFS6
cache-control: public, max-age=31536000
cf-request-id: 06742822bc0000c2dba0112000000001
cf-ray: 5f33a94acbcbc2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 Post.16f90bbe.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 42ms
41ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.16f90bbe.chunk.js

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2aea356b59cfcd06328a74a9e1dff1c6c12c73f1fb3832d20bcb05385a349b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 734522
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 9483E1A5C786EA89
x-amz-id-2: NhQhoJkT80S697Um5dIUsg7UnGpEQtL9i5k1TO3rmZVawfMDY3YXktFrjeGOGNBp9c0OYrg4zC4=
last-modified: Wed, 04 Nov 2020 01:57:21 GMT
server: cloudflare
etag: W/"78cdeacd30aae4f80091bff98b68f339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5Hip9xSsovJf48g0c04TXj6PCeDfnovg
cache-control: public, max-age=31536000
cf-request-id: 06742822d20000c2dbaf33e000000001
cf-ray: 5f33a94aec1dc2db-FRA
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 0*efPu7TOf4gy-6OSd.
miro.medium.com/max/320/ 3 KB
4 KB 136ms
136ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*efPu7TOf4gy-6OSd.

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958f7e5a7403d9072b22c6745bbd7a93c7c9ae9bbcd56470319313497dd36ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 14
content-length: 3507
cf-request-id: 06742823440000c2dba9953000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94b9dbfc2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 UTC

GET
H2 200 0*juBJqrQD7tcn2H7E.
miro.medium.com/max/320/ 23 KB
23 KB 151ms
150ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*juBJqrQD7tcn2H7E.

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b37c1aa10a24e2122d5717a550cd8e5505072ee4449f7d7a1aad8f5d72f797dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 15
content-length: 23895
cf-request-id: 06742823480000c2db8dbe7000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94badd3c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 UTC

GET
H2 200 0*gX0gewhgwIYPaIvs.
miro.medium.com/max/320/ 33 KB
33 KB 165ms
164ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*gX0gewhgwIYPaIvs.

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f89b8dabcbad748a89d8a65c6cd1b0a47b31038aff7f890a354454aac5317e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 35
content-length: 33850
cf-request-id: 067428234c0000c2dbaf86e000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94bade2c2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 UTC

GET
H2 200 0*qD-88XPxPjilW4ZC.
miro.medium.com/max/320/ 47 KB
47 KB 172ms
172ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*qD-88XPxPjilW4ZC.

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c5577177c985428596986c71f51186f7f8fe334b397b2ba8ee2997e3f1672e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 30
content-length: 48280
cf-request-id: 067428234e0000c2db9737e000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a94badeec2db-FRA
expires: Wed, 16 Dec 2020 19:36:31 UTC

GET
H2 200 charter-400-normal.woff
glyph.medium.com/font/be78681/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 19 KB
20 KB 35ms
35ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc72a2ca45067a3d17fed4cd8776fec5dca3b9ecd7300e107f9256a86a0c8b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 293579
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428220b00001f51810dd000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a949a8211f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:31 GMT

GET
H2 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 17 KB
18 KB 24ms
24ms Font
application/font-woff 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d00d6b95e13e69bac3bf967aa85cb6eab7c1eafe8a249ed5e1f1a81a3f96ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://securitybytes.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 293579
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 067428221900001f517a097000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5f33a949c84f1f51-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 16 Nov 2021 19:36:31 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 160ms
146ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 16 Nov 2020 19:36:31 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 145ms
144ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 16 Nov 2020 19:36:31 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 144ms
144ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/648.d1565f9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
Bugsnag-Sent-At: 2020-11-16T19:36:31.405Z
Bugsnag-Api-Key: 39f69ce10b9bd0e6c60910cfa37f66af
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:31 GMT
via: 1.1 google
status: 202
content-type: application/json
access-control-allow-origin: *
bugsnag-session-uuid: 91531e38-70f4-45c4-833e-f7d61082c540
alt-svc: clear
content-length: 21

POST
H2 200 graphql Show response
securitybytes.io/_/ 94 B
387 B 537ms
536ms Fetch
application/json 52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securitybytes.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/648.d1565f9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-240-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 43837d8fe72cd41acfce2664e5dd013c3e1a45a09d48b06ce715f0a9d94d7f5a

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 5ed4510161ff1e53
Medium-Frontend-Path: /blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
Medium-Frontend-App: lite/main-20201116-181835-c41ce67910
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20201116-181835-c41ce67910
ot-tracer-spanid: 4853763467b58c04

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
sepia-upstream: medium
server: nginx
etag: W/"5e-hbCoY9E/uxB5TQfSdzTMDtZr8FQ"
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b, rito/main-20201116-185444-df50e72dae, tutu/medium-42984
x-envoy-upstream-service-time: 425
content-length: 94
x-request-received-at: 1605555391705

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
111 B 145ms
145ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/648.d1565f9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
Bugsnag-Sent-At: 2020-11-16T19:36:31.888Z
Bugsnag-Api-Key: 39f69ce10b9bd0e6c60910cfa37f66af
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
via: 1.1 google
status: 202
content-type: application/json
access-control-allow-origin: *
bugsnag-session-uuid: e2a549bf-2a5f-43c0-bcc9-968fa3e3e3af
alt-svc: clear
content-length: 21

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 48 KB
19 KB 91ms
31ms Script
application/x-javascript 13.226.156.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-112.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 16:35:54 GMT
Content-Encoding: gzip
Age: 10807
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Thu, 02 Apr 2020 00:28:20 GMT
Server: nginx
ETag: "5e8531a4-c079"
Content-Type: application/x-javascript
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: CasfOpPLN6MP4M3fI5jmaVglU_bOg-Po8j9EcxCbysEu9dtzuSr38w==
Expires: Tue, 17 Nov 2020 16:35:54 GMT

POST
H2 200 /
securitybytes.io/_/clientele/reports/performance/ 0
0 116ms
116ms Fetch
application/octet-stream 52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securitybytes.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-240-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
sepia-upstream: medium
server: nginx
content-type: application/octet-stream
status: 200
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b, clientele/main-20200930-141053-61802e6eb8
x-envoy-upstream-service-time: 7
content-length: 0

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 77 KB
23 KB 92ms
34ms Script
text/javascript 13.226.132.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2?gi=c57a78685737
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-83.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bc91db96c066a6b753a699b949f43e9fdf9196af6d95fa7766aca8db6b86c5e

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jh2G6MxuN3YPtnN2j67OEw6m1Cm6z5Gj
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 04 Nov 2020 17:40:28 GMT
Server: AmazonS3
Age: 181
ETag: "48ecc89211879cb688fab21b1809af8b"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Mon, 16 Nov 2020 19:33:31 GMT
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 23341
X-Amz-Cf-Id: XuHmuPuF3ButV-vI0n8Z-NwPiqeuy6zzLu_7b1W26_lr1a3_RFeDFw==

POST
H2 200 /
securitybytes.io/_/clientele/reports/performance/ 0
0 129ms
129ms Fetch
application/octet-stream 52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securitybytes.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-240-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
sepia-upstream: medium
server: nginx
content-type: application/octet-stream
status: 200
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b, clientele/main-20200930-141053-61802e6eb8
x-envoy-upstream-service-time: 7
content-length: 0

POST
H2 200 /
securitybytes.io/_/clientele/reports/performance/ 0
0 128ms
128ms Fetch
application/octet-stream 52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securitybytes.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-240-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
sepia-upstream: medium
server: nginx
content-type: application/octet-stream
status: 200
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b, clientele/main-20200930-141053-61802e6eb8
x-envoy-upstream-service-time: 6
content-length: 0

GET
H2 200 a16180790160.html
a16180790160.cdn.optimizely.com/client_storage/ Frame 24AD 0
0 105ms
30ms Document
text/html 104.111.218.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.144 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-144.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a16180790160.cdn.optimizely.com
:scheme: https
:path: /client_storage/a16180790160.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2

Response headers

status: 200
x-amz-id-2: 60sjyOwXbFODYRzi1K6bfJlos6VTnLOhbqaSdfEjkVx9DRTT9x0KvjoxVaXH12g0tDqEfVZvezo=
x-amz-request-id: 3REY1K6HFT1QCN6M
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Nov 2020 19:11:06 GMT
etag: "d928fedefc4f6e04106045ddab934fa7"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: e6QSDcVyMlZlwmptw.2Fttpqracbkejf
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 781
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Mon, 16 Nov 2020 19:36:32 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="15";dur=0,cdnip;desc="104.111.218.144";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 1*kDXNDNrXvRKuinoX3YnjBg.png
miro.medium.com/max/747/ 46 KB
46 KB 28ms
27ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/747/1*kDXNDNrXvRKuinoX3YnjBg.png

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9549e9372938430798704f17a491dc15491d69a3a78783b9012a218c894362ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97802
status: 200
x-envoy-upstream-service-time: 45
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 46876
cf-request-id: 067428280b0000c2db843d3000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9534f85c2db-FRA
expires: Wed, 16 Dec 2020 19:36:32 GMT

GET
H2 200 1*gfxCo3wHl9MlXKUnRAAJwQ.png
miro.medium.com/max/592/ 7 KB
7 KB 40ms
40ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/592/1*gfxCo3wHl9MlXKUnRAAJwQ.png

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c53f1b5114df4cb1da8276818bccb4b9e66c4b2a9d4bb140113a3e3f8a941fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97802
status: 200
x-envoy-upstream-service-time: 60
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6944
cf-request-id: 067428280b0000c2dbaab31000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a9534f88c2db-FRA
expires: Wed, 16 Dec 2020 19:36:32 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
738 B 301ms
286ms Script
text/javascript 2600:9000:2057:7600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.57.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

2869d7563ab415c363bb93f71df68302dfd87cb2806f728b45208b8f9e9eb576

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 19:36:32 GMT
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty
X-Amz-Cf-Pop: FRA6-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-4GkT/zTxl2XZ+tdcEyAz5DLBZBo"
X-Amz-Cf-Id: GTUKniXuoq0BdD6c-1BYn1Pa4Q4XUuZws3S6Rs2i8-Fl9bwHq9aYww==

GET
H/1.1 200
OK /
srv-2020-11-16-19.pixel.parsely.com/plogger/ 43 B
229 B 462ms
130ms Image
image/gif 34.228.206.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-11-16-19.pixel.parsely.com/plogger/?rand=1605555392650&plid=298310&idsite=medium.com&url=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fsecuritybytes.io%2Fblue-team-fundamentals-part-two-windows-processes-759fe15965e2&sref=&sts=1605555392628&slts=0&title=Blue+Team+fundamentals+Part+Two%3A+Windows+Processes.+%7C+by+Pete+%7C+SecurityBytes&date=Mon+Nov+16+2020+20%3A36%3A32+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&js=1&pvid=50443584&u=pid%3D5d317fee18f203931b5bd4f94685ab4f
Requested by: Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.206.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-206-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 19:36:03 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 1*kDXNDNrXvRKuinoX3YnjBg.png
miro.medium.com/max/700/ 135 KB
135 KB 38ms
38ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*kDXNDNrXvRKuinoX3YnjBg.png

Requested by

Host: securitybytes.io
URL: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39a621d3321dcba0faa0be490c018b07866a2ca51fc0ac7890c118a512c19e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97802
status: 200
x-envoy-upstream-service-time: 105
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 137750
cf-request-id: 067428289c0000c2db7728d000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a954296ac2db-FRA
expires: Wed, 16 Dec 2020 19:36:32 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
643 B 189ms
168ms XHR
application/json 2600:9000:2182:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: eb79b32e9f2c7f182580871ab56295972bc4b0858ea8708b7043f0e743936c08

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 5b80e26694384e228fd6af4f4454835e-2020111619
content-length: 312
x-amz-cf-id: uyXkkAIUE-l3FJ3qjRCyHFDZgmagN7h9boDRIOacGWEgwwS_54LtdA==

POST
H2 200 /
securitybytes.io/_/clientele/reports/performance/ 0
0 137ms
137ms Fetch
application/octet-stream 52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securitybytes.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-240-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
sepia-upstream: medium
server: nginx
content-type: application/octet-stream
status: 200
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b, clientele/main-20200930-141053-61802e6eb8
x-envoy-upstream-service-time: 13
content-length: 0

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
577 B 317ms
317ms XHR
application/json 2600:9000:2182:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

11e43afb0b5135c3baa0f06634134fa363ed90bf6caeca4651b2131865be61f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: DUS51-C1
x-powered-by: Express
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: a22c20751cd84ec581a20203a78ce97f-2020111619
content-length: 180
etag: W/"b4-RL5ocGbuAq6zFW8Qz/M8sYgtMMI"
x-amz-cf-id: 1QtnkE_YmidEUUp1R4eTSkyPwe5270OT2E8kn18H9bF8HVPuELIOyw==

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
361 B 413ms
106ms XHR
text/plain 3.210.102.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.102.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-102-70.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 16 Nov 2020 19:36:33 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://securitybytes.io
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 8fa069a2-9aa4-4826-8bef-88b7c5642107

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
403 B 185ms
184ms XHR
application/json 2600:9000:2182:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
server: openresty
x-amz-cf-pop: DUS51-C1
x-powered-by: Express
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: ea21ac17f3a1407d836f63a13c511c58-2020111619
content-length: 28
x-amz-cf-id: vNBl8_oNq1sMzb4xprQI3Tq1IyOyKC3PNp6Fcw1hfRpL2O0r_MYQgw==

POST
H2 200 graphql Show response
securitybytes.io/_/ 4 KB
2 KB 310ms
309ms Fetch
application/json 52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securitybytes.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/648.d1565f9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-240-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2ac328cb5a321f4b24612f5b0fc1deb365813d46f0c212f8f666dae11f4211c0

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 5ed4510161ff1e53
Medium-Frontend-Path: /blue-team-fundamentals-part-two-windows-processes-759fe15965e2
Graphql-Operation: PostResponsesQuery
content-type: application/json
accept: */*
Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
Medium-Frontend-App: lite/main-20201116-181835-c41ce67910
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20201116-181835-c41ce67910
ot-tracer-spanid: 4853763467b58c04

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"11c1-sAfLE5ECOhHpjnNaPxdWzkJga0s"
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b, rito/main-20201116-185444-df50e72dae, tutu/medium-42984
x-envoy-upstream-service-time: 197
x-request-received-at: 1605555393701

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
404 B 192ms
191ms XHR
application/json 2600:9000:2182:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
server: openresty
x-amz-cf-pop: DUS51-C1
x-powered-by: Express
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: e8767bfc3fcd467c9513fcf7d1f20608-2020111619
content-length: 28
x-amz-cf-id: tTmrvWcGvEZQzFqC3CWUE0dkKP5bSK9a1xm46lCyySpJRKH8OQlLPg==

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
387 B 111ms
111ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6facecc25f54eb56b875d7e6914613cf9e8533e339e4179332fb87f49001ab0d

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-envoy-upstream-service-time: 0
access-control-allow-methods: POST
cf-request-id: 0674282d51000063ad3b0b7000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qh1JGWWKzWSqWO9rWpLgLyho%2F14GGayBWeqsO8pHuKBkN77M1naIWbMfWeqcBd6hyzhRqRIzBVqROYqV%2BI%2FJalvAUKOQyrVQD9FIOK2HN2FSoRrLCNsAYdpLIHXfxMWQd4TTUHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5f33a95bbf7663ad-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 134ms
117ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 16 Nov 2020 19:36:33 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0674282cdd000063ad61897000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vRsNtq2UwWMbrm7iezEtsLs1fH%2Fb9kPxN7hdJQ893W84H49mhvOU4F6mzC6wUke22Mf1dYoirbN00DrVQJA4cGFYkUFwXyfbdvwpd0TdEMzuFI6quekHb1nN9ameqyx7txXWCkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f33a95aff1763ad-FRA

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 117ms
117ms Fetch
application/json 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Mon, 16 Nov 2020 19:36:34 GMT
access-control-allow-origin: *
content-length: 2
content-type: application/json

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ Frame 0
0 290ms
92ms Other 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 16 Nov 2020 19:36:34 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

GET
H2 200 6441.76a23a15.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 125 KB
36 KB 22ms
21ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6441.76a23a15.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.f4867d24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0589d09339bbb975999f53d2717d10591dd582f18782decc9a25e21de383a362

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 253484
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: C87E05AA4B406666
x-amz-id-2: VGKELZ2V6D2BYmEgPX8TY5f4uThBA6eMCe549dIqMnn1P8QP2XhEqsovUGlw+dAZzT5G7Ez2ahY=
last-modified: Fri, 13 Nov 2020 21:09:48 GMT
server: cloudflare
etag: W/"f8bf07f5a077af6f802e5b2927b3c8a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: qsUCqpfb6aq1xfpxvfktkVMKhai4XG4a
cache-control: public, max-age=31536000
cf-request-id: 0674282da90000c2dbcab12000000001
cf-ray: 5f33a95c4cedc2db-FRA
expires: Tue, 16 Nov 2021 19:36:33 GMT

GET
H2 200 2514.d8de210a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
7 KB 38ms
37ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2514.d8de210a.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.f4867d24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1410d5c3d5b7158a7f15e9b1e447dab352693f68fda5ed7dc3991fe08213f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 253484
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: 2Q0YET2YFV6H9TFG
x-amz-id-2: I8JRvrVvAaF1AiUj6XnQuCm/HaXM+4Dpeh3h90/VhFhueGJEbkilaYRtCXZIHYdzCtNsnaMtu+A=
last-modified: Fri, 13 Nov 2020 21:09:48 GMT
server: cloudflare
etag: W/"698bb948ce71345a3ac9431206965cf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: budjk72NxjnmzO4ggABWBCYn0BlkRtsN
cache-control: public, max-age=31536000
cf-request-id: 0674282daa0000c2db9330c000000001
cf-ray: 5f33a95c4cefc2db-FRA
expires: Tue, 16 Nov 2021 19:36:33 GMT

GET
H2 200 responses.editor.112e12b6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
7 KB 30ms
30ms Script
application/javascript 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.112e12b6.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.f4867d24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8beb5d61d93dcbc58e6031c91a1ae96c890a40bcae4da08aaae76bda5d7cb70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 426520
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-amz-request-id: AD16D2C6CB217E2A
x-amz-id-2: O1uXiF5t6bAM/T4hN0TlTH4qM40V8JofWmnb+hiMCacg42jTXGaVYQQC+0BezaAx7N4aoe0LKYg=
last-modified: Wed, 11 Nov 2020 21:00:51 GMT
server: cloudflare
etag: W/"0a19bd4f840bd0be1afce45c5d8dc9bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: W87tSnxyn0u6tsoBtu7HJDb80HoE3qod
cache-control: public, max-age=31536000
cf-request-id: 0674282daa0000c2db88999000000001
cf-ray: 5f33a95c4cf0c2db-FRA
expires: Tue, 16 Nov 2021 19:36:33 GMT

GET
H2 200 0*1atahQpc48iF6Z_B.
miro.medium.com/fit/c/32/32/ 1 KB
1 KB 161ms
161ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/0*1atahQpc48iF6Z_B.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135a29f703f704acc8a80c3b038f52d78bc62ab611824ea3a3956045f7b9ebf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 25
content-length: 1034
cf-request-id: 0674282dc80000c2db4ea38000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a95c7d66c2db-FRA
expires: Wed, 16 Dec 2020 19:36:34 UTC

GET
H2 200 0*0v2shJhmo5-3rLwz.
miro.medium.com/fit/c/32/32/ 690 B
872 B 145ms
144ms Image
image/png 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/0*0v2shJhmo5-3rLwz.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c95cb28ae7b89b8fa151dff0f76bdcc38837b78875309e62da926c57c807e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 14
content-length: 690
cf-request-id: 0674282dcb0000c2db9398b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 5f33a95c7d69c2db-FRA
expires: Wed, 16 Dec 2020 19:36:34 UTC

GET
H2 200 0*pRavsYta92a-AXHv.jpg
miro.medium.com/fit/c/32/32/ 1 KB
1 KB 19ms
19ms Image
image/jpeg 2606:4700::6810:7991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/0*pRavsYta92a-AXHv.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28cadc65b3cfa0c819c84002644d375245ec170cbeb972602b89db68366487f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:36:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97800
status: 200
x-envoy-upstream-service-time: 91
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1066
cf-request-id: 0674282dc90000c2dbbe8e5000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 5f33a95c7d6fc2db-FRA
expires: Wed, 16 Dec 2020 19:36:34 GMT

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
372 B 120ms
120ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f886130818461c1fb699411e98ebbe1354e7ef965b1253e7e89e946bf74744d

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-envoy-upstream-service-time: 1
access-control-allow-methods: POST
cf-request-id: 067428300f000063ad5f314000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uci2BDa2%2FcWn1H7vqwX%2FGoK0B7O6u4oE8w4UcrbeKAEvHmyrntMZ5GDlIC7uj3G9NpGR43Nk5Nihr7ZMF%2FAyCKItlzcIu0brWqcuA6gDPsoeJ4QxHYS3i%2FJXf2SxbMOc0OUAt3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5f33a960192763ad-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 148ms
148ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 16 Nov 2020 19:36:34 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0674282f77000063ad51a10000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3yPc3zec%2B%2Bn%2F3fWx78rLupXU%2FolPwu4R%2FdcnQcIb8OISsdm4urVkXZDxv3YimZH0ojCieo9N8aG%2Fm7FR9fJxBw0T9J1cu062WREdU8wURHse7Y2akow1jhgwZFREtoCpk%2B6RlDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f33a95f28c063ad-FRA

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
482 B 159ms
158ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d9d9a25438047207423cf771a9013f6856c961063a44dc34975e2e99b8a5bef

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-envoy-upstream-service-time: 0
access-control-allow-methods: POST
cf-request-id: 0674283212000063ad4700a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BKrNIlVRfP1ZHOvpfXOK3LgS2Pu8ivVSwLARxfecfZ8p4MCeBkMfzvnrdfO1gthQUP7Cm4044tnIzgAST3QrcujVvKoGKYkW4JDiETFFYgC4OE5cMy2ZjINTQR9AUalBSYhk728%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5f33a9634aac63ad-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 129ms
128ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 16 Nov 2020 19:36:35 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0674283190000063ad4e1e2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=flt8AQQEyRaTlWCcrb%2B9O8Mdt0%2Bk2pxZ2yWIVdsIpa0TP7Q66%2BAYNtBXiiaw8WFXq4eUegKUrB0FJP8fvNnLE7nELLWl%2FakZfUBFxL5GnPpTo55oKg1E2%2FPoyGG8LN56R8kaw2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f33a9627a2e63ad-FRA

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 158ms
158ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 16 Nov 2020 19:36:35 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 42
cf-cache-status: DYNAMIC
cf-request-id: 06742833fa000063ad3a15d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ca74whAGhJVyxdIuvfoy6RmurzzGb0nmm%2BFl0CTCEBT7r6JZ5YmbZ5C2WI1uurefvdghKcZVLWoqzUykzuqmvky%2BKIzVZvzziYmmSdx6Q9tVtKNlCabpVsMjRTHb1IZYnaDeFsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f33a9665c0563ad-FRA

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
615 B 108ms
107ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384bcfd05c526da02ae656b20bb7eab952d98dde608156e32e565fed796862d6

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-envoy-upstream-service-time: 0
access-control-allow-methods: POST
cf-request-id: 0674283499000063ad42806000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RF6hoL1DckrYHOlPpkfNyv6MZ4ArzwX8hJeADyCFJkflxDIh75R5zYpYaw1P7a2iqiX9DX6JIcLZE%2BHa%2BMLAN%2B2fChpYytdefy%2BAcSr7FPj8LyUsaJJMHReBeLgC0LktbAEiSJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5f33a9675cb663ad-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

POST
H2 200 batch Show response
securitybytes.io/_/ 17 B
246 B 290ms
290ms Fetch
application/json 52.4.240.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securitybytes.io/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.240.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-240-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:37 GMT
sepia-upstream: medium
server: nginx
content-type: application/json
status: 200
medium-fulfilled-by: valencia/main-20201113-210444-43720d1a1b
x-envoy-upstream-service-time: 157
content-length: 17

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 115ms
115ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://securitybytes.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 16 Nov 2020 19:36:37 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0674283ca8000063ad4bb65000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HbEzy9T9M0a81O5GXkiTwx3a4qJ4QV87c4tH1HBh07sCnPzYvJESJBsHtLNBZeqPycWqr7aQOwAh5rOX1w6s9WGeWZ7JvmzKcK3g9mcww8TfjZN1ujG5DGLFFruBLS1D9PbKtMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f33a9744a3b63ad-FRA

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
407 B 119ms
119ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.71c7b89b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7b2a63eb6f713eaacc4611022a3236dece06bab9e2ea2e987b1c3e1baf5a84

Request headers

Referer: https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Nov 2020 19:36:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-envoy-upstream-service-time: 0
access-control-allow-methods: POST
cf-request-id: 0674283d1d000063ad6604a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9V01Plqqfs4ZvKAFXPCqpWI6ygUACznv2n2nlEBRYEWR1uDBoV9S0UdfjrHeagvHqr%2BISb0BuiTV%2F2dB%2BkpJwSktMabZ7PgSjU6HDa7T8lWbzTKYY7VQpgt8vwncvuac8PTP4H0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5f33a974fa9c63ad-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securitybytes.io/	1970-01-19 23:28:39	Name: _parsely_visitor Value: {%22id%22:%22pid=5d317fee18f203931b5bd4f94685ab4f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1605555392628}
securitybytes.io/	1970-01-19 14:09:20	Name: lightstep_session_id Value: 25e8bcb4782dede3
.securitybytes.io/	1970-01-19 13:59:15	Name: _gat Value: 1
.securitybytes.io/	1970-01-19 14:00:41	Name: _gid Value: GA1.2.1930115338.1605555391
.securitybytes.io/	1970-01-20 07:30:27	Name: _ga Value: GA1.2.971527528.1605555391
.securitybytes.io/	1970-01-19 13:59:17	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2%22%2C%22sref%22:%22%22%2C%22sts%22:1605555392628%2C%22slts%22:0}
securitybytes.io/	1970-01-19 14:09:20	Name: lightstep_guid/lite-web Value: 2d130aa452d27cad
securitybytes.io/	1970-01-19 22:44:51	Name: sid Value: 1:ljAG0BtgL8wo69lAhiv6ig51NIXA+KFWc4Ai+SjBe2GRHmU0J0YUQGWG55VzyZWj
.securitybytes.io/	1970-01-19 18:18:27	Name: optimizelyEndUserId Value: lo_d2a28c4eddc1
securitybytes.io/	1970-01-19 22:44:51	Name: optimizelyEndUserId Value: lo_d2a28c4eddc1
securitybytes.io/	1970-01-19 22:44:51	Name: uid Value: lo_d2a28c4eddc1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.125948e1.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e
console-api	debug	URL: https://cdn-client.medium.com/lite/static/js/648.d1565f9b.js(Line 2) Message: [bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	allow-from medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a16180790160.cdn.optimizely.com
api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
d1z2jf7jlzjs58.cloudfront.net
glyph.medium.com
lightstep.medium.systems
logx.optimizely.com
medium.com
miro.medium.com
securitybytes.io
sessions.bugsnag.com
srv-2020-11-16-19.pixel.parsely.com
www.google-analytics.com
104.111.218.144
13.226.132.83
13.226.156.112
2600:1901:0:7a0b::
2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1
2600:9000:2057:7600:19:9934:6a80:93a1
2600:9000:2182:8200:11:f728:3040:93a1
2606:4700::6810:787f
2606:4700::6810:7991
2606:4700:e2::ac40:8a24
2a00:1450:4001:802::200e
2a02:26f0:6c00:284::13b8
3.210.102.70
34.228.206.191
52.4.240.221
0589d09339bbb975999f53d2717d10591dd582f18782decc9a25e21de383a362
05a7dcabcc1bde6b5b7d90eca8e955d02b7b4edb967d68f0c3ca69cb70ce5c09
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0eb2f8591bf82b158baed4b3df098f534abe34facad67d2d4089a0cd0ebc27fc
10938d21ecb9c7504a3ea97a6dfc617d7dcd67577f2dfba8df6dbcff6186fae5
1195c9475f1c0f48a087c622aec403759b7d98b48879fcbaf223835f39dc6a62
11e43afb0b5135c3baa0f06634134fa363ed90bf6caeca4651b2131865be61f3
135a29f703f704acc8a80c3b038f52d78bc62ab611824ea3a3956045f7b9ebf0
1ab78042440d660d97113c18db1b803a5504d09047a5143d11950750a14ea791
1c95cb28ae7b89b8fa151dff0f76bdcc38837b78875309e62da926c57c807e33
21f060d7fbd4bfd0b793693cd4e837046c5e9e8a24b7eb861699dbeca1db7009
24e748e21eddd2329725efaae3552c620818f04c36bc5bd6bf35857004cbafca
24f57c8a7488efec49abd16bbc8bcfb374d6483bbd783732481f47b6f194a7da
2869d7563ab415c363bb93f71df68302dfd87cb2806f728b45208b8f9e9eb576
2ac328cb5a321f4b24612f5b0fc1deb365813d46f0c212f8f666dae11f4211c0
2b7b2a63eb6f713eaacc4611022a3236dece06bab9e2ea2e987b1c3e1baf5a84
2b84d7e51bf5ccea7277811867bfe6f75a2f4e620dfdea23748bb4ed5270c8f4
2d6656287fa1325f938441be0a1343b7946a17457f95f19770a8981ce392e307
30bc3404a55d32a699bdc8261bfa42eee98f20509933041c08c866b363676c01
345091912e4ce82252bdf62685ac7fdd1877218b124300c6fe631bde2dc8e2f6
3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0
364f6c75955774aebff7e991251b546bc3be8bd6b8c2ec6992093954d2880ad1
384bcfd05c526da02ae656b20bb7eab952d98dde608156e32e565fed796862d6
387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3
3935c2eae48b2002022398fb816e02f6b172e8f80a7cccfcece2a94205f06cb4
3a18fc23b24d6a7b7ab6a06c33b6450d99d85b3a5f717f40b96f6a7f22835a83
3a468488260e52744068c9b4c84fcbc041c694944f13a5dd926ed8d8c75373a8
3dfad7e2b15555ede49c5f70421bf9812bea1dff7d90ca9845d0d9a90d06e33a
3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c
40ac6fe649aa853633a57ab2ec0710a69fff6c8be308aae4aad815fb0deacc97
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
43837d8fe72cd41acfce2664e5dd013c3e1a45a09d48b06ce715f0a9d94d7f5a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
471d08aa62bd27c03bcf96dea7b9153a44b4004c405a6ce05ff4817ed3c0ce08
4750033537e1fce0cecb8e2ca493d2878ddecd37b292cf1394fbaf506dff30db
4e2f43bbfc3de24925e9d6b80cb78ab9ebba1f492495998f6c799f7d766622a0
5148cc08102f35ee30d3396e36bfaa0b511915a08fea408b67969dda8e604d25
51a720da25a9c8316d379c0e3a6b9e1a165b9255fad1396480c9ed5e0931ae58
521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019
542f8ca5ea63e208165bc12cea486ffe3827f12ea74df9457e3eb9fb27789932
559b03b627bb2a5cfa4390b674bdca59d21dfacfc9eea75a3e60d30382685d0b
5a0d781b690801626c7da06bb429031718eb18ff1d76b2937c47f5fd7c5fbbc5
6466f6c63fc6762dafcdab568fc0ba0fd6888964894962c7fd2e2fcacd049632
64b51d8e464e49d87bdd400ff448f865a410b08bee92ab38f2a19f26aaa06587
657f85f1f717dfcf71d54955f08094c8f627c55434576788f1fc5a9139c139d5
659a572fb442fb55d5a8432299fa175f35ce63874a49887bcc9656977c5d39b4
6a2d409e17216ae3e22a74c39cce61f71dffe952b015d86d3f607db99a3aa7b8
6bc91db96c066a6b753a699b949f43e9fdf9196af6d95fa7766aca8db6b86c5e
6f8169653bed20d1de0da7dd6fc3487db2888958934886ff8108244a4d8d5f04
6facecc25f54eb56b875d7e6914613cf9e8533e339e4179332fb87f49001ab0d
71a6d0390d0c97c7ed3f30f3c30a05181548333f64dfbc530270522827c8d03c
720fb9810361bb8ffca02d0ffb87b917afb7c4edbc05703d3f2fd13eca0ec73f
76c5577177c985428596986c71f51186f7f8fe334b397b2ba8ee2997e3f1672e
7886e0489f83052da46abf4683899d44b8fe057cd74877415952ae20a874a740
79bc19e130d6be2d7f37dae6cb5969eb6cc8086e7e4125349c1609d434f33e99
7a106482c2203768493ae731c6401c8a286491cadeee84cfbc653f5b79b9aa76
7d9d9a25438047207423cf771a9013f6856c961063a44dc34975e2e99b8a5bef
7e74ef2aba06c7e1252790f5f11784ed893404592e895f8e8b64801e3061826b
7f886130818461c1fb699411e98ebbe1354e7ef965b1253e7e89e946bf74744d
8029540a7b50ea08504369fb414fc02d49e1edec36470a1d24a0d9a3fa8d1bbd
807a289251ad69553fbead5fe8b66001b4adbc92bf82a5e05c690cb593adfb56
83c5be3def246e01972daceb8b9cc20659850137e14bae251225422dab36f304
876f2fea84434bb95a6cfb6e130566e51616d483043706f1c6d89c464592e1fc
88a9ca504e150531457bb325fe90957d6e6d5ca761c95a922281def045f8b9ef
89c299c32cd4c96a7429c583bbe14a98ecf3569f51180c4544d78b4aff74a34d
8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b
8c0cfa992e9c81ff12d2b63cff949313b330cf63d08ec248aadcb6871a868257
8f89b8dabcbad748a89d8a65c6cd1b0a47b31038aff7f890a354454aac5317e4
927d508644d0dd1666ced2bd42d8bd9ea9c82fb3f2d48272b973867864db9cb9
9549e9372938430798704f17a491dc15491d69a3a78783b9012a218c894362ee
958f7e5a7403d9072b22c6745bbd7a93c7c9ae9bbcd56470319313497dd36ee4
973141fc8f7216e11582d6def8be43f5cf95551ad9f27e2b32b63e0c0fef67c6
9c23802b3b7ab8a4ca7aa15e98b2008293dcd58cd44b61c8b1a1df4d4cc1bf6a
9d7ec18019e1222729a945bbb5c41e20238ab22327419ec34efe974129af51f3
9dc7d8375584b2f7ea45ce37db3487f14700fedff7729e3608dcc7b5adb3513d
9fceb6eadbc29ec2a964360f1ca10c9ef2673c2326ac45d498937df85aff3701
9fd498873e21da1ba7c625b72ea29080ebc7bd95d571c52a366de5f826cb4d2a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a9375c008536c5d775947c03ee9ea63c5dd5b1f0829b31132e8d42a1e4c2c8b7
ad04f8eea51f463de72187d7d2e6cb0363b3d48307366ba66f5135c512e2f431
b1410d5c3d5b7158a7f15e9b1e447dab352693f68fda5ed7dc3991fe08213f8b
b37c1aa10a24e2122d5717a550cd8e5505072ee4449f7d7a1aad8f5d72f797dd
b3986390b8cc1d94f35926722bdc434fc12571434662e5e5902a9ccb67c34733
b39a621d3321dcba0faa0be490c018b07866a2ca51fc0ac7890c118a512c19e6
b3b4f1ce0d89e52e8e1e7e1005bd4ffd61a2124dbd2257a461520986b692a66d
b870bfe8df4bd39226198caf1a90f4dd6a27b5e7d506c99d9d4abda2599f1af0
ba1be54bb725594a0386fb00e7212ce5aadb8ad99e6809bb857b9ef7491d9711
bab91ce8758c3811a300e5cca673756bf1e5dcf93131b262bee2dd15535db953
bc72a2ca45067a3d17fed4cd8776fec5dca3b9ecd7300e107f9256a86a0c8b2f
c219308cc451d69ac97f376d26dfe81bed9e3dd7e40c8315c4c1b6360a4a9819
c2aea356b59cfcd06328a74a9e1dff1c6c12c73f1fb3832d20bcb05385a349b6
c53f1b5114df4cb1da8276818bccb4b9e66c4b2a9d4bb140113a3e3f8a941fa4
c80eb01bd97ffc1c797ba8b391032b0991152a71ce7cddae90034f77cd954ad6
c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737
c944c926aefc4daf6b9ee3c17c385ea554c47fba975fa4b3db1f556567a2d5eb
c9c024b9f5192122592fb6f843342f3543cd156f848e9eb8328f76a09eb3dafc
cba880c00a1c21a8d204a51bfc732ec7bbfca358504388404dddbdbd9c5ae460
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4f434741b9572b7f377cfab6193023b78e6d7d1ececc940b6cdecdbb7706f2e
d9f4969854fa4004e00ddf84c2ca5ada59216aef292c3f6e7a5b1a73d90646f9
da03a064bc64d21bd4ace1d742f08cb25391670d0735d78ef6a94db5dafd8c7a
dccd53f97210b2d324484de530c8ffcbf41ebc6bf65682b000f967dcddbe00ea
e28cadc65b3cfa0c819c84002644d375245ec170cbeb972602b89db68366487f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e543d83cad5f3e4973f7bb52280a9a1722a20ef3d71c4b99b7a7b60770bb2ac8
e5d00d6b95e13e69bac3bf967aa85cb6eab7c1eafe8a249ed5e1f1a81a3f96ba
e74f372b2b5bfd8c51b0037dc8690e17c27fd5fb0fcaa755405b93e682091845
e79b0efd4fb918327ca4526a8c51c24d96b7f7fe430e99230539b7d61e8d2189
e8138c096e0fe75403f6c983d40d1867ffe44f231422bd4b66b19e02bdaf3f84
e8beb5d61d93dcbc58e6031c91a1ae96c890a40bcae4da08aaae76bda5d7cb70
eb79b32e9f2c7f182580871ab56295972bc4b0858ea8708b7043f0e743936c08
ecf19e354190cf47e1a91f71778e22f8cbe7dbbb85b4ad7a239d8d65b4cbb3a5
ecfd67952d341851f49558fd5b3314f9c54869c362801f51552e1a9df07c8ba8
ed9afec6e91090ff2f1bf657e98654e05d653e8718a14638b247be040fe10c7d
ee85e7820e4db6aa33b17a052ab770693f094b0492ee9baa58def69a9cfd9f1a
f0b6d0c327dff3b25dcc9ee7dfb2a0eba31a951ce81f86f05b053715d46bacf1
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62
fadcb7f35bee8ca8c158b704b4b7191463869783b883ce6ae99be68ddde1f6b7
fba11f3d9d0d4d78b9457b678f2117ab60bc87ba0d81dce357ea312e363799f8
ff01f58a98bd955f348d127f7efc2f72bcf1748671d9cbc01869e8e7e715eaeb

securitybytes.io Open in urlscan Pro 52.4.240.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

100 %HTTPS

60 %IPv6

11 Domains

17 Subdomains

14 IPs

4 Countries

1427 kBTransfer

3388 kBSize

11 Cookies

70 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securitybytes.io Open in urlscan Pro
52.4.240.221 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

17
Subdomains

14
IPs

4
Countries

1427 kB
Transfer

3388 kB
Size

11
Cookies

141 HTTP transactions
0 data transactions