Submitted URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Effective URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Submission: On April 13 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 98 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is doublepulsar.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 2nd 2022. Valid for: a year.
This is the only time doublepulsar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 52.1.119.170 14618 (AMAZON-AES)
1 70 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.138.17.81 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
4 2600:9000:249... 16509 (AMAZON-02)
98 7
Apex Domain
Subdomains
Transfer
70 medium.com
medium.com — Cisco Umbrella Rank: 10956
glyph.medium.com — Cisco Umbrella Rank: 23174
miro.medium.com — Cisco Umbrella Rank: 17155
cdn-client.medium.com — Cisco Umbrella Rank: 23850
1 MB
20 doublepulsar.com
doublepulsar.com
62 KB
5 branch.io
cdn.branch.io — Cisco Umbrella Rank: 957
api2.branch.io — Cisco Umbrella Rank: 618
24 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 datadoghq.com
browser-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6047
229 B
1 app.link
app.link — Cisco Umbrella Rank: 2103
638 B
98 6
Domain Requested by
50 cdn-client.medium.com doublepulsar.com
cdn-client.medium.com
20 doublepulsar.com 1 redirects cdn-client.medium.com
11 miro.medium.com doublepulsar.com
8 glyph.medium.com doublepulsar.com
glyph.medium.com
4 api2.branch.io cdn-client.medium.com
2 www.google-analytics.com doublepulsar.com
cdn-client.medium.com
2 browser-http-intake.logs.datadoghq.com cdn-client.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io doublepulsar.com
1 medium.com 1 redirects
98 10
Subject Issuer Validity Valid
doublepulsar.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-02 -
2023-12-02
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2023-02-21 -
2023-05-22
3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2024-03-22
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.branch.io
Amazon RSA 2048 M01
2023-02-21 -
2023-11-09
9 months crt.sh
appipv4.link
Amazon RSA 2048 M01
2023-02-24 -
2023-06-23
4 months crt.sh

This page contains 1 frames:

Primary Page: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Frame ID: ED2AE519DE1E019E8254DCF952B6DA95
Requests: 97 HTTP requests in this frame

Screenshot

Page Title

ProxyNotShell— the story of the claimed zero days in Microsoft Exchange | by Kevin Beaumont | DoublePulsar

Page URL History Show full URLs

  1. https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshe... HTTP 307
    https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

98
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

10
Subdomains

7
IPs

2
Countries

1316 kB
Transfer

3459 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9 HTTP 307
    https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

98 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
doublepulsar.com/
Redirect Chain
  • https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
  • https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
  • https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
287 KB
51 KB
Document
General
Full URL
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97ce277a4d365d934b0ab4e83169671cf321b4ae80e1f8c00216fa6f08ae9f5b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://medium.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://medium.com
content-type
text/html; charset=utf-8
date
Thu, 13 Apr 2023 03:32:25 GMT
etag
W/"47b00-iLti3IR2ZVNSrMoQIyZXT396uYE"
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, lite/main-20230412-154149-d8d557fb19, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
medium-missing-time
199
sepia-upstream
medium
server
nginx
vary
Accept-Encoding
x-envoy-upstream-service-time
572
x-request-received-at
1681356747299

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b70a4555b4c377b-FRA
content-length
0
content-type
text/plain;charset=UTF-8
date
Thu, 13 Apr 2023 03:32:27 GMT
location
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230410-231404-04301eef6a
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
1
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
unbound.css
glyph.medium.com/css/
18 KB
1 KB
Stylesheet
General
Full URL
https://glyph.medium.com/css/unbound.css
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1827
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=7200
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45a8f72377b-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Thu, 13 Apr 2023 05:32:27 GMT
1*6Ay_Mt1ikoTKAHgHTJcfMQ.png
miro.medium.com/v2/resize:fit:720/format:webp/
23 KB
23 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/format:webp/1*6Ay_Mt1ikoTKAHgHTJcfMQ.png
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbe7f454734a762953286c941647a932e87fb48c9f5caf57ad6b03728ef7c7b
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
298
content-disposition
inline; filename="1*6Ay_Mt1ikoTKAHgHTJcfMQ.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23678
x-request-id
5941e06f-4218-4ed6-a521-128994cd2066
sepia-upstream
medium
server
cloudflare
etag
"YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RImU4MGNiZjMyZGQ2MjkyODRjYTAwNzgwNzRjOTcxZjMxIg"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b2fe1377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
0*pQiJps_7EGFCoO9V
miro.medium.com/v2/resize:fit:320/
21 KB
21 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:320/0*pQiJps_7EGFCoO9V
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa894b2b6bd71cc0708574dc27d923fdf0fcb0feceda140e83c0b5f1443ecc5
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
1094
content-disposition
inline; filename="0*pQiJps_7EGFCoO9V.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21541
x-request-id
143244b4-46b4-4e31-99ad-d1e741a7df8b
sepia-upstream
medium
server
cloudflare
etag
"QgkCGObhu9H76OOV2_SFzmfsG2NyRcPJJUM5pcMsGEg/RIjgxYTQ1OGFiYTg2YTM3ZTc0ODUxM2FmYWYzMzU4YjgzIg"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b2fe2377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6723259
x-envoy-upstream-service-time
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45b3f79bb97-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 12 Apr 2024 03:32:28 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2883450
x-envoy-upstream-service-time
16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45b3f7abb97-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 12 Apr 2024 03:32:28 GMT
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
18 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
25388635
x-envoy-upstream-service-time
31
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45b3f7cbb97-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 12 Apr 2024 03:32:28 GMT
sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
20 KB
Font
General
Full URL
https://glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
25385893
x-envoy-upstream-service-time
33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45b3f7ebb97-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 12 Apr 2024 03:32:28 GMT
sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
28 KB
28 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
5342865
x-envoy-upstream-service-time
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45b3f80bb97-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 12 Apr 2024 03:32:28 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
28 KB
28 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
5389235
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45b4f83bb97-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 12 Apr 2024 03:32:28 GMT
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
27 KB
28 KB
Font
General
Full URL
https://glyph.medium.com/font/df9ba7f/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-500-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37359d2c6eb82ca5b4a6c0567aa5d0d22d0d4d85a9aa5950490f330253795d44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://doublepulsar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
25380264
x-envoy-upstream-service-time
93
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7b70a45b4f88bb97-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Fri, 12 Apr 2024 03:32:28 GMT
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
478663
x-envoy-upstream-service-time
43
content-disposition
inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1310
x-request-id
b019cc1c-dc12-4f57-a350-e915bc339ed4
sepia-upstream
medium
server
cloudflare
etag
"qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b70a45b5801377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/v2/resize:fill:64:64/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:64:64/1*euFkwA7zJWm-l7aDoNtJrw.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d057b5af1f7468e6bb82e272738de9ff05735c9de43f45b453c29b1da4aae9
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
514854
x-envoy-upstream-service-time
78
content-disposition
inline; filename="1*euFkwA7zJWm-l7aDoNtJrw.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1739
x-request-id
71686136-867b-45c1-adb0-adf989dddc8c
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RIjdhZTE2NGMwMGVmMzI1NjliZTk3YjY4M2EwZGI0OWFmIg"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b5803377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/v2/resize:fill:96:96/
3 KB
3 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:96:96/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61b9e670c8909af3cd53c13632ba2eb90588ef25088e81d2de75bfb723c7ef3
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
315154
x-envoy-upstream-service-time
90
content-disposition
inline; filename="1*TPJ3sVZRlcq-rj72g82bAg@2x.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2884
x-request-id
56fdc09c-f104-4325-b322-dbd737682604
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"2ClxYkeZkhLd4kUTfpOdRzBNwICgGzimHBVrQIKoB9U/RIjRjZjI3N2IxNTY1MTk1Y2FiZWFlM2VmNjgzY2Q5YjAyIg"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b5804377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
0*1acKQsWchBvkk1nk
miro.medium.com/v2/resize:fit:720/
74 KB
74 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/0*1acKQsWchBvkk1nk
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b5b441aa5cbe419441f2f46235106399dba7d539bbc8c34a49871caf06d6e3
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
109
content-disposition
inline; filename="0*1acKQsWchBvkk1nk.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75783
x-request-id
94114796-8b21-4183-a59e-1d28dec71f72
sepia-upstream
medium
server
cloudflare
etag
"CIjKWn_cu4y6qb3zD7iCMwf2_8ciYYLQDv4quHUD2KQ/RIjk3YjZiZDYwZjY5NzhkYTRkZWU1NzBjYzQ4MThiZDIyIg"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b5805377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
0*8CtgNhEdrEXcU-75
miro.medium.com/v2/resize:fit:720/
77 KB
77 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/0*8CtgNhEdrEXcU-75
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98ef1fbeeb448a948ab61189d57bfee6741a8248709ee084e07a518ccb85518
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
182
content-disposition
inline; filename="0*8CtgNhEdrEXcU-75.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78419
x-request-id
4da73244-41e6-4b5a-9062-caaee9a34106
sepia-upstream
medium
server
cloudflare
etag
"CIjKWn_cu4y6qb3zD7iCMwf2_8ciYYLQDv4quHUD2KQ/RImM4MmUyZmZjNDI0ZDFjYTEyNjg1ODI5ODNjMWMxM2VhIg"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b781a377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
0*c8h3STMGC0nxyTDd
miro.medium.com/v2/resize:fit:640/
76 KB
77 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:640/0*c8h3STMGC0nxyTDd
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6465834079a6584e0f32ece113d3cdd3e86bbdaf1f13bd2c7f35e92b3f348ac7
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
223
content-disposition
inline; filename="0*c8h3STMGC0nxyTDd.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78265
x-request-id
86828baa-6689-4487-b039-6ee2c4fc3d52
sepia-upstream
medium
server
cloudflare
etag
"OtSr69AmZ-GBMNlXHGJyUHHSZ93yocbkvooLSfG_ihE/RIjVhYmIwYTE3OTQ4ZjJhZTdhYjUwOTYzYzM3NzFiMzE2Ig"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b781b377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
0*7XZQgCET-WfKmQ6P
miro.medium.com/v2/resize:fit:720/
50 KB
51 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/0*7XZQgCET-WfKmQ6P
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86956132aefc2ccf2c127223de0979f007f452f4493b30fb690c775eb7b13238
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
x-envoy-upstream-service-time
255
content-disposition
inline; filename="0*7XZQgCET-WfKmQ6P.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51511
x-request-id
e29a6abf-7376-43ea-9db8-803087f5c086
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"CIjKWn_cu4y6qb3zD7iCMwf2_8ciYYLQDv4quHUD2KQ/RImU5OWY2M2RkMTk1MDRkMGYzOGNmNzk3MDU3MGVlNDRiIg"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a45b781c377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/v2/resize:fill:176:176/
6 KB
7 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:176:176/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b9cf3d3b4a21143eea1cbe1af4e150604127dc0993b30e947d7d2e61d82a72
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
473475
x-envoy-upstream-service-time
132
content-disposition
inline; filename="1*TPJ3sVZRlcq-rj72g82bAg@2x.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6377
x-request-id
bf949d5d-841a-4739-b444-f6837dab92e6
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"cYOHBppU5_IQqNc_J_FqxtylWztmHm-fdmnA7PgkwUg/RIjRjZjI3N2IxNTY1MTk1Y2FiZWFlM2VmNjgzY2Q5YjAyIg"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230324-113241-2364650ba0
accept-ranges
bytes
cf-ray
7b70a45b781f377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
manifest.692b723c.js
cdn-client.medium.com/lite/static/js/
12 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/manifest.692b723c.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b43ccce1674a7d8440b4622210bc41ee385a978e11a6fafe253c7e1c33ad40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
lqRoDH8o2vlb3dVuntbbiQ191ly0A44N
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2DZXND9XEJVDYV4T
age
41990
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VQgmxu+opylFKPakaa5mY4hAwEbq6+SCRq4O/dclVx8ueQOoVbE4ESCqmbog5WXIyVUOC/xgSg8=
last-modified
Wed, 12 Apr 2023 15:12:26 GMT
server
cloudflare
etag
W/"a5a43919a131c2a1f8337221dde11527"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45bf87e377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
2637.f87ac379.js
cdn-client.medium.com/lite/static/js/
695 KB
213 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e25ec2766b496003e47f143ce8eb01ece1d938629921984f1848e0ba53d781
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
PxbrzhBq_8vBTEV7Nxil6j.ZtNEqERZt
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
HJ32WKK0W3SQK9PG
age
584633
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
uyXASjeOjcHA43haPU8eMXKljlJnLwUKp8a8YhV8i+bfeUEr5bIJb3DnSiBYBh2ZNi7PIgwa8X8=
last-modified
Tue, 04 Apr 2023 08:26:09 GMT
server
cloudflare
etag
W/"ea317480dd198734f34aeeb3027cac0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45bf883377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
main.54f65b05.js
cdn-client.medium.com/lite/static/js/
768 KB
189 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/main.54f65b05.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877e5d152051a12914b971d7901f08d73f1e52e261ff380e028f1d92142ecfc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
d6coqiWqHnwOCi.103orteoJng7Qvv4i
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
C0J8YNK2ZZ40HW5D
age
41703
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
X4rfCL+4qFvNs4b71iERhw0kjAMd8kZEgiARb2ATEbRgWzTXfwAIe6Sq2nU/++jCfKo/kRUeBxk=
last-modified
Wed, 12 Apr 2023 14:36:13 GMT
server
cloudflare
etag
W/"de8e34f6e66424104ea303e63e3a56ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45bf881377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
instrumentation.c71f0248.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
835SQSN2WCD6BDVB
age
85752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
CIbKMR+t1FwOgWV5FFaSjLXobXH66piRTPGhGH8z/BWltP4A8xUkL0PtGWirKXHw6vOBEepMsnQ=
last-modified
Wed, 07 Sep 2022 22:21:02 GMT
server
cloudflare
etag
W/"1c4019035217766e8fa41b4d396c90c0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45bf880377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
reporting.bbdcaa9d.chunk.js
cdn-client.medium.com/lite/static/js/
1 KB
945 B
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2R4YTKBCDDS6HF3J
age
85752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified
Fri, 01 Jul 2022 00:11:40 GMT
server
cloudflare
etag
W/"72bc359fe3377069bd162b3be6ed3d05"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45bf885377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
9658.17030d28.chunk.js
cdn-client.medium.com/lite/static/js/
5 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9658.17030d28.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601f0395312c80eca646294da8644382a9187a1ba327cd2e61afeaebf72d404c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
LU4sW2n.29KPKm37dv0UiACV943hIOiN
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
W2PN8GSGWHAHQJ9Z
age
85638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zcUAQn0HWwZuYfxpPxJrwGEaUadYpYRbalVguqAYCRPp4TaHIYxWesViclQc9OGHGbVwAGwOaRg=
last-modified
Fri, 04 Nov 2022 21:15:59 GMT
server
cloudflare
etag
W/"980d4d6173178591ee5013487f00755c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45bf888377b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
799.361fd2fb.chunk.js
cdn-client.medium.com/lite/static/js/
30 KB
13 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/799.361fd2fb.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03339318237f203c39972793a5232b2c94f3ea7a2c814641ae62660d8dd6e02b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
QMhsOw..2z7t_WH9w.ZD6x4nreWG.vQr
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG33HRZ7DN7FBY2W
age
809909
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JKaC1fn4iEDQS+SX7HMP5xGUVhmcDNQ9Cn4YrY0Sl/YORAv8Dp0FrFoMP3GMpoaYgZuLl5TdcGQ=
last-modified
Fri, 03 Mar 2023 20:16:01 GMT
server
cloudflare
etag
W/"3064a40f043f886dcc4f589b5706495b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f453a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1860.abea291f.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1860.abea291f.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6173a1b363b6bffdf4ec8d533f260644b17cc6f8a747f2d4f529795a3cdf0c04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
uS1tfjVEi120fx7YYvwb1tmcC69xBC_N
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CKH6YE43QJ55AQA6
age
808206
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Q2BPbM1yg27+tTLenM0rnN6OFZaeLeGLVxQ+u+6Q13qKVuysDCpWVYYfoGtG4AKACwHCX1oWUp0=
last-modified
Fri, 06 Jan 2023 21:37:55 GMT
server
cloudflare
etag
W/"85d86a66b898bcf1f697adede4c175db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f463a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
3838.7ae103cd.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3838.7ae103cd.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0573eb7e1b3f0dbaad578ead6eb03bfbd6280ae5d9a2827ad95b260717410939
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
2W.hiqflZMS1Uu78pZoO3HKgXmMTqecm
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CKH3FJ3BAV5QG9A3
age
808206
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ZaIhFcLEkMb+8UMOJN8mZZ39MZMo1pkb+NEaDWNgT/xigPBH6WegPId2pY/Uacn7Qn7xh8faisc=
last-modified
Mon, 06 Mar 2023 18:50:07 GMT
server
cloudflare
etag
W/"7be8dacf1eb69da190ae2840037680db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f473a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
2905.21128cd9.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2905.21128cd9.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a777399efa101fb81bb76d3bf6df78c7e8fe9a035750e3c2e80cfd9571627f5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
ZsRUuG3QxdFdf5oZUf8XYlIJoRXrLfwn
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
HXWC9ED2GVMDESFS
age
50628
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
gHvZ3DRejIjM18l3GAOeZ+jwk+C6ruq60gMTtw1NPOksqChVmE3WOWApPuE8tXeJqpKO3SpaZ9U=
last-modified
Tue, 11 Apr 2023 20:31:43 GMT
server
cloudflare
etag
W/"e522df316ba6a8d8e770e8a75bb4f19e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f493a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8007.e7e42be3.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8007.e7e42be3.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae4a152dbc443cb2190ebe669b3604fa97bae75f8012b0364ffb2ff2d4def713
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
GCST7lvuIH0KJ0ZTnx.wLhYNBstOq8pl
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG36YP10HMAVEYNT
age
809909
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
tF5q+jafuBhzt+0SKoPKSaq6cCgnwGVA4BcgHoYQA16tBd96pb0AZZKir5g/qPdcj909ZK37kkA=
last-modified
Fri, 03 Mar 2023 20:16:01 GMT
server
cloudflare
etag
W/"70cde53a50943875dc8cdadc6cc02d19"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f4a3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8695.ac0f83b3.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8695.ac0f83b3.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a979f6e8a062abeacd9791b81cbedbe908659d6bc12d73f1102167bfc41937
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
QHLtf7kDTyQGy0BXV0UCGe3J0J3T3OiS
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG31NKHVD77TXP3A
age
809909
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FqYubMp9+/5UC9f6/cfezA9WW3lwATrYE6pbEFHLrK++2E+q+nJaEbWJTsqOteFXOGM5O35IW2o=
last-modified
Fri, 03 Mar 2023 20:16:02 GMT
server
cloudflare
etag
W/"de93ef1b6b3aae9065a3d952e34db489"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f4b3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8.5980bcd4.chunk.js
cdn-client.medium.com/lite/static/js/
26 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8.5980bcd4.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b661a486215879018ecdf2463102d385f2c4fb74558fd15582e9f4844523d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
pJvmeAlpCD1R.goLN3jYFb7dMtAGD1zw
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CSJ5NY1QV5J2JWQP
age
1157427
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
rFAMOZJmj+HO0YhJ4cJXyBRSKJbo7tCfv1y49srFaSbQakg/7BJ77llXjtWzlAVP84vXnp873Yw=
last-modified
Thu, 16 Mar 2023 13:52:09 GMT
server
cloudflare
etag
W/"90db6c8a443715167c389219177065f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f4c3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
9683.3eae7344.chunk.js
cdn-client.medium.com/lite/static/js/
38 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9683.3eae7344.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca5de5c5aa1f0e30140f49d343a278198e428a59bf250f7e7985a77eb62b153
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
eqvUzevMArBnK.BW0L5mi1O9Kb22x70c
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAG5PC3ZWJYJV7EC
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
tSOORoQBunhof7sj6PENUvs/KsHGrm64L9O8QVJSfnIRbflOrqibheao7ROPoC/0vk4t2+kfMbc=
last-modified
Tue, 11 Apr 2023 19:43:08 GMT
server
cloudflare
etag
W/"eb3f0bcb51bddd99728671b640dbea7c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f4e3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
7702.c5a5a368.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7702.c5a5a368.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c223b155a0b1cc4ab40250ddeeec6031a768c2417f0144392a8680b99d7282
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
8umP.hczxtJxocgIVknlhG_09oMzTtvl
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAG6YPVFV242P5D2
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
toufDF6n6mGHhhgoudJujJuj1+n0oFYxa8tKId01+p93ep96xCrMhCtwYevq07WkdLkWOyWpVzM=
last-modified
Tue, 11 Apr 2023 19:43:06 GMT
server
cloudflare
etag
W/"50c13097a4d521f40633401ca2e79140"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f4f3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
5203.23a22ad8.chunk.js
cdn-client.medium.com/lite/static/js/
15 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5203.23a22ad8.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d19349e1a7fc17631e75d4434c94ded800f5bcb8cf8e019abe59369b9e574e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
uD1TB8JyXvDbJEXNxavvZswpYfa1t9.8
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GSFGAJCPCBSTEX37
age
827409
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
KSOdEcL9rQFokNvNoFX4ZsWX2macqyPYpdFQa87GxIXH5h+v22v6M4Y/vfhgw8+HVRbRocAun0g=
last-modified
Fri, 17 Mar 2023 21:03:22 GMT
server
cloudflare
etag
W/"9fefde6e96381be6edeb30aa4a60c1b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f523a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8708.546db97b.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8708.546db97b.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0f1f91751d635fce38f3af610e536f348ef6e22a9a9fc34d5c6d375169b3c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
ShoXATpSnyxNrxbWU6kTvwZIjAQProNM
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
3H5JRKDTHZH184D1
age
640807
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GfwrWEVxgWccwYm0zBK2Fs8auFXIsssnPkZobHnngjoox2Tz4/R9513/prbuHGtWo50EgWhDSQU=
last-modified
Wed, 05 Apr 2023 16:29:16 GMT
server
cloudflare
etag
W/"60e21df57ea608b0d63cb407029b234a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f533a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
9174.1dcb2cf1.chunk.js
cdn-client.medium.com/lite/static/js/
98 KB
28 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9174.1dcb2cf1.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58dac3db09998609b97224d55d0f0bc52fce9d643232a9481d6101d67f766bdb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
yq1D5e3dCmsoBbOQhrjVnn3.4VqxL7AF
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
01XNYXQ47W7WKFSV
age
1101931
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
bpFaK3g0zyrSsQeFipWv64yvjvEiuQXNL5Owov1tIXxEYLKqoMlD/TB9tCwNBIQMRUanMwxcvE4=
last-modified
Thu, 30 Mar 2023 14:51:58 GMT
server
cloudflare
etag
W/"338f81b2c88824b59e468a852a67bcff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f553a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1957.6c5d9d7a.chunk.js
cdn-client.medium.com/lite/static/js/
15 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1957.6c5d9d7a.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2dccb0664aa6be074668f722bd5e206d0632b561ed15eb7f4975bfdfc126605
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
WamoeO4c4UGRv.JG907c.YH8.QClHifI
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2HB1B5BHTZYD1HNT
age
131475
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
fxlphlNxfzqzuqjSS9AVm1aB86KNvEr4tYGCKhSjcD+WkFobIv5JVMer2ybGYXkslbaJsYUS4QQ=
last-modified
Mon, 10 Apr 2023 21:06:04 GMT
server
cloudflare
etag
W/"41104231374609f10e95b6c0e48b4576"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f563a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
3635.c351368e.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3635.c351368e.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d86022f2a24e2797798001ea8b3cbf6b4a6d9de3fa1d3ad1ab9e596e6c0a78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
1q0F51Do48uHb0zXeJvcmG7dMPiVWnNP
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAG76EEGBS2Z01AC
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
wkPNewSMZTTiLbBpiOtZ0oBqSFHlGbzRyRHhn1bmCk2mgbgumemLqzl9BIB52BYow5fb5oYLdTE=
last-modified
Tue, 11 Apr 2023 19:43:01 GMT
server
cloudflare
etag
W/"02cf73a2006c9014811cc907ede8a7aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f583a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
5472.a7dd22a2.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5472.a7dd22a2.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
gSXxPhc0hcRrksmL2PGhPrVOkWw4VC83
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
TYK0PEA01R37Z2AF
age
85752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/HTy1mXHJwPGew/xYMqQ7tFbF5Jg3lNbiP2FCK1QESRXm8fU5OQ78/pj2bTQ3xJ5WF5PwhIz13s=
last-modified
Fri, 21 Oct 2022 21:04:08 GMT
server
cloudflare
etag
W/"bfe1dd364c3e6da6632a1d6c3b6fb9a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f5a3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
4129.9a8d63eb.chunk.js
cdn-client.medium.com/lite/static/js/
18 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4129.9a8d63eb.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2911927df6c0a93829e78411112c7814bc7b90ecb78c3656c43d501ce89a0a65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
WfRiIovzGKzIBXx4jbOQWkmNpcHVogDv
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KXWK4781GHTPM2HZ
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
RTKe5BLNNRoS16c7G0hzDKiqJ5SbOsF6B/Rt02TBzB0RlDnwMBnbQm4r0DtnARaCP2xF+9mabiY=
last-modified
Fri, 17 Mar 2023 21:03:20 GMT
server
cloudflare
etag
W/"d6fa6c4407818897ed25daf584a5dd7c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f5b3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8580.e792aa8d.chunk.js
cdn-client.medium.com/lite/static/js/
19 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8580.e792aa8d.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0daa86ae7a8d02fd70a8eed0aef1ab1fd2f012a85ec387c0887a7d943ef6f262
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
kH0gCA1zPklX1p7HdhXRjAzllo0ZuTmA
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
97NP9WTTSPYPJT0K
age
531539
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
gkZ32VVOUNsWMdhEZkImOsBMa8B01QnwFur9jTFX+FsFBMH51j8vsjHJC4fO5io1o00/6YDhdqOSuHk5Lsy3PA==
last-modified
Thu, 09 Mar 2023 20:25:10 GMT
server
cloudflare
etag
W/"66328de0066e00e767538efbd2cf0121"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f5c3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1802.ed7a3c33.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1802.ed7a3c33.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d1212e314238dd78c06bc42fa58685e677a3c76b6ef3a40f637ca182ef4ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
BSBjabonXgecsAPF6tBjxZMA4u.EZdJQ
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAGACVBJ2DWXXZEC
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
V30kKkCpn3eed/jD1itWt21fmQS2IIJFQCnwVfFvRVWufQWW3WG4GwuG0i0SEIVb4k0ibM4DjBw=
last-modified
Tue, 11 Apr 2023 19:42:58 GMT
server
cloudflare
etag
W/"ac63693d4287dd47e97e859996f0bbe9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f5e3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
4078.182beff5.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4078.182beff5.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a9538496fc598aef8185ce64a1416f66dbb480363eacd5466477f888985c161
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
xjtc1w3dA5YeyATt8lkc6IY7tO0v2BCH
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
97NSSTE6BHWPZPWE
age
531539
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
TKMzwc4qqgLaceiuzfHxqsIMLxkgGp4pzOero8twZKE2GR4jbg+iTIkXOaqcSUVPogPR7hY8FNtQJr47gyVkZA==
last-modified
Thu, 09 Mar 2023 20:25:05 GMT
server
cloudflare
etag
W/"46c9eaa275cbf3108a4c9c63c30a6a5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f603a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
2371.2dc42014.chunk.js
cdn-client.medium.com/lite/static/js/
14 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2371.2dc42014.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf707b7f0da18180c75d1b07056b7dd6eaf1883552002ce78e0f6b35e0978c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
LxjrWUkbrOqiB31BJO8Kjq.m_WXpxFP0
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
3H5GW6S6P1E9QTVZ
age
640807
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
lS2nkIM4tIUv9YlkljUTPE40qv5Z+a0OTLmYLQZHz5g9nMBLJ0QpS8S0ZrlRDCSwxZenTc+S4aM=
last-modified
Wed, 05 Apr 2023 16:29:08 GMT
server
cloudflare
etag
W/"ff9f943495fb79f052f2baf8b0fe2c6d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f613a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8093.f160e4e4.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8093.f160e4e4.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fada36084160992d699677866f4713c55fbafcb532d162fb999f03a2e7044bdc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
61p8tLaRFNeQXHfFgI2Pene8RH_W1Oa0
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2HBFRF83GBBFHVMK
age
131475
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
R2wdRzeelvIhLfUjnLjmcpauOoEBPwn9tnporJJ9rUEPKu7xcB3hqmrYbwoPDfw9QFfsrmQZGvY=
last-modified
Mon, 10 Apr 2023 21:06:11 GMT
server
cloudflare
etag
W/"73c283f717b0571d8942815569f2e437"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f633a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1743.42985c62.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1743.42985c62.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a186a71840944885d3c455f4e3c5b73fcc575b75fcd91f4e111ea512e75b8f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
lln_mSqQczRjOIEMXIxBEgGqsFD3hyhB
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
4MRBKHCZY7DRMFQB
age
836170
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
KqcGk24OpH7ZWFOxUYIgH34J0m9KAUpMr75iwZBkQ+OBkUzh/p+97sMnOtwWasDQIYIQ+BpiYOI=
last-modified
Mon, 20 Mar 2023 10:25:00 GMT
server
cloudflare
etag
W/"3e107f7798febeec4247918bdd418957"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f643a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
3115.6d3436cf.chunk.js
cdn-client.medium.com/lite/static/js/
29 KB
10 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3115.6d3436cf.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bb11011cf636056f891eb1898cd3d229c492ca83d82c3c8e5fe3abb3469a5f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
88WefblsoeI3wFi7f1udwnsZQl9NcoCE
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
D3AZ4X6TGGVPXAKY
age
120015
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
xELw0qC7AA7mAD3e5C3nDDNhE3SdLHmpsE24Bn/Lh7wLERrd1yi2hPOUW1eGa1w+A211Zn7SLBE=
last-modified
Tue, 28 Mar 2023 04:13:43 GMT
server
cloudflare
etag
W/"d61dbfae0770c47e0fe8f58312a5e97c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f653a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
2287.a89f9d21.chunk.js
cdn-client.medium.com/lite/static/js/
15 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2287.a89f9d21.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ec15dd15d0b36925c06e9cd208be62b2bd75010d9681c067867fc429b29d9f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
rqICbRIWEFamsXMFg_kW4QvWWY96KbA7
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG33HSDPZ5HZSASJ
age
685973
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
yhtm1SybL3c0lowTHiSFTNcc2ZWjKza/zm/yMdsfCwxjRiGYMBXAiPFXl/vTmzKEKIBMe3KpULo=
last-modified
Fri, 03 Mar 2023 20:15:53 GMT
server
cloudflare
etag
W/"a73a2c40d4fc740817809c493ef138ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f663a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
7089.d69c832a.chunk.js
cdn-client.medium.com/lite/static/js/
32 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7089.d69c832a.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ed4bf16cb0316e71bde4215668c828ad9266bc6b5d5e99afe029ad0a9adcdb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
IejNGClppYvx9BiDUEOWh5Tsk8nGmiBo
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAGEB7RFQ02MK2XK
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/ipLyhBbqbNRqWb0VvjepgN+5JvOPeBunD2pDmtI/jY5F7OXWdo4nCmbwiY/5KaJk070w7/n29E=
last-modified
Tue, 11 Apr 2023 19:43:05 GMT
server
cloudflare
etag
W/"239a63aa9cf2e28532ce0f78d0838336"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f673a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
2092.0b9868e3.chunk.js
cdn-client.medium.com/lite/static/js/
21 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2092.0b9868e3.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0497bc851b9b9d3211ae22c89f36c5e47fd708bc7239ed6cdde7f39cb5ea3664
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
tk03ftqRtY0SsD83PSYlEo4CJTXYXqep
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAG85M1BMPNG9AQT
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+Gs4WHGFXx1mIIwwoL4LNLZIGWr+tYbN13s5DtgaXU5sXblpJ5WHXo17CGWxyqOn7ts17RHuOOU=
last-modified
Tue, 11 Apr 2023 19:42:58 GMT
server
cloudflare
etag
W/"f50afecac7a61bf276ac5115c0113efb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f683a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8824.e4a9134e.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8824.e4a9134e.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2913d7530f3f6c73b724c9882136bae20c7a5939038a4a1f3dbf3aea33dba79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
neRlkFcyWMOpvcNZg2IlDkGh1jbXJmPK
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
X3AFN7VK90AAFZC6
age
39672
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0mMwUm8FGTGr5TR3R/N0mZLGSEjoPbzN0V3Js4Cje6pxYzGvLKqEVLVad6fLNuBxUrqRWnq5v9oAPTl14QLNbQ==
last-modified
Thu, 09 Mar 2023 22:28:11 GMT
server
cloudflare
etag
W/"16a0e081b5bc3b11a05cfd283a41011f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f693a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1021.521f4d8a.chunk.js
cdn-client.medium.com/lite/static/js/
29 KB
10 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1021.521f4d8a.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d43fb241fa7e666e4ea52aebbd9213bbdbef6926f2773b55950bef76ddec99d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
2GmAYTwCBOFAWUVH2vt9hslG_RQtrWED
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KT8FET3MKW2ZNFT5
age
730835
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EMsDTkiX2/uhILt2a+m6n7DmoGYKrW+Jr61LSi7aKHvW0B8c/H8TlRzd3rqmegzBH3NVVj7bnCw=
last-modified
Thu, 30 Mar 2023 20:17:39 GMT
server
cloudflare
etag
W/"5fb37320a59e1b370e939109c562de2b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f6a3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8051.e4968fd4.chunk.js
cdn-client.medium.com/lite/static/js/
68 KB
17 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8051.e4968fd4.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d76de5ed817764b1894e86f622a0f05d94b59b62c36fdef9d80ea6291774f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
iwhHJ1iQ1J6WOCiscz2upzMgxoP9wHwK
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
XNNMQ3N2FG3HP0SX
age
494093
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
mffqnsYnSlOAmoim3mmiByY8UGaC3GW1d19U6K60b1YhyxxMZsSfR1DJzK4287Px2llRBxSxdIY=
last-modified
Fri, 07 Apr 2023 09:13:04 GMT
server
cloudflare
etag
W/"4bf1c62337862ab02e37ba7607f0fae3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f6b3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1069.b0e11cb2.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1069.b0e11cb2.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b91dd74344033eb8a3d2550829bf1a0a9aaef77c708c0d5b1beace62aa7db56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
a9FxX3.oASH4UDBVcbQpxYikM.4cZDpO
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ASHNSPAJAYV3S0D9
age
541961
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MLQUZfhxdEJ3hHdRSSiG5fvqMWAA+glx8ryhLSBlK/ucnJjk0jdfiGq6VVTteNh9EmlxveKMCPg=
last-modified
Thu, 06 Apr 2023 20:41:28 GMT
server
cloudflare
etag
W/"e18780ea5e895c2c47ea709688235251"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f6d3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
4894.8288f456.chunk.js
cdn-client.medium.com/lite/static/js/
19 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4894.8288f456.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05759466b3520e0a8bdf12b4e3177db4b80ef793c5bea1d54d9ecebdff1cf7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
XXCFgdpFch.0cplgWaK22wjjsLrCBBW0
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
RTWAHG8JPMX982Z3
age
730835
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
qmLj3ggtlE6hYddZZN8WWYVcQFPqVidzk4Az7fTn8WVMkU3QmjY1sohmbXxq7yRAvROOQJRse7E=
last-modified
Thu, 30 Mar 2023 20:17:45 GMT
server
cloudflare
etag
W/"cb4087916043ef1258f39e4459e5d35a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f6e3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
1194.75f34255.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1194.75f34255.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cea820612b27c10d64252e5f7d48bfe39ee6ae96f7597ce13c3025be7f7c5ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
75oaA68UmpbaUxA7pt3RAFBavNAgmqAD
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
RNK9K8FJ1KR4TPSS
age
63349
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
X37f0O/UM3bjdQhirNoo8bh5zeDH7B50hJQsqx67hU4V9c9VgNid8jJ3zpMuQT9o4K6DEoh9Tw8=
last-modified
Wed, 12 Apr 2023 09:24:38 GMT
server
cloudflare
etag
W/"048c6de46f90a1bd06c3d7d3a7e12530"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f6f3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
3218.40e114e1.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3218.40e114e1.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6bd6ef7b47bb211ab3be457fef741d16bba2f578ac4469171163d6d80cded27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
dWFQVv311xQIVW8ROU4xLJivuVxrgxTG
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
VN00BW90YBCZ9YTA
age
541961
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
M7fSbfjCwQp1JxWCCt4Mx7QkVjkAjgCAXzqJM2uL/d9U4wvXvWiLGR0xswceSC4l1lze5wbtRsU=
last-modified
Thu, 06 Apr 2023 20:41:32 GMT
server
cloudflare
etag
W/"05c15e7f42c3bb29c18cf81741c811f4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f703a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8793.496b82a7.chunk.js
cdn-client.medium.com/lite/static/js/
24 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8793.496b82a7.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39072b78eb57e7cd6488e4f678cb4a89d7d92545a21740735541e149b6f3cd7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
LMqfv7B8_YWiSAXe2Hq0KDwDC5HXHl99
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6ZVW1JT47VPJQYEN
age
241915
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
waB+CZ5a2VSuZPAKxP7UEy3xq7NHqM7/M9Oy2PE/xfie/MET922EaNVoQv70ONxGDwCSaWEqvu1VNe8miEVIh2BPdD4uuYtHInQLlmc58Yc=
last-modified
Tue, 21 Feb 2023 11:41:11 GMT
server
cloudflare
etag
W/"81aac0e7ce41a5d4ef9ef27ab62ed911"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f723a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8908.a6502213.chunk.js
cdn-client.medium.com/lite/static/js/
105 KB
26 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8908.a6502213.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8e143fdcb72d1cb1238e0c4feb34ee7318452213f37fd6395f3075e58cb027
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
QsPwbBFzcf4YnQTDhUI4TG_0Q1CTVF6a
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KAPBEBJ54S9AM2RV
age
156817
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
D2xkfpw7w0PlVYXz+2EtDL+3+PSneZoeSX5mGEBNsHvIKgFyQPS61tXlF+2CaAbuWFRA1wVHW4w=
last-modified
Thu, 06 Apr 2023 13:15:51 GMT
server
cloudflare
etag
W/"43a1985f3563b282dea547745ace740f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f743a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
PostPage.MainContent.afe30125.chunk.js
cdn-client.medium.com/lite/static/js/
32 KB
11 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.afe30125.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee621a9bb86562e4d8d5d9d44d23009e08fe310088b309e31cc1216a1c6f89f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
36VK_keUUP1wvrpmqgR83JBCFU831wDv
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAG4N4QPSZ9Q29FD
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vX4z2hJ5ZPiCse8ucq6utymWwV+BzC47hvbncIj6rFeKHp1UHxSRyAG80mu7CoDfJL8niba/A5U=
last-modified
Tue, 11 Apr 2023 19:43:25 GMT
server
cloudflare
etag
W/"e4583a0d5c355d9207272f6e0d4bf110"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f753a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
5627.c45a7fb4.chunk.js
cdn-client.medium.com/lite/static/js/
17 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5627.c45a7fb4.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345e478e32879b5ae63a9e68daf64425c3a715d1360b809ca1d460930ba59913
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
CaLTCNrzAyrm3pdHAtDsAsNFRxU25meb
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JB9N3RAFVTBW93A4
age
798828
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
tQ4WfJO+qfaXq12nxClIHzl+yfdATpL4HnMD9uWD8XTrS8snCt2cq5Dj1ZO6XJcQva09ZyvViZs=
last-modified
Mon, 03 Apr 2023 20:59:48 GMT
server
cloudflare
etag
W/"32b9165723a5534c68837915bafac03a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f783a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
8880.dfb43b6e.chunk.js
cdn-client.medium.com/lite/static/js/
29 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8880.dfb43b6e.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e384ae6948c197f8eb8e901b7bb74a70a1cc457e319ebe8fee9f138c76a807
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
HQL8LxUDvIHab6MWdON1rwi5KwJPKizo
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
D1H78GCR59VHKWX8
age
50627
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GJl7SGnvfJlElWgqsUNvBp6mCZN7I4PIdZUsDc8T87J7xhS+sYz3MuSr/ym+2OwDuOTb5YyP8qd+7GcELZeFVQ==
last-modified
Tue, 11 Apr 2023 21:09:44 GMT
server
cloudflare
etag
W/"e1fcb9cb649b944682f763e56cc7fbed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f7b3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
PostPage.RightColumnContent.7fe892db.chunk.js
cdn-client.medium.com/lite/static/js/
33 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.7fe892db.chunk.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6865f67b2b5279551d88f883b7b93d68342dda74e45b3dfcf9fa5c93d79efca7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
x-amz-version-id
vFodMP0yS48_SGfSSBsi8RJqFflNWGzD
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MAG5BV32CZ14KFTQ
age
111723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3MRrH02QwcYKTljWlr553JotHpqvohdx9OvZJ7jN8kScYrKOHHogkFemRzWb2vR6CWWA6WroA7E=
last-modified
Tue, 11 Apr 2023 19:43:25 GMT
server
cloudflare
etag
W/"3f85674e968fa34d5593610603f9e01e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a45c2f7c3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:28 GMT
pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/
0
0
Preflight
General
Full URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:6a51:d998:baf9:e02d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://doublepulsar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
access-control-allow-headers
x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
content-length
0
date
Thu, 13 Apr 2023 03:32:29 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
2230.571ed6c4.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2230.571ed6c4.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.692b723c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:29 GMT
x-amz-version-id
jyYM.ZgM9PE2gJOEnsek2uD4i4PcWdTK
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
5B1CYTHMK2616DY7
age
85748
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Otu4Bzadtbnet2y7EcEb8o/GGiEGQboxNDtYyXCV5GM+59Q94+pwvBgKKEOrg9xRHn4Y4uwRjlE=
last-modified
Mon, 24 Oct 2022 03:04:44 GMT
server
cloudflare
etag
W/"80138a2fe8e56b8f784a37863eea34c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a4629c1c3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:29 GMT
pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/
2 B
229 B
Fetch
General
Full URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.54f65b05.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:6a51:d998:baf9:e02d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Apr 2023 03:32:29 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
PostGiveTipOnExternalPlatform.9d2f1bb0.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.9d2f1bb0.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.692b723c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a0cb6328126994438b5a127dc9d3bb890323c339df243cc9f19bc3bde40bfa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:29 GMT
x-amz-version-id
gfVC0i9ar1hRC7yHzx0kIpM2hym2t6ri
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2A6P84E28JSP8YA7
age
809865
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vA9lirNj43z6QkmTpGbyFmB32LEvivucepjrDE0ZWsI6trIBiNDiFEsb6NNY/jhQK3K7powF82o=
last-modified
Fri, 03 Mar 2023 20:16:19 GMT
server
cloudflare
etag
W/"0c24ccc2ef91aca3121eafe35386f13a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a463fd343a8b-FRA
expires
Fri, 12 Apr 2024 03:32:29 GMT
1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/v2/resize:fill:32:32/
793 B
1 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:32:32/1*euFkwA7zJWm-l7aDoNtJrw.jpeg
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efabc3e89224cf791d2d188d86a68c3c5b15131d9f186673f0caef2fd0b2d0b5
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
312975
x-envoy-upstream-service-time
81
content-disposition
inline; filename="1*euFkwA7zJWm-l7aDoNtJrw.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
793
x-request-id
2543a0a3-49d5-4c37-a123-243f2c6a18f4
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"VTmW7ah-o-FUAvHL4e3x8h_5hymB7pNjuuPgkvYQ7_o/RIjdhZTE2NGMwMGVmMzI1NjliZTk3YjY4M2EwZGI0OWFmIg"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230331-165901-ac9beed054
accept-ranges
bytes
cf-ray
7b70a4662f043a8b-FRA
expires
Fri, 12 Apr 2024 03:32:29 GMT
graphql
doublepulsar.com/_/
143 B
438 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9026a14d4eaf2124626d06f3b66dd335b392c3ca01b03687ae87b351c2346fca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
VisitorQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"8f-ti04+k4DLkLH1oQBE6hsUWMlxOs"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1
x-envoy-upstream-service-time
25
content-length
143
x-xss-protection
0
x-request-received-at
1681356749860
graphql
doublepulsar.com/_/
1 KB
849 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d3305deceddaca03695d1bd4489507dd36399459e1d8fd11e6fb096f0f7fc652
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
CollectionViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"559-OA91/Hp6CfTd4w/aJ6bPdJpf46U"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
x-envoy-upstream-service-time
66
x-xss-protection
0
x-request-received-at
1681356749862
graphql
doublepulsar.com/_/
536 B
860 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
12dd58b946050aa3dc3cb7073b808ba8ecf373dd4e0e9c48f9b7b988b1054f63
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
FloatingPostActionsQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"218-W+HyqDFNIti8VnWO05nYRxRu+LI"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
x-envoy-upstream-service-time
116
content-length
536
x-xss-protection
0
x-request-received-at
1681356749860
graphql
doublepulsar.com/_/
210 B
531 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cde723aee17ba1d5d56fbf752d4cb151636069bb18a91293e5a82108aab1b9f7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"d2-j/gL6rYN4ND3FExnjat0HfMMKgY"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
x-envoy-upstream-service-time
44
content-length
210
x-xss-protection
0
x-request-received-at
1681356749863
graphql
doublepulsar.com/_/
210 B
531 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dfd8447f5732c189c35fd282b2b276a09d014bbf53e550d1004a829755498aa8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"d2-4mss4hhjmj7XMzDldTnNN4SoKF0"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
x-envoy-upstream-service-time
50
content-length
210
x-xss-protection
0
x-request-received-at
1681356749952
graphql
doublepulsar.com/_/
122 B
443 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
687b200c21d0489d1317df38901138a20919b1d331637e567c32b242470841b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
usePostPageMeterQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"7a-Anj6kLKPTl7dYRRc0vntDac3O3s"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
x-envoy-upstream-service-time
96
content-length
122
x-xss-protection
0
x-request-received-at
1681356749950
graphql
doublepulsar.com/_/
11 B
300 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
RecircSidebarQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"b-EFiDB1U+dmqzx9Mo2UjcZ1SJPO8"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1
x-envoy-upstream-service-time
14
content-length
11
x-xss-protection
0
x-request-received-at
1681356749952
graphql
doublepulsar.com/_/
27 B
320 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
ViewerQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1
x-envoy-upstream-service-time
20
content-length
27
x-xss-protection
0
x-request-received-at
1681356749955
graphql
doublepulsar.com/_/
78 B
398 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
InteractivePostBodyQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"4e-oZRptXabGmg8T9fhH50MI993LtI"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
x-envoy-upstream-service-time
40
content-length
78
x-xss-protection
0
x-request-received-at
1681356749955
graphql
doublepulsar.com/_/
103 B
397 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d45baed49ceb8ffda2637e442290f4fd4272930db0bacb4c9ed00c468a106b95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
MaybeTextToSpeechQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
sepia-upstream
medium
server
nginx
etag
W/"67-ijj2CAP017ZfX39pXq8PwNfYe6Q"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1
x-envoy-upstream-service-time
28
content-length
103
x-xss-protection
0
x-request-received-at
1681356750057
/
doublepulsar.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://doublepulsar.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.54f65b05.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, clientele/main-20230331-165901-ac9beed054
x-envoy-upstream-service-time
13
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
/
doublepulsar.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://doublepulsar.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.54f65b05.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, clientele/main-20230331-165901-ac9beed054
x-envoy-upstream-service-time
12
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Apr 2023 02:05:09 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5241
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 13 Apr 2023 04:05:09 GMT
branch-latest.min.js
cdn.branch.io/
73 KB
22 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: doublepulsar.com
URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=87f3ba43b494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdc2bb26fe76a79d54a6f197edf1188e4829093003f26707eed349267a8a96d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:30:47 GMT
content-encoding
gzip
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-version-id
RcGafUhyGoCBAIKL0sPQaqgYc5MW5qY6
last-modified
Tue, 04 Apr 2023 19:50:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
104
etag
"ce82fd24f9c8aae0ff0fa6e15c400c97"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
22498
x-amz-cf-id
rz3wTCFEiDZeDUO0dW765fnZ5e7U7fykqXrwya_04EbKzJJ62e7liw==
/
doublepulsar.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://doublepulsar.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.54f65b05.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Apr 2023 03:32:27 GMT
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, clientele/main-20230331-165901-ac9beed054
x-envoy-upstream-service-time
12
sepia-upstream
medium
server
nginx
content-length
0
content-type
application/octet-stream
graphql
doublepulsar.com/_/
81 B
373 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
PostGiveTipOnExternalPlatformQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"51-T0kabmH8r91amHAHqjii15hhpe8"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1
x-envoy-upstream-service-time
38
content-length
81
x-xss-protection
0
x-request-received-at
1681356750893
graphql
doublepulsar.com/_/
210 B
531 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cde723aee17ba1d5d56fbf752d4cb151636069bb18a91293e5a82108aab1b9f7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"d2-j/gL6rYN4ND3FExnjat0HfMMKgY"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230412-161134-4cd4c96e63
x-envoy-upstream-service-time
40
content-length
210
x-xss-protection
0
x-request-received-at
1681356750887
graphql
doublepulsar.com/_/
84 B
377 B
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
86bd72d2c527ece306e77dc946201498f1b5e1c3c01835da8af51fe9a4e48cf4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
ClapCountQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
sepia-upstream
medium
server
nginx
etag
W/"54-0dYQfJ6Npha9EZ4zZL0gKWNcL54"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1
x-envoy-upstream-service-time
29
content-length
84
x-xss-protection
0
x-request-received-at
1681356750899
5969.5a44a1f3.chunk.js
cdn-client.medium.com/lite/static/js/
14 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5969.5a44a1f3.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.692b723c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d09e2d4335887bff9ed0e6365e0bb71fd44b8840048cc29920a2ae8454422f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:30 GMT
x-amz-version-id
LymOCDbwftYr_G4klOHARNAA4AqbGXAK
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1Q27C01HJ4V8K0XN
age
111965
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
XI8RqC4+vrtpHYsFVQI0VdOvwc3+9H2CP0CIa/888jKwcREOpb7th6cZg/5mbQAmlig8V4AfTqM=
last-modified
Tue, 11 Apr 2023 19:43:04 GMT
server
cloudflare
etag
W/"791d0fd20799bdfff1ff47c84ba893a4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a46cdbec3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:30 GMT
2998.ace1937b.chunk.js
cdn-client.medium.com/lite/static/js/
14 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2998.ace1937b.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.692b723c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbaaa1c1a98c13eb9ea17f12905329435a3e886d801b4fdc1866bf639a0e08f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:30 GMT
x-amz-version-id
CiWNCVXFKhzkSIRn4eN8HPpJPiJP5o2y
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1Q2E88CYWKARH9AG
age
111965
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Sj5IyZ6z2NCkZq0IQp+Do9BgGnUM3w7ncO945x8brJHdlYfi4BP3C0/c/N6LuI+XZO6Tg87YsnU=
last-modified
Tue, 11 Apr 2023 19:43:00 GMT
server
cloudflare
etag
W/"8bda4296f0b3d2c0bf61581ae3656118"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a46cdbed3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:30 GMT
PostNextFiveStories.10a929c7.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.10a929c7.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.692b723c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79eb96070f46bdfc877526347043fbe369069bd10ced3801aea4fae9c3a02405
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:30 GMT
x-amz-version-id
s3rnI8YlAYWIm5lqf6PbRBhoE00NmZwQ
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
Y76XYP4PNN79A6B4
age
111965
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
gyoPm0FNxCEM9JfB55cMRKjWitw21U5nPbvB/pqB1iWEWV4CJ/7LLx8ens9vg3wkmrvgYxkrjqY=
last-modified
Tue, 11 Apr 2023 19:43:25 GMT
server
cloudflare
etag
W/"8cc3a1cdb912499a31a0c32569d93cae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b70a46cdbef3a8b-FRA
expires
Fri, 12 Apr 2024 03:32:30 GMT
collect
www.google-analytics.com/j/
3 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1505715012&t=pageview&_s=1&dl=https%3A%2F%2Fdoublepulsar.com%2Fproxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9&ul=en-us&de=UTF-8&dt=ProxyNotShell%E2%80%94%20the%20story%20of%20the%20claimed%20zero%20days%20in%20Microsoft%20Exchange%20%7C%20by%20Kevin%20Beaumont%20%7C%20DoublePulsar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1607387781&gjid=29667343&cid=995406063.1681356751&tid=UA-24232453-2&_gid=1086211911.1681356751&_r=1&_slc=1&z=1905728753
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 03:32:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://doublepulsar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
_r
app.link/
91 B
638 B
Script
General
Full URL
https://app.link/_r?sdk=web2.74.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
95df9c8371a548a81902c88393a70083f93fe1a043a11e446aba4ee66b415d5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 03:32:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
server
openresty
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop
FRA6-C1
etag
W/"5b-RsCpeKQ0Lik0Ld7zTSRgFOBSkLk"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
igT5IdmTZDC4VKu0VLp1Og6U_W1sp4As6WnC65Wb3bvtpX1zc1sJUQ==
graphql
doublepulsar.com/_/
22 KB
5 KB
Fetch
General
Full URL
https://doublepulsar.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1af378e20700abfdd65ab3037683998119af567876daa4bfe7e0f80be3a1cb42
Security Headers
Name Value
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
1d2a7b07442b0fc2
medium-frontend-path
/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
graphql-operation
PostNextFiveStoriesQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
medium-frontend-app
lite/main-20230412-154149-d8d557fb19
apollographql-client-version
main-20230412-154149-d8d557fb19
ot-tracer-spanid
6abec97f106cf02b

Response headers

date
Thu, 13 Apr 2023 03:32:28 GMT
content-encoding
gzip
sepia-upstream
medium
server
nginx
etag
W/"56d8-JirjhRfnqzCyJ6QUqDkJ6A4Gtlg"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a, rito/main-20230412-161343-222dc017c1, tutu/main-20230411-203137-34ba609b65
x-envoy-upstream-service-time
131
x-xss-protection
0
x-request-received-at
1681356750993
open
api2.branch.io/v1/
316 B
692 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2493:1400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
80f8a32926d9607080a9e202e005cd1e1c5609049071dde9b7084c1c5cd63ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Apr 2023 03:32:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
6eb9ad73-566f-4e9f-84c2-843f053a9a1f-2023041303
content-length
316
x-amz-cf-id
wQR_dXbJXLEmrDLzP6agfMYUINd2Ap9Nq3SH-rnric85FhhoP5j64Q==
profile
api2.branch.io/v1/
183 B
615 B
XHR
General
Full URL
https://api2.branch.io/v1/profile
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2493:1400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
031512004f4a38d972469a2ef493e9be8847ab96c62dd084aae4176dad798782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Apr 2023 03:32:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"b7-Zk6zUHGFbjpNHpMR+elm+Kh2hgM"
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
dde115b5ec4944bca2bf716dd34e1137-2023041303
content-length
183
x-amz-cf-id
LX0t_bzEHZUlukRruIpIqQFkkAdd7f9pU3xOMWxnvLPwb1gkU11Crg==
pageview
api2.branch.io/v1/
28 B
436 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2493:1400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Apr 2023 03:32:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
f37a375282b84b2aa5947d3db274edd4-2023041303
content-length
28
x-amz-cf-id
6TKKF9IeG3CPVpbynOpAgtZJifs7diMB9YlpxvHk7HgdypRvkEGmSw==
pageview
api2.branch.io/v1/
28 B
435 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2637.f87ac379.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2493:1400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Apr 2023 03:32:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
ad7cc8702c4c4b8dbeb46c7b255b6f9b-2023041303
content-length
28
x-amz-cf-id
VfTIeB8xjIwrxvp-hdAoZ8SqtXvW3wm0Avauu0QrLKs3E2qEoIvRcQ==
batch
doublepulsar.com/_/
17 B
173 B
Fetch
General
Full URL
https://doublepulsar.com/_/batch
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.54f65b05.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-119-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer
https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
x-xsrf-token
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/json

Response headers

date
Thu, 13 Apr 2023 03:32:31 GMT
medium-fulfilled-by
valencia/main-20230410-231404-04301eef6a
x-envoy-upstream-service-time
147
sepia-upstream
medium
server
nginx
content-length
17
content-type
application/json

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_RUM function| main object| __APOLLO_CLIENT__ function| _resizeIframe string| GoogleAnalyticsObject function| ga object| branch object| google_tag_data object| gaplugins object| gaGlobal object| gaData

10 Cookies

Domain/Path Name / Value
.medium.com/ Name: uid
Value: lo_1f0dd83c028f
.medium.com/ Name: sid
Value: 1:/XYsIG4/lamhgC8v22lunVPxD2rWUBqgQTaJtK6ZZL52UehtQWhmWc2fkSjXPyYf
.medium.com/ Name: __cfruid
Value: 2fc31b7183f1c68a01c46ceb425f3e4fed970e34-1681356747
doublepulsar.com/ Name: sid
Value: 1:gUQoO0TcXZiJqtUZtO5lTpHK148b2Nz17o0phuoaBHw+tXt3byeNwMZQzFFYaoeE
doublepulsar.com/ Name: uid
Value: lo_1f0dd83c028f
doublepulsar.com/ Name: _dd_s
Value: rum=0&expire=1681357649233
.doublepulsar.com/ Name: _ga
Value: GA1.2.995406063.1681356751
.doublepulsar.com/ Name: _gid
Value: GA1.2.1086211911.1681356751
.doublepulsar.com/ Name: _gat
Value: 1
.app.link/ Name: _s
Value: J45LnLU9xCu%2BllSjdYD%2FYxAy2bI4RutZW7DJh0JjLWWJZqPD4QTxF7uz%2B%2FaWLIYb

1 Console Messages

Source Level URL
Text
network error URL: https://doublepulsar.com/_/graphql
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
doublepulsar.com
glyph.medium.com
medium.com
miro.medium.com
www.google-analytics.com
108.138.17.81
2600:1f18:24e6:b900:6a51:d998:baf9:e02d
2600:9000:2057:b200:19:9934:6a80:93a1
2600:9000:2493:1400:11:f728:3040:93a1
2606:4700:7::a29f:9804
2a00:1450:4001:830::200e
52.1.119.170
031512004f4a38d972469a2ef493e9be8847ab96c62dd084aae4176dad798782
03339318237f203c39972793a5232b2c94f3ea7a2c814641ae62660d8dd6e02b
0497bc851b9b9d3211ae22c89f36c5e47fd708bc7239ed6cdde7f39cb5ea3664
0573eb7e1b3f0dbaad578ead6eb03bfbd6280ae5d9a2827ad95b260717410939
09d1212e314238dd78c06bc42fa58685e677a3c76b6ef3a40f637ca182ef4ce2
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0d19349e1a7fc17631e75d4434c94ded800f5bcb8cf8e019abe59369b9e574e0
0daa86ae7a8d02fd70a8eed0aef1ab1fd2f012a85ec387c0887a7d943ef6f262
12dd58b946050aa3dc3cb7073b808ba8ecf373dd4e0e9c48f9b7b988b1054f63
17b661a486215879018ecdf2463102d385f2c4fb74558fd15582e9f4844523d3
1af378e20700abfdd65ab3037683998119af567876daa4bfe7e0f80be3a1cb42
1cea820612b27c10d64252e5f7d48bfe39ee6ae96f7597ce13c3025be7f7c5ba
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2911927df6c0a93829e78411112c7814bc7b90ecb78c3656c43d501ce89a0a65
293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174
345e478e32879b5ae63a9e68daf64425c3a715d1360b809ca1d460930ba59913
37359d2c6eb82ca5b4a6c0567aa5d0d22d0d4d85a9aa5950490f330253795d44
39072b78eb57e7cd6488e4f678cb4a89d7d92545a21740735541e149b6f3cd7c
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
43e25ec2766b496003e47f143ce8eb01ece1d938629921984f1848e0ba53d781
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b9cf3d3b4a21143eea1cbe1af4e150604127dc0993b30e947d7d2e61d82a72
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
4d8e143fdcb72d1cb1238e0c4feb34ee7318452213f37fd6395f3075e58cb027
50a979f6e8a062abeacd9791b81cbedbe908659d6bc12d73f1102167bfc41937
52b5b441aa5cbe419441f2f46235106399dba7d539bbc8c34a49871caf06d6e3
57b43ccce1674a7d8440b4622210bc41ee385a978e11a6fafe253c7e1c33ad40
58dac3db09998609b97224d55d0f0bc52fce9d643232a9481d6101d67f766bdb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a9538496fc598aef8185ce64a1416f66dbb480363eacd5466477f888985c161
5d09e2d4335887bff9ed0e6365e0bb71fd44b8840048cc29920a2ae8454422f8
601f0395312c80eca646294da8644382a9187a1ba327cd2e61afeaebf72d404c
6173a1b363b6bffdf4ec8d533f260644b17cc6f8a747f2d4f529795a3cdf0c04
6465834079a6584e0f32ece113d3cdd3e86bbdaf1f13bd2c7f35e92b3f348ac7
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
67d057b5af1f7468e6bb82e272738de9ff05735c9de43f45b453c29b1da4aae9
6865f67b2b5279551d88f883b7b93d68342dda74e45b3dfcf9fa5c93d79efca7
687b200c21d0489d1317df38901138a20919b1d331637e567c32b242470841b8
6d0f1f91751d635fce38f3af610e536f348ef6e22a9a9fc34d5c6d375169b3c0
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
74d76de5ed817764b1894e86f622a0f05d94b59b62c36fdef9d80ea6291774f0
77bb11011cf636056f891eb1898cd3d229c492ca83d82c3c8e5fe3abb3469a5f
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
79eb96070f46bdfc877526347043fbe369069bd10ced3801aea4fae9c3a02405
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
80f8a32926d9607080a9e202e005cd1e1c5609049071dde9b7084c1c5cd63ab1
86956132aefc2ccf2c127223de0979f007f452f4493b30fb690c775eb7b13238
86bd72d2c527ece306e77dc946201498f1b5e1c3c01835da8af51fe9a4e48cf4
877e5d152051a12914b971d7901f08d73f1e52e261ff380e028f1d92142ecfc8
8cbaaa1c1a98c13eb9ea17f12905329435a3e886d801b4fdc1866bf639a0e08f
9026a14d4eaf2124626d06f3b66dd335b392c3ca01b03687ae87b351c2346fca
93ec15dd15d0b36925c06e9cd208be62b2bd75010d9681c067867fc429b29d9f
959e9bcd1517bba431d248220602b60b67d4004a3c0fee09ea098a77461dd38b
95df9c8371a548a81902c88393a70083f93fe1a043a11e446aba4ee66b415d5a
97ce277a4d365d934b0ab4e83169671cf321b4ae80e1f8c00216fa6f08ae9f5b
9b91dd74344033eb8a3d2550829bf1a0a9aaef77c708c0d5b1beace62aa7db56
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
9ee621a9bb86562e4d8d5d9d44d23009e08fe310088b309e31cc1216a1c6f89f
9fa894b2b6bd71cc0708574dc27d923fdf0fcb0feceda140e83c0b5f1443ecc5
a2dccb0664aa6be074668f722bd5e206d0632b561ed15eb7f4975bfdfc126605
a777399efa101fb81bb76d3bf6df78c7e8fe9a035750e3c2e80cfd9571627f5c
a7d86022f2a24e2797798001ea8b3cbf6b4a6d9de3fa1d3ad1ab9e596e6c0a78
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ae4a152dbc443cb2190ebe669b3604fa97bae75f8012b0364ffb2ff2d4def713
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b3e384ae6948c197f8eb8e901b7bb74a70a1cc457e319ebe8fee9f138c76a807
b61b9e670c8909af3cd53c13632ba2eb90588ef25088e81d2de75bfb723c7ef3
b6bd6ef7b47bb211ab3be457fef741d16bba2f578ac4469171163d6d80cded27
b7a186a71840944885d3c455f4e3c5b73fcc575b75fcd91f4e111ea512e75b8f
b98ef1fbeeb448a948ab61189d57bfee6741a8248709ee084e07a518ccb85518
bca5de5c5aa1f0e30140f49d343a278198e428a59bf250f7e7985a77eb62b153
bcf707b7f0da18180c75d1b07056b7dd6eaf1883552002ce78e0f6b35e0978c9
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
bfbe7f454734a762953286c941647a932e87fb48c9f5caf57ad6b03728ef7c7b
c1c223b155a0b1cc4ab40250ddeeec6031a768c2417f0144392a8680b99d7282
c3ed4bf16cb0316e71bde4215668c828ad9266bc6b5d5e99afe029ad0a9adcdb
c4a0cb6328126994438b5a127dc9d3bb890323c339df243cc9f19bc3bde40bfa
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
cdc2bb26fe76a79d54a6f197edf1188e4829093003f26707eed349267a8a96d3
cde723aee17ba1d5d56fbf752d4cb151636069bb18a91293e5a82108aab1b9f7
d3305deceddaca03695d1bd4489507dd36399459e1d8fd11e6fb096f0f7fc652
d43fb241fa7e666e4ea52aebbd9213bbdbef6926f2773b55950bef76ddec99d3
d45baed49ceb8ffda2637e442290f4fd4272930db0bacb4c9ed00c468a106b95
dfd8447f5732c189c35fd282b2b276a09d014bbf53e550d1004a829755498aa8
e05759466b3520e0a8bdf12b4e3177db4b80ef793c5bea1d54d9ecebdff1cf7d
e2913d7530f3f6c73b724c9882136bae20c7a5939038a4a1f3dbf3aea33dba79
e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc
efabc3e89224cf791d2d188d86a68c3c5b15131d9f186673f0caef2fd0b2d0b5
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
fada36084160992d699677866f4713c55fbafcb532d162fb999f03a2e7044bdc
fef54ca8b64e3a64cd431f6679bcb3cbf7af32e691bcb1808851e0e2c63ab0ce