himitsuflavor.medium.com Open in urlscan Pro
2606:4700:7::a29f:9904 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://infosecwriteups.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
Effective URL:
https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
Submission: On September 17 via api (September 17th 2024, 5:28:01 pm UTC) from US — Scanned from DE

Summary HTTP 84 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 84 HTTP transactions. The main IP is 2606:4700:7::a29f:9904, located in United States and belongs to CLOUDFLARENET, US. The main domain is himitsuflavor.medium.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 16th 2024. Valid for: a year.

This is the only time himitsuflavor.medium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	162.159.153.4 162.159.153.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 57	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 18	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.187.59 18.173.187.59	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:6a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:26d... 2600:9000:26db:400:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
84	10

2 162.159.153.4 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

infosecwriteups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
himitsuflavor.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

himitsuflavor.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-59.muc50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:6a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26db:400:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	medium.com 2 redirects medium.com — Cisco Umbrella Rank: 11531 himitsuflavor.medium.com glyph.medium.com — Cisco Umbrella Rank: 23710 cdn-client.medium.com — Cisco Umbrella Rank: 24894 miro.medium.com — Cisco Umbrella Rank: 16044	1 MB
4	branch.io cdn.branch.io — Cisco Umbrella Rank: 982 api2.branch.io — Cisco Umbrella Rank: 1398	25 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
2	infosecwriteups.com 2 redirects infosecwriteups.com	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3310
1	app.link app.link — Cisco Umbrella Rank: 2390	636 B
1	gstatic.com www.gstatic.com	215 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	94 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 670	7 KB
84	9

	Domain	Requested by
31	cdn-client.medium.com	himitsuflavor.medium.com cdn-client.medium.com
21	himitsuflavor.medium.com	1 redirects cdn-client.medium.com static.cloudflareinsights.com himitsuflavor.medium.com
12	miro.medium.com	himitsuflavor.medium.com
10	glyph.medium.com	glyph.medium.com
3	api2.branch.io	cdn.branch.io
2	www.google.com	cdn-client.medium.com www.gstatic.com
2	infosecwriteups.com	2 redirects
1	region1.google-analytics.com	cdn-client.medium.com
1	app.link	cdn.branch.io
1	www.gstatic.com	www.google.com
1	cdn.branch.io	himitsuflavor.medium.com
1	www.googletagmanager.com	cdn-client.medium.com
1	static.cloudflareinsights.com	himitsuflavor.medium.com
1	medium.com	1 redirects
84	14

This site contains links to these domains. Also see Links.

Domain
rsci.app.link
medium.com
infosecwriteups.com
vries-richard-de.medium.com
alexcancode.medium.com
levelup.gitconnected.com
posts.specterops.io
help.medium.com
medium.statuspage.io
blog.medium.com
policy.medium.com
speechify.com

Subject Issuer	Validity	Valid
medium.com Cloudflare Inc ECC CA-3	`2024-02-16` - `2024-12-31`	a year	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M03	`2024-08-11` - `2025-09-09`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
appipv4.link Amazon RSA 2048 M03	`2024-03-25` - `2025-04-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
Frame ID: 3E624DF2188C07B4332B529E0FC5D4F2
Requests: 81 HTTP requests in this frame

Frame: https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: 1529F13981CF329039F8D9F60BC1B4B4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp&co=aHR0cHM6Ly9oaW1pdHN1Zmxhdm9yLm1lZGl1bS5jb206NDQz&hl=de&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=r93kgdc8jx1h
Frame ID: AF31559D86A4C4358A5EF8444B529DF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PeakLight Campaign — MSHTA. PeakLight Malware | by NaotaClone | Sep, 2024 | Medium

Page URL History Show full URLs

https://infosecwriteups.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27 HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Fpeakligh... HTTP 307
https://infosecwriteups.com/peaklight-campaign-mshta-a7f45aec50ab?gi=e6c470bf0bf0&source=rss------threat... HTTP 301
https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27 Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

84
Requests

99 %
HTTPS

82 %
IPv6

9
Domains

14
Subdomains

10
IPs

3
Countries

1507 kB
Transfer

3998 kB
Size

10
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2Fa7f45aec50ab&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderUser&source=---two_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fhimitsuflavor.medium.com%2Fpeaklight-campaign-mshta-a7f45aec50ab&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---two_column_layout_nav-----------------------new_post_topnav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fa174078fccb0&operation=register&redirect=https%3A%2F%2Fhimitsuflavor.medium.com%2Fpeaklight-campaign-mshta-a7f45aec50ab&user=NaotaClone&userId=a174078fccb0&source=post_page-a174078fccb0----a7f45aec50ab---------------------post_header-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fa7f45aec50ab&operation=register&redirect=https%3A%2F%2Fhimitsuflavor.medium.com%2Fpeaklight-campaign-mshta-a7f45aec50ab&user=NaotaClone&userId=a174078fccb0&source=-----a7f45aec50ab---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa7f45aec50ab&operation=register&redirect=https%3A%2F%2Fhimitsuflavor.medium.com%2Fpeaklight-campaign-mshta-a7f45aec50ab&source=-----a7f45aec50ab---------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3Da7f45aec50ab&operation=register&redirect=https%3A%2F%2Fhimitsuflavor.medium.com%2Fpeaklight-campaign-mshta-a7f45aec50ab&source=-----a7f45aec50ab---------------------post_audio_button-----------
Title: Listen

Search URL Search Domain Scan URL

URL: https://medium.com/tag/threat-hunting?source=post_page-----a7f45aec50ab--------------------------------
Title: Threat Hunting

Search URL Search Domain Scan URL

URL: https://medium.com/tag/malware?source=post_page-----a7f45aec50ab--------------------------------
Title: Malware

Search URL Search Domain Scan URL

URL: https://medium.com/tag/threat-intelligence?source=post_page-----a7f45aec50ab--------------------------------
Title: Threat Intelligence

Search URL Search Domain Scan URL

URL: https://medium.com/tag/threat-modeling?source=post_page-----a7f45aec50ab--------------------------------
Title: Threat Modeling

Search URL Search Domain Scan URL

URL: https://medium.com/tag/threat-detection?source=post_page-----a7f45aec50ab--------------------------------
Title: Threat Detection

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fusers%2Fa174078fccb0%2Flazily-enable-writer-subscription&operation=register&redirect=https%3A%2F%2Fhimitsuflavor.medium.com%2Fpeaklight-campaign-mshta-a7f45aec50ab&user=NaotaClone&userId=a174078fccb0&source=-----a7f45aec50ab---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://infosecwriteups.com/?source=author_recirc-----a7f45aec50ab----0---------------------c799445a_883a_4c03_bb45_a3a194b3b73c-------
Title: InfoSec Write-ups

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Feed56c0b1cc7&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ficmp-exfiltration-with-himitsu-eed56c0b1cc7&source=-----a7f45aec50ab----0-----------------bookmark_preview----c799445a_883a_4c03_bb45_a3a194b3b73c-------

Search URL Search Domain Scan URL

URL: https://infosecwriteups.com/?source=post_page-----a7f45aec50ab----0----------------------------
Title: InfoSec Write-ups

Search URL Search Domain Scan URL

URL: https://vries-richard-de.medium.com/?source=read_next_recirc-----a7f45aec50ab----0---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/tales-from-a-security-professional?source=read_next_recirc-----a7f45aec50ab----0---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: Tales from a Security Professional

Search URL Search Domain Scan URL

URL: https://vries-richard-de.medium.com/threat-intelligence-the-lifeline-for-every-security-operation-center-67e354b21547?source=read_next_recirc-----a7f45aec50ab----0---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: Threat Intelligence - The lifeline for every Security Operation CenterEstablishing a CTI team is crucial for enhancing the operational efficiency and effectiveness of a SOC.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F67e354b21547&operation=register&redirect=https%3A%2F%2Fmedium.com%2Ftales-from-a-security-professional%2Fthreat-intelligence-the-lifeline-for-every-security-operation-center-67e354b21547&source=-----a7f45aec50ab----0-----------------bookmark_preview----e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://alexcancode.medium.com/?source=read_next_recirc-----a7f45aec50ab----1---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://levelup.gitconnected.com/?source=read_next_recirc-----a7f45aec50ab----1---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: Level Up Coding

Search URL Search Domain Scan URL

URL: https://alexcancode.medium.com/the-resume-that-got-a-software-engineer-a-300-000-job-at-google-8c5a1ecff40f?source=read_next_recirc-----a7f45aec50ab----1---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: The resume that got a software engineer a $300,000 job at Google.1-page. Well-formatted.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F8c5a1ecff40f&operation=register&redirect=https%3A%2F%2Flevelup.gitconnected.com%2Fthe-resume-that-got-a-software-engineer-a-300-000-job-at-google-8c5a1ecff40f&source=-----a7f45aec50ab----1-----------------bookmark_preview----e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumStaff/list/staff-picks-c7bc6e1ee00f?source=read_next_recirc-----a7f45aec50ab--------------------------------
Title: Staff Picks734 stories·1301 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumStaff/list/stories-to-help-you-levelup-at-work-faca18b0622f?source=read_next_recirc-----a7f45aec50ab--------------------------------
Title: Stories to Help You Level-Up at Work19 stories·800 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumForTeams/list/selfimprovement-101-3c62b6cb0526?source=read_next_recirc-----a7f45aec50ab--------------------------------
Title: Self-Improvement 10120 stories·2744 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumForTeams/list/productivity-101-f09f1aaf38cd?source=read_next_recirc-----a7f45aec50ab--------------------------------
Title: Productivity 10120 stories·2350 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@vanvleet?source=read_next_recirc-----a7f45aec50ab----0---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/@vanvleet/compound-probability-you-dont-need-100-coverage-to-win-a2e650da21a4?source=read_next_recirc-----a7f45aec50ab----0---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: Compound Probability: You Don’t Need 100% Coverage to WinWhy you don’t need to have 100% attack surface coverage to have a strong chance of detecting attackers in your enterprise.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa2e650da21a4&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40vanvleet%2Fcompound-probability-you-dont-need-100-coverage-to-win-a2e650da21a4&source=-----a7f45aec50ab----0-----------------bookmark_preview----e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/@jonathanmondaut?source=read_next_recirc-----a7f45aec50ab----1---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/@jonathanmondaut/how-chatgpt-turned-me-into-a-hacker-7469d5b43026?source=read_next_recirc-----a7f45aec50ab----1---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: How ChatGPT Turned Me into a HackerDiscover how ChatGPT helped me become a hacker, from gathering resources to tackling CTF challenges, all with the power of AI.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F7469d5b43026&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40jonathanmondaut%2Fhow-chatgpt-turned-me-into-a-hacker-7469d5b43026&source=-----a7f45aec50ab----1-----------------bookmark_preview----e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/@jonasblowknudsen?source=read_next_recirc-----a7f45aec50ab----2---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/?source=read_next_recirc-----a7f45aec50ab----2---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: Posts By SpecterOps Team Members

Search URL Search Domain Scan URL

URL: https://medium.com/@jonasblowknudsen/adcs-attack-paths-in-bloodhound-part-3-33efb00856ac?source=read_next_recirc-----a7f45aec50ab----2---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: ADCS Attack Paths in BloodHound — Part 3In this blog post, we will explore the new ESC6/ESC9/ESC10 edges we have introduced with ADCS support in BloodHound.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F33efb00856ac&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fadcs-attack-paths-in-bloodhound-part-3-33efb00856ac&source=-----a7f45aec50ab----2-----------------bookmark_preview----e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/@sathyaprakashsahoo?source=read_next_recirc-----a7f45aec50ab----3---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://infosecwriteups.com/?source=read_next_recirc-----a7f45aec50ab----3---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: InfoSec Write-ups

Search URL Search Domain Scan URL

URL: https://medium.com/@sathyaprakashsahoo/heres-why-i-don-t-suggest-people-to-get-into-cybersecurity-38cc301e4bbf?source=read_next_recirc-----a7f45aec50ab----3---------------------e0238177_c75c_448e_b955_ab19abdfa7e8-------
Title: Here’s Why I Don’t Suggest People to Get into CybersecurityWhat Most Won’t Tell You About a Career in Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F38cc301e4bbf&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fheres-why-i-don-t-suggest-people-to-get-into-cybersecurity-38cc301e4bbf&source=-----a7f45aec50ab----3-----------------bookmark_preview----e0238177_c75c_448e_b955_ab19abdfa7e8-------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----a7f45aec50ab--------------------------------
Title: See more recommendations

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----a7f45aec50ab--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=post_page-----a7f45aec50ab--------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----a7f45aec50ab--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=post_page-----a7f45aec50ab--------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=post_page-----a7f45aec50ab--------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----a7f45aec50ab--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----a7f45aec50ab--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://speechify.com/medium?source=post_page-----a7f45aec50ab--------------------------------
Title: Text to speech

Search URL Search Domain Scan URL

URL: https://medium.com/business?source=post_page-----a7f45aec50ab--------------------------------
Title: Teams

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://infosecwriteups.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27 HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Fpeaklight-campaign-mshta-a7f45aec50ab%3Fsource%3Drss------threat_intelligence-5%2527 HTTP 307
https://infosecwriteups.com/peaklight-campaign-mshta-a7f45aec50ab?gi=e6c470bf0bf0&source=rss------threat_intelligence-5%27 HTTP 301
https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request peaklight-campaign-mshta-a7f45aec50ab Show response
himitsuflavor.medium.com/
Redirect Chain

https://infosecwriteups.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Fpeaklight-campaign-mshta-a7f45aec50ab%3Fsource%3Drss------threat_intelligence-5%2527
https://infosecwriteups.com/peaklight-campaign-mshta-a7f45aec50ab?gi=e6c470bf0bf0&source=rss------threat_intelligence-5%27
https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

149 KB
33 KB

115ms
99ms

Document
text/html

2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a23131af339d188d1759b90cfe0e263f2d0c1eb2ba715f6a8e9070eb61d9582

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 4522
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: HIT
cf-ray: 8c4acf317ff29763-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Tue, 17 Sep 2024 17:27:51 GMT
expires: Wed, 18 Sep 2024 17:27:51 GMT
link: <https://glyph.medium.com/css/unbound.css>; as="style"; rel="preload"
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, lite/main-20240917-093055-cfc0a04bbf, rito/main-20240916-200104-6a0c129ba8, tutu/main-20240916-212259-fa09bc94f3
medium-missing-time: 232
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-cache-key: himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?gate-enable_update_topic_portals_wtf=true&gate-enable_logo_update_phase3=true&exp-enable_custom_moc_preview_weight_threshold=group_1
worker-cache-middleware: true
worker-missing-cookies: 0
x-content-type-options: nosniff
x-envoy-upstream-service-time: 329
x-request-received-at: 1726584964142

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c4acf2eaf3e65f3-AMS
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Tue, 17 Sep 2024 17:27:51 GMT
location: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5'
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, lite/main-20240917-093055-cfc0a04bbf, rito/main-20240916-200104-6a0c129ba8, tutu/main-20240916-212259-fa09bc94f3
medium-missing-time: 174
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 243
x-request-received-at: 1726594070934

GET
H2 200 unbound.css
glyph.medium.com/css/ 19 KB
0 0ms
0ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3101
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf31c8489763-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 17 Sep 2024 19:27:51 GMT

GET
H2 200 manifest.2932f202.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 94ms
73ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.2932f202.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f17b5381108f219d216a038a94ad2e028c46e813885320993ca19d46ba36dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: gEHIHrG.AuFgMLTF4gqeF.so9gL6xV5S
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KWY6FBFPKJQ15AMM
age: 27768
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: DxSGiaLofRKLnYs2Nz9jOzgyhsdP03P1zSjNcJky7WRR+Xs0nX7isVbM4GzNC4dLLh+jVjct9MHvRvm+L/35XBHUe4FY3dw8nETd/2EFw98=
last-modified: Tue, 17 Sep 2024 09:36:39 GMT
server: cloudflare
etag: W/"9b2a3255e78e9b9b4a2c2579013c4a06"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258dc9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 9865.1496d74a.js Show response
cdn-client.medium.com/lite/static/js/ 618 KB
192 KB 88ms
67ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b436fafd50c4a34bb5478d817e964e3ee611849abbbe6557063140f9555f8931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: 961vTxAP_4lmeUByLjRWeGFpTSLxcslW
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1V7679J4T318626W
age: 965904
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: MK/W8hNMNbi+R/3T39p1KzuL6sBH9gmAPTLEKkWMhv11kQLasWDTodv4R1JUTUjwzzoTdgLi95ie6/+Y0hfjxw==
last-modified: Thu, 22 Aug 2024 12:31:40 GMT
server: cloudflare
etag: W/"cc9a9e5111ad77aabf3f379d0135b3cd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258e29763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 main.a63fb02e.js Show response
cdn-client.medium.com/lite/static/js/ 857 KB
196 KB 67ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.a63fb02e.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c92b7d216ed7eea7f92b6fd7745b6c97523a5e1673e55e1d554139f87a553044

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: 1RD8zmYBUUTA4ecWCWbnRsLSW9AyVPcZ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KWY2FB13J0V2YK0N
age: 27768
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: A+AdK/6CcHzMt0ilGGadKOvv0VEPzZKYgGSg06rCcyUc5ljegtZeXF76dFAZXstFxxgo+xjnLZ4=
last-modified: Tue, 17 Sep 2024 09:35:51 GMT
server: cloudflare
etag: W/"98de3a46ca092cd57661f5215120cab7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258dd9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 instrumentation.d9108df7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 87ms
67ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.d9108df7.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3edb3930e433b6ee76c26ed156d44196652363b4fa881a3e140b3e0b43d2a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: .o.5Xe59BjAug.2i7CIo5xR8KvX9Uh6Q
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6PS8G29Z5H1WM2X9
age: 654676
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BybGD4PWIghsqmsdPy9UA3nQrUPfoYlS/R5yV+zzyyC1pW0v1aZhcP4RtoxZYOaksEgvYoVlHVA=
last-modified: Mon, 01 Jul 2024 15:12:51 GMT
server: cloudflare
etag: W/"4d3916cdf704b083082b21a733ef176c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258e69763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 reporting.ff22a7a5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 90ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.ff22a7a5.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eada6d1c06b5d675e0c143a2fbef8bf83e3060e9ba20ceeb37ec9415ce9bdbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: WdqYVC5hKfoxJxknk7bO0he3xYL6sW.H
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: K11CV5MR43B7K2CW
age: 654676
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HJUreF5CjFASFzLta0aW0WSXjLCeHT0fXKS0KTrnN0ah8gPS/3Nm8TW2kqKptMOiQIOelNyxkW2pOP1zYdNPNPQP8aoOvd9+
last-modified: Mon, 27 May 2024 12:15:10 GMT
server: cloudflare
etag: W/"d5998f5c1de61a2837a52be8d7d89310"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258e39763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 5049.d1ead72d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 28 KB
12 KB 63ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5049.d1ead72d.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3985e3779ce6d21045b715324bc4837fc966d0c762a479e5da9764b438e41d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: lXRfPpt5JdTbUioBJcZxfOnTjjaqCp3p
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 49MK7ENPR1P9XJKG
age: 733548
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uPGcX8TltkFdfYTpcorOmNsgaXKPV59XipsXlRSvgwPo33zlgMSJ9bSN/vVZyin4bCDBEqFupew=
last-modified: Tue, 02 Jul 2024 17:39:38 GMT
server: cloudflare
etag: W/"c5c86c25fc0ad2a68f611bb580b457bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258db9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 4810.6318add7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 66ms
48ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4810.6318add7.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3543a0133bd553f2dcd79a947b6eec53c2b16c46a3ebb63a77283ed0768f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: yL6ku3JinKR_0fAx.RxWdA0QoAz1R0iH
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: EYJ8C1R7XYSHAFHM
age: 654676
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rSWw5J36Wg90yGHC2GgdJ3egNW9eGgdQCPq8ba6+EUZalXxAwakfLOBUA2/IQSlV0HDw06rVj6I=
last-modified: Fri, 16 Aug 2024 20:57:37 GMT
server: cloudflare
etag: W/"fee516db8548635142e0001d18f09104"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258e09763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 6618.db187378.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 67ms
49ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6618.db187378.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c333a76ec82d35a4541956e0e8b4591b55d76f1d1ee4e47f3dd0ec33229e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: ZwCMHuCQ5h9dAQvOvOTD_48maUvIlL_r
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W9V2XWBBT3ES4TJ9
age: 1067494
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: W98ctDW23HSDoxpjwhkx6vz3mmUwUFenhEjwGKQCm97Cuo15YrUMSCRUsOVYNVY32jvPQMsqKUc=
last-modified: Thu, 04 Jul 2024 13:33:59 GMT
server: cloudflare
etag: W/"7bbe09830788bb18d63591d1a7e255ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258e79763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 1386.014e2ad3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
5 KB 73ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1386.014e2ad3.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd422b42ab9018eead619ef848f393e8e7d4b6e85ad1a2b7d409ddccea9977b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: V3vxWtN9AiLh3qIHcgNnw1mSX2Zf_7YP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 504VZXK1F2DV7MTB
age: 504881
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: w06b1b5YfbErYsAN9OHDc+FNytCmdesB+PLSCaxn6OdIVVMaPqKy/JDSobf3Al4s0EK+4KjkUwIUTUcL2Nd85fVf6IQyVc8EIx2JQU5D7fs=
last-modified: Wed, 21 Aug 2024 20:28:38 GMT
server: cloudflare
etag: W/"e50dfb4080649c833bff6e533bbaf5a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258e59763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 9977.343f5002.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 64ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9977.343f5002.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ff9b8f504c301368c15975fe82c899b4d773044dc8ebfeb2e8b824b84deae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: N7UuHEtxfN06.FPagPPTXS4SGH1d7vg4
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: RW8RVN56VQQAYAHP
age: 610446
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3m1gewjv/u2KtBdf6OmXVfCQaCvE0DQKFjF9XODl6JeX60C6CmC8JsBWpdZvbkT4NMUCem/owa/EVuINsMvHol18EaJgKzqY
last-modified: Fri, 26 Jul 2024 17:53:52 GMT
server: cloudflare
etag: W/"037509434c68779878bdd7ccb0b86dc5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258df9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 5250.fc15c18c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 33 KB
8 KB 48ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5250.fc15c18c.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f64e1663932ee61acc447f098d51cc369d7cee286df892fb2633826c6683cfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: 77iX2gYbkSLBDQOY.ANuWFEbtuUBuxHE
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W8VKM5W7QY91CPWT
age: 526007
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +a1rm0siFRgtfHmgw5l1o8tV59ZtdBtvVVguT6qRdpPdLTYe0TYLN4QRg2w4lMB7g+56N8Ry7SCo8HaB1wQBzg==
last-modified: Tue, 23 Jul 2024 14:16:04 GMT
server: cloudflare
etag: W/"50668a99c3a198b3a31122b271e506ee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248c69763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 8261.80c0631e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
7 KB 63ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8261.80c0631e.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be630c50e6ba2911d66a9f72c7f98c8139e7deba1cac824afb942798aa2ef92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: wf6GhCr8exchSKPYivqmE3MfNsnFqja_
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: H0FDPEFH47TW2VA8
age: 430866
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: h03rhVzeLx9B689UFw6DoAQ2bbuZBHO02lfbuYTmmQXDuDlvqqsFWGNG13ekVRQj9L9GF+k3pzscodKzNjAFEqYKK0aMuXE0tewD5ddV6I4=
last-modified: Thu, 29 Aug 2024 15:55:56 GMT
server: cloudflare
etag: W/"0fc4b81f18716eaaf2f482d6719b7497"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258e89763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 7975.b019beb1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
13 KB 48ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7975.b019beb1.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059196993089839eec96670579b6bc3832826ac658a40ec1b29c78255d66d94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: Kqi9tYaJbBysvbQ41Uq5gsnpvIOxS_op
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DNDBZHC5WV82VERQ
age: 699193
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /BYqI/Ncl06zzCuzrygNljBTqw3/ZUUZ2Pd2wnKAOtz6BZElaXawF0lXZgt/lJLmB9Irq0iQXaw0RvjvR6gQZp1YJNzBZL6r
last-modified: Mon, 26 Aug 2024 14:57:25 GMT
server: cloudflare
etag: W/"46bd772d2bb71b1ded2a0e1f0325b641"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248bc9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 2648.a582e725.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
4 KB 42ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2648.a582e725.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f4802b980b851baa044b8629c38620e440e34f813f194ff59f3e0b07841e9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: JmQicT0yfVKHGmXo0kvv8nZJKyruBIMi
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y931GRVW6P45FAFG
age: 733538
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pJQHLM7V9IWtzlytgcy71zr/+H6RQTRoheHni6GPUmjecazDLKb68JOfsj1/ZujkENugeU/8ZAs=
last-modified: Fri, 26 Jul 2024 17:53:42 GMT
server: cloudflare
etag: W/"0c0f500397d18d725d15d1a62ffee39b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248bf9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 2712.0f6c85f5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 16 KB
6 KB 42ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2712.0f6c85f5.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ef4af1b67eb6f8f8c3c533a53beec35f341eca89965b94622e96db335173353

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: O6CXJG.oJQRhW.lKZ6tSg2FTv8QHAfVk
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y930P5TD9Y1E8TFC
age: 733538
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: G5fLtsUjIf4FBDs6jOa01l9SZomW2gs6vOxYb7klO9ashCn87j4uSIE9JU2dqhV7zMwvPWPN1nlATmarmd4NEHbhpBXv/zmX
last-modified: Fri, 26 Jul 2024 17:53:42 GMT
server: cloudflare
etag: W/"7073e67c69c598d5d6704b209b354973"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248c09763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 2793.01d2b056.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 60ms
43ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2793.01d2b056.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae884ca218724d7aa7ad0a9b88fc11ffe37edb3e2f1738dcb3a73b92e5979ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: RYfGrMF2yEVwxEBbV81vpl2Ldv2lYMit
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y93EY73036R3B6XZ
age: 610446
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ICb6/ph839/9xyhI49fLh19BxnOBdd/Gn1IdBjFkDV1t7zDtUVEudMxhMGYVzb6lAlH6mmFXB5RRtCJiB33MOQZSMOPcXxPt
last-modified: Fri, 26 Jul 2024 17:53:42 GMT
server: cloudflare
etag: W/"62fa0804355a6527dc1ac0b2c7efdab1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248c19763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 1530.e5ec276e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 72 KB
19 KB 47ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1530.e5ec276e.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b44cd6c02b8a5f14d11f8377d4e1fe44729b7234c46602bd9677c2cdfd553ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: 2hDhvr2puJ.xfvzK0e6HcuRSRI8H7._9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: WRHWPAJG1CJYDNA6
age: 516638
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +M+OiySGtTWDLHe/kmJKVYYh9dFQhQfthcSkYoB5eAcMdo4ByPWu1TtrEC6lgASc4Vm945WNyE90QRZg+PB64MzGGMcDF6XWnaFgqmxCY0o=
last-modified: Wed, 11 Sep 2024 05:03:58 GMT
server: cloudflare
etag: W/"5ccd5db3e0c5b7a574734b334d66b844"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248c39763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 3735.ca2f95e3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
6 KB 48ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3735.ca2f95e3.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d7d9270eceea5c971942507e9453e43761c75a3dc152a1c5307f95d9a125f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: 0TnunSVN6tN37PXgIEIMeRgeOGxmHr.w
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y93FNSCBAS75K40Z
age: 733538
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 33mAkN43KhMDio7j2BuF9BiDbV6AdZFJ8r/9IjBCx/mmxdoUX1ybkZIUVCNlIwqYtGls4j7+5lc=
last-modified: Fri, 26 Jul 2024 17:53:44 GMT
server: cloudflare
etag: W/"6c3b3d23153ec1fb033a383e9a36db50"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248c89763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 5642.0ebb50fd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 48ms
32ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5642.0ebb50fd.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e682dd9b5a2bc96366cf725006ca22e7887eb3d04ded261ddde69ef4961693

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: nX9HNiZqlnmto9vnOcz4wK_wpltCGN7O
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0NCMHHGJCYN1MEDK
age: 616561
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: MCM6KR//yYMYguw6jJzJalmccSES8gE0RQZ74uEfeqQy02CdNQxaoqeH/Xe0QJR3V6T58wZgXnc=
last-modified: Mon, 26 Aug 2024 18:17:25 GMT
server: cloudflare
etag: W/"6cc5787f31bd8c2367cd0251b489b41c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248c99763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 6546.ef575ba6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 134 KB
36 KB 67ms
51ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6546.ef575ba6.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22dba285f0b5f0dde9d49ad3fcc56ac4bfa12d1c2e56324f03bb4acc8b11c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: GHpsfg8Q5YzgfjJL0XDPxyGLXyhC2qch
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 404DA1XH0PCWAMSD
age: 981900
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fdPASE6lF/iux5mLOFr3aN3BNi7z223y9Y5q/5Uc2UELP3CXxiV7uYs+/0xDQlui0nmOfx3A9g4=
last-modified: Fri, 06 Sep 2024 07:59:44 GMT
server: cloudflare
etag: W/"6460c8ba77ed11e8a52abee89f46f6f7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248ca9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 6834.f2d3924e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
7 KB 61ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6834.f2d3924e.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b54187c08d16f6492780c02344ddc87057e150494196f0f8860dfb7f7b769bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: o1es8sE.cZmyaYqu.4nKiCbux9A2sGad
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DADE8Y5V055Q9Y1R
age: 544662
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cl+jwexHSxgmOnI8o4RnKGRLVBO++9k7B8BNEQsa4dwaYdu8MT69cfJwd9B4heq+7TbnXWq0/2U=
last-modified: Wed, 03 Jul 2024 10:04:06 GMT
server: cloudflare
etag: W/"047a986937c5d63a5762092c09992f7c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d89763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 2420.0330d157.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
4 KB 60ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2420.0330d157.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171cece4ac2237f1003b18b0fe31873be2d2dfcd6b835525fef7734dd3885b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: _5P0lSJaufDrl5cajeATE6F_8uI.XcAy
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZYBDYYSEDJ8ED4AW
age: 953487
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: u6AxHRrQoMuMvihevNS2W0fhwzvBLJnQoaYSaPxTqTenbrFWdry2EEyJ/QKqu39cnqgj46hfQhde5Z5+n+5uaw==
last-modified: Mon, 08 Jul 2024 15:08:52 GMT
server: cloudflare
etag: W/"ab60dc899e489dc43eb7fb5e1321ec32"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3248cb9763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 2106.21ff89d3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 71ms
56ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2106.21ff89d3.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642e68e2920d83ca866b88006ef18212354e0d5acd026ccdc0b21cdafe72746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: ZAOTHsY5yzhFtAIVlxWuUUSMd6WiuHdq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8VY9S83547635F0E
age: 654667
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wbWs0BYqA90lRhh+eN3LkVRo9tO3U0JRY75gCGlG4uPdWwNTYox5Zz7DCzRffdhrQQTb+m79UQsVY/zBPdVe3fd0iiaZiV7R
last-modified: Fri, 26 Jul 2024 17:53:41 GMT
server: cloudflare
etag: W/"a33b4282f0980a9d6bfbebc42268cfe8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d49763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 6696.92b2dfc3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
9 KB 50ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6696.92b2dfc3.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631fa83890e3eca0286f2031373cd81e15b26bef6ac66510eb20c293d485f7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: fLu07dD.4p7TwvDn0jorSMsqg86HrjUa
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: RW8TZDM6J3CKHKQS
age: 610446
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aIK7E9kUTVg8mjrWtgCHpcr6FXoENdvn9/Oean9ckMkfHAG40NzS6zDEqjs5srYSMV33sO2dIWs=
last-modified: Fri, 26 Jul 2024 17:53:48 GMT
server: cloudflare
etag: W/"c1e1e1db1cdd0dfef5b50bef88b7dc76"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d39763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 5832.a567559e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
8 KB 61ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5832.a567559e.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77467a762ce930412465b46d49b7ef82be962f14e89a364996bab7c10b98b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: inU3UxFrJ0h00wbWusXxm_DyDMj4BKW_
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: M20NVHSNGRVC61AC
age: 616508
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: n3Xe9Q5UQBA1AmGbVYQ8yoOcbdQHiQS7Y87uuIdVBeTfXaHyzD09r3o9PzyfZmTbBKX0wsID4fU=
last-modified: Mon, 26 Aug 2024 18:17:25 GMT
server: cloudflare
etag: W/"811c437c5c53e15a85878f9bb33e441e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d69763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 3366.1571a1d5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 70ms
54ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3366.1571a1d5.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ef00ee26f20b0a08d469095fe4012950a13aedd83ccc038ef1603ed35e2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: ngezZJmbYvQ0hRm5fpT.x4wcpS3HSSx6
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: H5SW197JN1RV79VD
age: 508562
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YxVHKbST4E88vQwNeYrYCpAdk79HRz0W3bvp3g7hgc9Xx6PgUeSv1HegqO46sJ8eJykTMv39+kE=
last-modified: Tue, 27 Aug 2024 15:07:26 GMT
server: cloudflare
etag: W/"db85216c9bb9c36d47da9daba1dcd172"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d99763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 6040.6ceb7f43.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
6 KB 87ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6040.6ceb7f43.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a839d8b35bf8434f24f1f80677762baa5f6b99855fef78fd1adf3ad4566e0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: U8YjgT4vGYNjdzQyRhBEV8U4zckVjhAJ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZYBE5ZZMB8EV5PQV
age: 953487
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZMlX930vbIcGTOJCbNKUszZ6xZSKTeplIpvhobWn7+Q19wtpd9ULexV7dJq5fLPz05XWZ4eg8F0=
last-modified: Fri, 12 Jul 2024 16:10:59 GMT
server: cloudflare
etag: W/"b99a824dd4e9656c1c0e034c85d116ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d09763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 4391.fd55a702.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 60ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4391.fd55a702.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

043367890708042c3aa602a6839fbdb2e7d23bfc67c0c9c81b571fff11556125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: DNCzVzx4ERVpGqW3u7Mqd9G0tgXgKp2q
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: T1TMEYS2KKY3F58J
age: 654667
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5Ux8CM4R3QIbQsgs+ZOgOfJaF8/t/gTc9QEZBgiYabs0DIeVVqF2a3P6o303tcFpQ1j0uYw8KehWSkX0XnHucDSgPaVgGxxJPt0LpprflHk=
last-modified: Thu, 22 Aug 2024 16:03:12 GMT
server: cloudflare
etag: W/"946fdcb3ad658859c25abaa142fd95d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d19763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 PostPage.MainContent.3bbae0b0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 183 KB
41 KB 70ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.3bbae0b0.chunk.js

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df53e684664d77d4eae7f8ee9fd87db969a17ad9d9329b66d92a5f7dc19a2a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:51 GMT
x-amz-version-id: v97DVA9CjU2IRkGh5ajSt6.H86JFsRvu
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KWYDZ8CMR4JS6SX0
age: 27768
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FTIMCOG23LiAAHNjDb4k7A6xch6DLDTZZbhFlQJ1j5LMcyNrRUR3cnEs0jIgwOO+xdrdavFsasT0sZumFRFIk33qPloy50rtJ1gjBh+lV+s=
last-modified: Mon, 16 Sep 2024 16:22:08 GMT
server: cloudflare
etag: W/"dbe95ac21b3a311c98232acc47fca39d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf3258d79763-FRA
expires: Wed, 17 Sep 2025 17:27:51 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 107ms
36ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8c4acf379c48d2cb-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 577ms
66ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f6e7bfd316a160cd611c23c79c3d0cf8fcbfe22e16592f4afffd03eedf45756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 21
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf3bbe3c37dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 575ms
65ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d63477fd28c0476d71f7d94269d37ebc13ee81002807b40bdcee28351da2019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 18
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf3bbe3b37dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 558ms
49ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cb0607a963a4d571ab612d010e4c124c2bb4cc0fd27048efa5f92eedab98ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf3bbe4037dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H3 200 source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 559ms
50ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b579cb06b725609666aeb9fec66152efd7e687c9ba13096c2ce7c1db44c82558

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf3bbe3e37dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 547ms
38ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7725f2e70b6a54d4e4f93c2ea20bdc4ac549a289a806828e73dfcd3a2969b870

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 21
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf3bbe3837dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 536ms
28ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45bd34ce2bf3511cc126b1b12bc1597486e925141c10b05627857cb79810140c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf3bbe3337dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H3 200 source-serif-pro-700-italic.woff
glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
14 KB 545ms
37ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

977eec4907b2febc92ad36328ad86edf074e4a4e2d8476a2db9a2001b9a6cadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 21
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf3bbe2f37dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ 1 KB
2 KB 44ms
26ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 521056
x-envoy-upstream-service-time: 51
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc: h3=":443"; ma=86400
content-length: 1310
x-request-id: 716855b3-79a7-4e20-9124-a7052843c164
sepia-upstream: medium
server: cloudflare
etag: "qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240226-230532-797fb80223
accept-ranges: bytes
cf-ray: 8c4acf3898d89763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H2 200 1*b_zC9GxrTMpUA-V8JLOH_Q.jpeg
miro.medium.com/v2/resize:fill:88:88/ 2 KB
2 KB 52ms
35ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:88:88/1*b_zC9GxrTMpUA-V8JLOH_Q.jpeg

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a9d5420af84e41c5e541af0058256d86161cf91dd5764f076552ca4d4a5806

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 4522
x-envoy-upstream-service-time: 86
content-disposition: inline; filename="1*b_zC9GxrTMpUA-V8JLOH_Q.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 1996
x-request-id: c5f449a3-2a82-4fb3-98a7-b6b2e75f210d
cf-bgj: h2pri
server: cloudflare
etag: "9ivaNyhTKaKecaYmZr68Fn9V98S0df7YQu7TMR33mwc/RIjZmZmNjMmY0NmM2YjRjY2E1NDAzZTU3YzI0YjM4N2ZkIg"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240911-124520-3f71dfc371
accept-ranges: bytes
cf-ray: 8c4acf3898da9763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H2 200 1*c7h6vEeXH3Z_AiuFbjiv2A.png
miro.medium.com/v2/resize:fit:640/format:webp/ 7 KB
8 KB 45ms
29ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:640/format:webp/1*c7h6vEeXH3Z_AiuFbjiv2A.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143ddc61b644d6db4c3c7c60146f028dcd00a57b9420780738a037dba307fe54

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 4522
x-envoy-upstream-service-time: 45
content-disposition: inline; filename="1*c7h6vEeXH3Z_AiuFbjiv2A.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7404
x-request-id: f4460aaa-aa29-47e8-b888-ccf3825e0781
server: cloudflare
etag: "5XwRHYwIENFFMN6XE5PEtPy8tbvGeXuL8hHOqeA6hfc/RIjczYjg3YWJjNDc5NzFmNzY3ZjAyMmI4NTZlMzhhZmQ4Ig"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240916-092258-024bc266d5
accept-ranges: bytes
cf-ray: 8c4acf3898d99763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H2 200 1*1ZAOvB6b-CYJLYRriARjqg.png
miro.medium.com/v2/resize:fit:640/format:webp/ 9 KB
9 KB 48ms
33ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:640/format:webp/1*1ZAOvB6b-CYJLYRriARjqg.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07e88f14795fdb333423c0faf23fe43a6b44125338a5ba5beb5ced922c4c067

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 4522
x-envoy-upstream-service-time: 61
content-disposition: inline; filename="1*1ZAOvB6b-CYJLYRriARjqg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9366
x-request-id: 0ada61aa-8c95-450b-b840-1bd7b456e039
server: cloudflare
etag: "5XwRHYwIENFFMN6XE5PEtPy8tbvGeXuL8hHOqeA6hfc/RImQ1OTAwZWJjMWU5YmY4MjYwOTJkODQ2Yjg4MDQ2M2FhIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240916-092258-024bc266d5
accept-ranges: bytes
cf-ray: 8c4acf3898d69763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H2 200 1*dO8M2uZFrgFIfONOByOxQA.png
miro.medium.com/v2/resize:fit:720/format:webp/ 25 KB
25 KB 47ms
31ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*dO8M2uZFrgFIfONOByOxQA.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84ab6db026f560e3b4e34740fbcedcdcb2f3886921f81ddd7acffd6bc13094f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 4522
x-envoy-upstream-service-time: 347
content-disposition: inline; filename="1*dO8M2uZFrgFIfONOByOxQA.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25764
x-request-id: 12d3d14e-2e26-448a-9828-c91729fcb965
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjc0ZWYwY2RhZTY0NWFlMDE0ODdjZTM0ZTA3MjNiMTQwIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240916-092258-024bc266d5
accept-ranges: bytes
cf-ray: 8c4acf3898dc9763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

POST
H2 200 /
himitsuflavor.medium.com/_/clientele/reports/performance/ 0
0 161ms
158ms Fetch
text/plain 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a63fb02e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
Medium-Clientele-Client: lite
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Sep 2024 17:27:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, clientele/main-20240805-135812-805ed58476
x-envoy-upstream-service-time: 17
cf-ray: 8c4acf400a529763-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 11.51005c90.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 39ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/11.51005c90.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2932f202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0451a587442fca6a380afc042f676122b442146e9aa1feae9e49b0e1151a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:53 GMT
x-amz-version-id: 36cCO0pOnWiejNqRlW7IWOfErAeUvPZN
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5KFJSQ8VXX3TC6FB
age: 722822
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xnhq1tMgHtQHO1+bozFMR8eD/aACOp2PbA4CvoT34PDUs4XrXdDAdsAZfMIO6yDt4AVYtl0GRpQ=
last-modified: Mon, 27 May 2024 12:14:27 GMT
server: cloudflare
etag: W/"05baeb0cc66e723dd05d50bed964c411"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf401a6c9763-FRA
expires: Wed, 17 Sep 2025 17:27:53 GMT

POST
H2 200 /
himitsuflavor.medium.com/_/clientele/reports/performance/ 0
0 212ms
201ms Fetch
text/plain 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a63fb02e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
Medium-Clientele-Client: lite
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Sep 2024 17:27:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, clientele/main-20240805-135812-805ed58476
x-envoy-upstream-service-time: 16
cf-ray: 8c4acf403a9a9763-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 39ms
38ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/gt-super-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4522
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf41cd5337dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:53 GMT

GET
H3 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:32:32/ 654 B
1 KB 34ms
34ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:32:32/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f80202a0810222c440db2cc0e6e72c1d506ffffb2787b645f25015365c730f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:53 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 48596
x-envoy-upstream-service-time: 32
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc: h3=":443"; ma=86400
content-length: 654
x-request-id: f7cc3fc4-d71e-4fa1-9fff-8e2292a38fb0
server: cloudflare
etag: "VTmW7ah-o-FUAvHL4e3x8h_5hymB7pNjuuPgkvYQ7_o/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240821-080729-19b725ed0b
accept-ranges: bytes
cf-ray: 8c4acf41dacd974e-FRA
expires: Wed, 17 Sep 2025 17:27:53 GMT

GET
H3 200 1*b_zC9GxrTMpUA-V8JLOH_Q.jpeg
miro.medium.com/v2/resize:fill:44:44/ 1015 B
1 KB 45ms
45ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:44:44/1*b_zC9GxrTMpUA-V8JLOH_Q.jpeg

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da04a80215e8806971d8feb22b8fa564060da75d3f238ce40639ab780917d47a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:53 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 4523
x-envoy-upstream-service-time: 41
content-disposition: inline; filename="1*b_zC9GxrTMpUA-V8JLOH_Q.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 1015
x-request-id: 4cecb159-e9f9-40fc-8518-e0320487728d
cf-bgj: h2pri
server: cloudflare
etag: "VFtDBYghopYX6OCmJOe93DhtJ6cQniVvC40f8GKBXcI/RIjZmZmNjMmY0NmM2YjRjY2E1NDAzZTU3YzI0YjM4N2ZkIg"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240916-092258-024bc266d5
accept-ranges: bytes
cf-ray: 8c4acf41dacf974e-FRA
expires: Wed, 17 Sep 2025 17:27:53 GMT

GET
H2 200 1*c7h6vEeXH3Z_AiuFbjiv2A.png
miro.medium.com/v2/resize:fit:640/format:webp/ 7 KB
0 0ms
0ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:640/format:webp/1*c7h6vEeXH3Z_AiuFbjiv2A.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143ddc61b644d6db4c3c7c60146f028dcd00a57b9420780738a037dba307fe54

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4522
x-envoy-upstream-service-time: 45
content-disposition: inline; filename="1*c7h6vEeXH3Z_AiuFbjiv2A.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7404
x-request-id: f4460aaa-aa29-47e8-b888-ccf3825e0781
server: cloudflare
etag: "5XwRHYwIENFFMN6XE5PEtPy8tbvGeXuL8hHOqeA6hfc/RIjczYjg3YWJjNDc5NzFmNzY3ZjAyMmI4NTZlMzhhZmQ4Ig"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240916-092258-024bc266d5
accept-ranges: bytes
cf-ray: 8c4acf3898d99763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H2 200 1*1ZAOvB6b-CYJLYRriARjqg.png
miro.medium.com/v2/resize:fit:640/format:webp/ 9 KB
0 0ms
0ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:640/format:webp/1*1ZAOvB6b-CYJLYRriARjqg.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07e88f14795fdb333423c0faf23fe43a6b44125338a5ba5beb5ced922c4c067

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4522
x-envoy-upstream-service-time: 61
content-disposition: inline; filename="1*1ZAOvB6b-CYJLYRriARjqg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9366
x-request-id: 0ada61aa-8c95-450b-b840-1bd7b456e039
server: cloudflare
etag: "5XwRHYwIENFFMN6XE5PEtPy8tbvGeXuL8hHOqeA6hfc/RImQ1OTAwZWJjMWU5YmY4MjYwOTJkODQ2Yjg4MDQ2M2FhIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240916-092258-024bc266d5
accept-ranges: bytes
cf-ray: 8c4acf3898d69763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H2 200 1*dO8M2uZFrgFIfONOByOxQA.png
miro.medium.com/v2/resize:fit:720/format:webp/ 25 KB
0 0ms
0ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*dO8M2uZFrgFIfONOByOxQA.png

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84ab6db026f560e3b4e34740fbcedcdcb2f3886921f81ddd7acffd6bc13094f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:52 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4522
x-envoy-upstream-service-time: 347
content-disposition: inline; filename="1*dO8M2uZFrgFIfONOByOxQA.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25764
x-request-id: 12d3d14e-2e26-448a-9828-c91729fcb965
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjc0ZWYwY2RhZTY0NWFlMDE0ODdjZTM0ZTA3MjNiMTQwIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240916-092258-024bc266d5
accept-ranges: bytes
cf-ray: 8c4acf3898dc9763-FRA
expires: Wed, 17 Sep 2025 17:27:52 GMT

GET
H3 200 5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/da:true/resize:fit:0/ 300 KB
300 KB 33ms
33ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/da:true/resize:fit:0/5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:53 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 432040
x-envoy-upstream-service-time: 145
content-disposition: inline; filename="5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74.png"
alt-svc: h3=":443"; ma=86400
content-length: 306868
x-request-id: 0295305b-7cf4-47aa-b3e5-0faaa10ae4a4
server: cloudflare
etag: "_89iZTbMWFrDAXoszgLV1LA1pq4J7sBwEDXleeW4l1U/RIjIwZDEwN2Y4NjUyZGRjYWYzMDBkNGYxNjllNjMwODQ5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240805-153438-68158efee2
accept-ranges: bytes
cf-ray: 8c4acf41ead6974e-FRA
expires: Wed, 17 Sep 2025 17:27:53 GMT

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 129 B
496 B 469ms
468ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d07fdd523dff605a99d4a7715fa8063f017bc68d0a12da3c91278c1250b0e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"81-XEAmh52qYpnrkvQmhm8/O6pbY4I"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8
cf-ray: 8c4acf44ab5ad27d-FRA
x-request-received-at: 1726594074740

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 19 KB
2 KB 228ms
226ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2447b8741249371f1afdee88bc2c75f57a4a2fbc28d908ab32c52b11ce831a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: VariantFlagsQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 27
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"4d30-STeaDLl8zp/ux1XAxD7tql/2X3s"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8
cf-ray: 8c4acf44ab5dd27d-FRA
x-request-received-at: 1726594074492

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 80 B
476 B 159ms
158ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: AvatarMenuQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 34
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"50-uwdNQiS1cauYvMsRotgPVGuGSSE"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240917-170756-b57b771af5
cf-ray: 8c4acf44bb96d27d-FRA
x-request-received-at: 1726594074440

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 806 B
788 B 230ms
228ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2808d1333a886117d5f8a22575b4d7c71e20992134d9e0c68b35e86582c930d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 107
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"326-ftYPwDtTdE4NIaINYIiZt3zI7/Y"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8, tutu/main-20240916-212259-fa09bc94f3
cf-ray: 8c4acf44bba2d27d-FRA
x-request-received-at: 1726594074435

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 96 B
512 B 196ms
193ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd45dfe0d64fe2783be4c0a9f373aa5cde8b2e34604b385b65bdfb51027e2cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 62
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"60-5f9FiVDMyxahHjsNoXlPHL4uafI"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8, tutu/main-20240916-212259-fa09bc94f3
cf-ray: 8c4acf44cbbcd27d-FRA
x-request-received-at: 1726594074445

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 33 B
433 B 162ms
161ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400
content-length: 33
x-xss-protection: 0
server: cloudflare
etag: W/"21-wYWzkSPGnZEMaisoTvxqzNqNGzY"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8, tutu/main-20240916-212259-fa09bc94f3
cf-ray: 8c4acf44cbc2d27d-FRA
x-request-received-at: 1726594074441

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 21 KB
6 KB 391ms
384ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f7bbf247450c73b6a65dfbdd9a1b4c99961626e790b170d7954b01fed6707d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: MoreFromMediumRecircQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 261
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"53cb-wfuf/ltcohJuefDK4ah33r3N8+U"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8, tutu/main-20240916-212259-fa09bc94f3
cf-ray: 8c4acf44cbdfd27d-FRA
x-request-received-at: 1726594074459

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 27 B
399 B 141ms
140ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: ViewerQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400
content-length: 27
x-xss-protection: 0
server: cloudflare
etag: W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8
cf-ray: 8c4acf44dbe8d27d-FRA
x-request-received-at: 1726594074447

GET
H3

200

main.js Show response
himitsuflavor.medium.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame 1529
Redirect Chain

https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?

8 KB
4 KB

22ms
21ms

Script
application/javascript

2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?

Protocol

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939ecd82abf91468ff63a67828975f3837f84e5c90a996175a947c112e0616ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8c4acf45ae72d27d-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8c4acf451ce3d27d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 /
himitsuflavor.medium.com/_/clientele/reports/performance/ 0
0 133ms
132ms Fetch
text/plain 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a63fb02e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
Medium-Clientele-Client: lite
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, clientele/main-20240805-135812-805ed58476
x-envoy-upstream-service-time: 16
cf-ray: 8c4acf45ae7ad27d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 rum Show response
himitsuflavor.medium.com/cdn-cgi/ 0
147 B 13ms
11ms XHR
text/plain 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://himitsuflavor.medium.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8c4acf45ae80d27d-FRA

GET
H3 200 5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19
miro.medium.com/v2/ 1 KB
1 KB 38ms
38ms Other
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://miro.medium.com/v2/5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9411b4c73533eca5265a7da90e4e6fcb7352082368b11f0470d1f2a43ca4904

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 49007
x-envoy-upstream-service-time: 46
content-disposition: inline; filename="5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19.png"
alt-svc: h3=":443"; ma=86400
content-length: 1037
x-request-id: 75f8781d-9d07-4071-8384-ee4e9588cd16
server: cloudflare
etag: "yj0WO6sFU4GCciYUBWjzvvfqrBh869doeOC2Pp5EI1Y/RIjI2M2E1NThhOTdjN2U0YzEwNjFlZGI0NjBjODU4Mjk0Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240823-231859-5ed28db9e5
accept-ranges: bytes
cf-ray: 8c4acf45af98974e-FRA
expires: Wed, 17 Sep 2025 17:27:54 GMT

POST
H3 200 8c4acf317ff29763 Show response
himitsuflavor.medium.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1529 0
677 B 26ms
22ms XHR
text/plain 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/h/b/jsd/r/8c4acf317ff29763

Requested by

Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Sep 2024 17:27:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8c4acf47dd1bd27d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 GiveTipButton.4c9e5077.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
3 KB 28ms
28ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/GiveTipButton.4c9e5077.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2932f202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

993bfcfdb1e6a8363b8149607ae266bef7e6ec40769d08ab17a217e6e3872351

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:55 GMT
x-amz-version-id: MrWUz7CPQDO92U2W.8YPYXDbInaVvcpu
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 37SGA2BTS4THF4BS
age: 1147678
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: E3F1c3vqRJqQfyNr9M3rjjwwdpfuNICLKIYtEc+NDM+Fh0u0t/s2V9JiyakNc17zYQr50gZrOp4=
last-modified: Wed, 10 Jul 2024 09:06:47 GMT
server: cloudflare
etag: W/"69fb2ec4893f24097742510245144d3a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8c4acf4a2d8d974e-FRA
expires: Wed, 17 Sep 2025 17:27:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 50ms
15ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e78eec6272866b7b24dbb64d22b07422bc119bc847300f4c3b1daee54c3c1e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Sep 2024 17:27:55 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 75 KB
23 KB 73ms
19ms Script
text/javascript 18.173.187.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: himitsuflavor.medium.com
URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-59.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
content-encoding: gzip
via: 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
date: Tue, 17 Sep 2024 17:25:51 GMT
last-modified: Wed, 10 Apr 2024 21:44:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 125
etag: "f4ec9657a3dc111d088e2eca7b9796a4"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 23431
x-amz-cf-id: V1UEKEjLrOX0oLgJoxNWjS9UY_RyVMreVvyf-ohcyIZiGQO5fVEJIw==

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 50ms
21ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffa8e942db809120f4e551e5f1da8b3711821a0062dd84590e75ecf8641cf525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires: Tue, 17 Sep 2024 17:27:55 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 18 KB
18 KB 31ms
31ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3272b23b3153d341155b472f35f887eb89608ded27fa536d709622ef421fa95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4524
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8c4acf4d9bc637dd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 Sep 2025 17:27:55 GMT

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 25 KB
5 KB 296ms
283ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29010010e815b2265cb0f9755a3deb1e60f196e8b1d74b815f846c694171f966

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: PostPageQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 139
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"62d0-jjoHmUePpc04zegO4xT4tZIuYyo"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8, tutu/main-20240916-212259-fa09bc94f3
cf-ray: 8c4acf4e3958d27d-FRA
x-request-received-at: 1726594075971

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 573 B
567 B 188ms
172ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d50c46efa3a3b25e2db69bea4ac385bc43d36945bd31c845d7c8d87fe89445c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"23d-s61Azmv49x8HMIY8pFTOfSb0COs"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8
cf-ray: 8c4acf4e8a4ed27d-FRA
x-request-received-at: 1726594076007

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 541 KB
215 KB 94ms
6ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ad2666cfdc2495ef3849d47ea1144f4a493efffa9aeeb4448e60488aec66d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
Origin: https://himitsuflavor.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219302
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Sep 2025 12:19:30 GMT

GET
H2 200 _r Show response
app.link/ 91 B
636 B 284ms
197ms Script
text/javascript 2600:9000:237d:6a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:6a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

30867a828cbc1d035033e9329c18eb48c918f694d6e0ccdd1b6ac789f8e4fe90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 17:27:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: MUC50-P2
etag: W/"5b-tNntiPMRfYThz4FeL9WtlSm1ZAQ"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: izyO55l_uKCC47wgfuTP4oF8i73T5fdkkMveSvzxm0wuT1Ug2b6KDQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 53ms
25ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JY7T788PK&gtm=45je4990v9123887712za200&_p=1726594075246&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=207536015.1726594076&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726594076&sct=1&seg=0&dl=https%3A%2F%2Fhimitsuflavor.medium.com%2Fpeaklight-campaign-mshta-a7f45aec50ab&dt=PeakLight%20Campaign%20%E2%80%94%20MSHTA.%20PeakLight%20Malware%20%7C%20by%20NaotaClone%20%7C%20Sep%2C%202024%20%7C%20Medium&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5649
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 17:27:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://himitsuflavor.medium.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 graphql Show response
himitsuflavor.medium.com/_/ 81 B
476 B 184ms
182ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f11001a7bc3b8964c364a2200d9285f20aa46e9ceb6931e1a5d14177e88ea019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
medium-frontend-path: /peaklight-campaign-mshta-a7f45aec50ab
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
medium-frontend-app: lite/main-20240917-093055-cfc0a04bbf
apollographql-client-version: main-20240917-093055-cfc0a04bbf

Response headers

date: Tue, 17 Sep 2024 17:27:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 58
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"51-78+7hPNy4AVDGitOJGwcBONC9bw"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5, rito/main-20240916-200104-6a0c129ba8
cf-ray: 8c4acf4f3ca5d27d-FRA
x-request-received-at: 1726594076133

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame AF31 0
0 101ms
53ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp&co=aHR0cHM6Ly9oaW1pdHN1Zmxhdm9yLm1lZGl1bS5jb206NDQz&hl=de&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=r93kgdc8jx1h

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AiE7TPNjloTbgWMPyU1q2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AiE7TPNjloTbgWMPyU1q2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Sep 2024 17:27:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
708 B 283ms
196ms XHR
application/json 2600:9000:26db:400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

b26f3c9cb2b59c3c703fd503786366b71b1b34fc80e7ff4f5e67112723edab13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 Sep 2024 17:27:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cb7ecd2473bf95a71af8d1ff8d1034fa.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: c72bc111-d69e-42a4-9391-d6463ab2c3db-2024091717
content-length: 316
x-amz-cf-id: lu20d0U7_S9nWtK0LzfXsW1Cl0KGIzjP_XqcnXDiUIbCNhfiwKy85g==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
349 B 205ms
202ms XHR
application/json 2600:9000:26db:400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 Sep 2024 17:27:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cb7ecd2473bf95a71af8d1ff8d1034fa.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: 1Ciyk8r07b7eAoS-uaopYWJYCQFf2uYRnc5DbNpfpH7dTwIyHAn98A==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
350 B 205ms
202ms XHR
application/json 2600:9000:26db:400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 Sep 2024 17:27:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cb7ecd2473bf95a71af8d1ff8d1034fa.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: LvVVz6lYp1v8Zer6rjvH8n5phz8hRoYxAxXaUPvX4-dAUwCh0x8Y3g==

POST
H3 200 oh-noes
himitsuflavor.medium.com/_/ 102 B
0 194ms
192ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/oh-noes

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a63fb02e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://himitsuflavor.medium.com https://.himitsuflavor.medium.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 17 Sep 2024 17:27:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://himitsuflavor.medium.com https://*.himitsuflavor.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-powered-by: Medium
x-obvious-info: 20240916-2123-root,fa09bc94
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1726594078674:2e82ee013ea9
server: cloudflare
worker-missing-cookies: 0
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5
cf-ray: 8c4acf5f2995d27d-FRA
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

POST
H3 200 batch Show response
himitsuflavor.medium.com/_/ 17 B
276 B 173ms
170ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://himitsuflavor.medium.com/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a63fb02e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 17 Sep 2024 17:27:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json
medium-fulfilled-by: edgy/8.8.0, valencia/main-20240916-092258-024bc266d5
x-envoy-upstream-service-time: 47
cf-ray: 8c4acf5f59ffd27d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.infosecwriteups.com/	1969-12-31 23:59:59	Name: _cfuvid Value: erL1n3c8VcDdIL_pOP7xH.6g9.SjOzHg.LCGt4epyXA-1726594070586-0.0.1.1-604800000
.medium.com/	1970-01-21 09:12:34	Name: uid Value: lo_f9cb693161d9
.medium.com/	1970-01-21 09:12:34	Name: sid Value: 1:PRSNnT20tyMYjkpSwJ+FnOPNCeJ/7Q7awvyUV+bvfr1p5ePMDhJS5/S+B+d0Py0j
infosecwriteups.com/	1970-01-21 09:12:34	Name: uid Value: lo_f9cb693161d9
infosecwriteups.com/	1970-01-21 09:12:34	Name: sid Value: 1:oB/3YJZ0bNEu61ZGyCv84C1ovgKqRsiglwad+ewZpc8Ib1rWJgvga2JKSy027D2E
.medium.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 12QuSJVA7MblBX7ZSnhltrm6ZfMT_dvJfXOgRRkKGog-1726594071455-0.0.1.1-604800000
.medium.com/	1970-01-21 08:22:10	Name: cf_clearance Value: 0rxAZ2yOeyyEC5JIIu3_3MpkHVjebShAlS_oZ8AMYGM-1726594074-1.2.1.1-uwX3HGu0Emfa9ggenGiHKK8xcr5.LBk.1gXsfC3dL3AWmjAS0g3Wpwa0KCkEOYftpeHPwiQTSASb8BPgfmSVxoJyMoHfbharVhi_fwr7R2kprSc98134bU_osmER7j13V8bSZ994bCImTi9ZV7btoCDv9Ut_j_VxXBonDbrn0DgVpXgZYT60CpPK49LMH_y05fUKavo58GGJ71BVudPulU1ZaZQUH93IX3MabnBQM1Wgrnl5kJXIGb2wT29h7gi0OktnCDsl9etOlbzwu7jkCq.zXX4xjApzFjkOEQTdwUlk5J3gnn1Yst6AIpFWKWMQJVigu5oOzb23jImEKjHBJinHwfjg9GdWmb8kqEF_nQZFQZGOOhzeBAkM6GFXk_wD
.medium.com/	1970-01-21 09:12:34	Name: _ga_7JY7T788PK Value: GS1.1.1726594076.1.0.1726594076.0.0.0
.medium.com/	1970-01-21 09:12:34	Name: _ga Value: GA1.1.207536015.1726594076
.app.link/	1970-01-21 08:22:10	Name: _s Value: mMjRNsFShDG79MgVe66G%2BM2C8hgDA5gt7%2FRxdKnuvBHZM90YnRR%2BlbnIwZYj4dXG

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://himitsuflavor.medium.com/peaklight-campaign-mshta-a7f45aec50ab?source=rss------threat_intelligence-5%27(Line 41) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
himitsuflavor.medium.com
infosecwriteups.com
medium.com
miro.medium.com
region1.google-analytics.com
static.cloudflareinsights.com
www.google.com
www.googletagmanager.com
www.gstatic.com
162.159.153.4
18.173.187.59
2001:4860:4802:34::36
2600:9000:237d:6a00:19:9934:6a80:93a1
2600:9000:26db:400:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6810:4f49
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2008
043367890708042c3aa602a6839fbdb2e7d23bfc67c0c9c81b571fff11556125
059196993089839eec96670579b6bc3832826ac658a40ec1b29c78255d66d94c
0be630c50e6ba2911d66a9f72c7f98c8139e7deba1cac824afb942798aa2ef92
0d63477fd28c0476d71f7d94269d37ebc13ee81002807b40bdcee28351da2019
12c333a76ec82d35a4541956e0e8b4591b55d76f1d1ee4e47f3dd0ec33229e43
143ddc61b644d6db4c3c7c60146f028dcd00a57b9420780738a037dba307fe54
15ef00ee26f20b0a08d469095fe4012950a13aedd83ccc038ef1603ed35e2f98
171cece4ac2237f1003b18b0fe31873be2d2dfcd6b835525fef7734dd3885b72
1d50c46efa3a3b25e2db69bea4ac385bc43d36945bd31c845d7c8d87fe89445c
1e3543a0133bd553f2dcd79a947b6eec53c2b16c46a3ebb63a77283ed0768f39
22dba285f0b5f0dde9d49ad3fcc56ac4bfa12d1c2e56324f03bb4acc8b11c485
2447b8741249371f1afdee88bc2c75f57a4a2fbc28d908ab32c52b11ce831a66
26ff9b8f504c301368c15975fe82c899b4d773044dc8ebfeb2e8b824b84deae6
29010010e815b2265cb0f9755a3deb1e60f196e8b1d74b815f846c694171f966
2f80202a0810222c440db2cc0e6e72c1d506ffffb2787b645f25015365c730f0
30867a828cbc1d035033e9329c18eb48c918f694d6e0ccdd1b6ac789f8e4fe90
35a9d5420af84e41c5e541af0058256d86161cf91dd5764f076552ca4d4a5806
3f17b5381108f219d216a038a94ad2e028c46e813885320993ca19d46ba36dc8
3f4802b980b851baa044b8629c38620e440e34f813f194ff59f3e0b07841e9e0
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
45bd34ce2bf3511cc126b1b12bc1597486e925141c10b05627857cb79810140c
45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e
4a23131af339d188d1759b90cfe0e263f2d0c1eb2ba715f6a8e9070eb61d9582
55e682dd9b5a2bc96366cf725006ca22e7887eb3d04ded261ddde69ef4961693
631fa83890e3eca0286f2031373cd81e15b26bef6ac66510eb20c293d485f7d1
642e68e2920d83ca866b88006ef18212354e0d5acd026ccdc0b21cdafe72746f
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
69f7bbf247450c73b6a65dfbdd9a1b4c99961626e790b170d7954b01fed6707d
6a839d8b35bf8434f24f1f80677762baa5f6b99855fef78fd1adf3ad4566e0c1
6d07fdd523dff605a99d4a7715fa8063f017bc68d0a12da3c91278c1250b0e3f
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
7725f2e70b6a54d4e4f93c2ea20bdc4ac549a289a806828e73dfcd3a2969b870
7cb0607a963a4d571ab612d010e4c124c2bb4cc0fd27048efa5f92eedab98ebe
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b44cd6c02b8a5f14d11f8377d4e1fe44729b7234c46602bd9677c2cdfd553ec
8f6e7bfd316a160cd611c23c79c3d0cf8fcbfe22e16592f4afffd03eedf45756
939ecd82abf91468ff63a67828975f3837f84e5c90a996175a947c112e0616ed
977eec4907b2febc92ad36328ad86edf074e4a4e2d8476a2db9a2001b9a6cadb
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
993bfcfdb1e6a8363b8149607ae266bef7e6ec40769d08ab17a217e6e3872351
9ef4af1b67eb6f8f8c3c533a53beec35f341eca89965b94622e96db335173353
a3edb3930e433b6ee76c26ed156d44196652363b4fa881a3e140b3e0b43d2a3d
a7ad2666cfdc2495ef3849d47ea1144f4a493efffa9aeeb4448e60488aec66d3
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b07e88f14795fdb333423c0faf23fe43a6b44125338a5ba5beb5ced922c4c067
b26f3c9cb2b59c3c703fd503786366b71b1b34fc80e7ff4f5e67112723edab13
b3985e3779ce6d21045b715324bc4837fc966d0c762a479e5da9764b438e41d4
b436fafd50c4a34bb5478d817e964e3ee611849abbbe6557063140f9555f8931
b54187c08d16f6492780c02344ddc87057e150494196f0f8860dfb7f7b769bc8
b579cb06b725609666aeb9fec66152efd7e687c9ba13096c2ce7c1db44c82558
c7d7d9270eceea5c971942507e9453e43761c75a3dc152a1c5307f95d9a125f4
c92b7d216ed7eea7f92b6fd7745b6c97523a5e1673e55e1d554139f87a553044
cd422b42ab9018eead619ef848f393e8e7d4b6e85ad1a2b7d409ddccea9977b8
d2808d1333a886117d5f8a22575b4d7c71e20992134d9e0c68b35e86582c930d
d77467a762ce930412465b46d49b7ef82be962f14e89a364996bab7c10b98b8d
d84ab6db026f560e3b4e34740fbcedcdcb2f3886921f81ddd7acffd6bc13094f
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
da04a80215e8806971d8feb22b8fa564060da75d3f238ce40639ab780917d47a
dae884ca218724d7aa7ad0a9b88fc11ffe37edb3e2f1738dcb3a73b92e5979ee
df53e684664d77d4eae7f8ee9fd87db969a17ad9d9329b66d92a5f7dc19a2a1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78eec6272866b7b24dbb64d22b07422bc119bc847300f4c3b1daee54c3c1e08
e9411b4c73533eca5265a7da90e4e6fcb7352082368b11f0470d1f2a43ca4904
eada6d1c06b5d675e0c143a2fbef8bf83e3060e9ba20ceeb37ec9415ce9bdbaa
f0451a587442fca6a380afc042f676122b442146e9aa1feae9e49b0e1151a4d1
f11001a7bc3b8964c364a2200d9285f20aa46e9ceb6931e1a5d14177e88ea019
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f3272b23b3153d341155b472f35f887eb89608ded27fa536d709622ef421fa95
f64e1663932ee61acc447f098d51cc369d7cee286df892fb2633826c6683cfe5
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
fd45dfe0d64fe2783be4c0a9f373aa5cde8b2e34604b385b65bdfb51027e2cf1
ffa8e942db809120f4e551e5f1da8b3711821a0062dd84590e75ecf8641cf525

himitsuflavor.medium.com Open in urlscan Pro 2606:4700:7::a29f:9904 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

99 %HTTPS

82 %IPv6

9 Domains

14 Subdomains

10 IPs

3 Countries

1507 kBTransfer

3998 kBSize

10 Cookies

57 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

himitsuflavor.medium.com Open in urlscan Pro
2606:4700:7::a29f:9904 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

99 %
HTTPS

82 %
IPv6

9
Domains

14
Subdomains

10
IPs

3
Countries

1507 kB
Transfer

3998 kB
Size

10
Cookies

84 HTTP transactions
0 data transactions