doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilitie...
Effective URL:
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilitie...
Submission: On August 27 via api (August 27th 2021, 2:40:59 pm UTC) from US

Summary HTTP 132 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 132 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is doublepulsar.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 21st 2021. Valid for: a year.

This is the only time doublepulsar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	52.1.119.170 52.1.119.170	14618 (AMAZON-AES) (AMAZON-AES)
1 94	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.96.57 13.224.96.57	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:7a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:303... 2606:4700:3032::6815:5081	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b902:3560:f86b:b647:d2d7	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:21f... 2600:9000:21f3:6600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.225.10.210 3.225.10.210	14618 (AMAZON-AES) (AMAZON-AES)
132	10

17 52.1.119.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-119-170.compute-1.amazonaws.com

doublepulsar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-57.zrh50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:7a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3032::6815:5081 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:3560:f86b:b647:d2d7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:6600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.10.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-10-210.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	1 MB
17	doublepulsar.com 1 redirects doublepulsar.com	61 KB
10	medium.systems lightstep.medium.systems	3 KB
5	branch.io cdn.branch.io api2.branch.io	26 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	97 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
2	google-analytics.com www.google-analytics.com	19 KB
1	app.link app.link	561 B
132	8

	Domain	Requested by
43	cdn-client.medium.com	doublepulsar.com cdn-client.medium.com
38	miro.medium.com	doublepulsar.com
17	doublepulsar.com	1 redirects cdn-client.medium.com
12	glyph.medium.com	doublepulsar.com glyph.medium.com
10	lightstep.medium.systems	cdn-client.medium.com
4	api2.branch.io	cdn-client.medium.com
2	errors.client.optimizely.com	cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	www.google-analytics.com	doublepulsar.com cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	doublepulsar.com
1	cdn.optimizely.com	doublepulsar.com
1	medium.com	1 redirects
132	13

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
policy.medium.com
twitter.com
symantec-enterprise-blogs.security.com
www.zerodayinitiative.com
msrc.microsoft.com
www.bleepingcomputer.com
www.reddit.com
github.com
searchsecurity.techtarget.com
www.microsoft.com
us-cert.cisa.gov
gerritcomfix.medium.com
bromiley.medium.com
javascript.plainenglish.io
gotoflorian-pro.medium.com
shice1910.medium.com
vzmediaplatform.medium.com
help.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
doublepulsar.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-21` - `2022-01-21`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2021-10-01`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
errors.client.optimizely.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Frame ID: F62FCFC507CAACBA9071FF61BFBE5757
Requests: 125 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities | by Kevin Beaumont | Aug, 2021 | DoublePulsar

Page URL History Show full URLs

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxy... HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-thre... HTTP 302
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxy... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

132
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

13
Subdomains

10
IPs

2
Countries

1520 kB
Transfer

3853 kB
Size

3
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_page-----c457b1655e9c---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2Fc457b1655e9c&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----c457b1655e9c--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_page-----c457b1655e9c---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/doublepulsar/newsletters/doublepulsar-cybersecurity-threat-intelligence?source=post_page-----c457b1655e9c--------------------------------
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-rules-30e5502c4eb4?source=responses-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=responses-----c457b1655e9c---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=-----c457b1655e9c---------------------smart_meter-----------
Title: Sign up for Medium and get an extra one

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=post_page-7db6d2df42a6----c457b1655e9c---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://twitter.com/orange_8361
Title: Orange Tsai

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1426114648609337344
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*u9RwN0668pjS1BTgAenrNQ.png" width="700" height="463" srcSet="https://miro.medium.com/max/552/1*u9RwN0668pjS1BTgAenrNQ.png 276w, https://miro.medium.com/max/1104/1*u9RwN0668pjS1BTgAenrNQ.png 552w, https://miro.medium.com/max/1280/1*u9RwN0668pjS1BTgAenrNQ.png 640w, https://miro.medium.com/max/1400/1*u9RwN0668pjS1BTgAenrNQ.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lockfile-ransomware-new-petitpotam-windows
Title: LockFile: Ransomware Uses PetitPotam Exploit to Compromise Windows Domain Controllers | Symantec Blogs (security.com)

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1427225282713427968
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*62rghLij4Vr4jtvWcKmWow.png" width="700" height="697" srcSet="https://miro.medium.com/max/552/1*62rghLij4Vr4jtvWcKmWow.png 276w, https://miro.medium.com/max/1104/1*62rghLij4Vr4jtvWcKmWow.png 552w, https://miro.medium.com/max/1280/1*62rghLij4Vr4jtvWcKmWow.png 640w, https://miro.medium.com/max/1400/1*62rghLij4Vr4jtvWcKmWow.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/buffaloverflow/status/1429050360212119555?s=20
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*sdwri3ewG0QVcwMgBM2ixw.png" width="700" height="644" srcSet="https://miro.medium.com/max/552/1*sdwri3ewG0QVcwMgBM2ixw.png 276w, https://miro.medium.com/max/1104/1*sdwri3ewG0QVcwMgBM2ixw.png 552w, https://miro.medium.com/max/1280/1*sdwri3ewG0QVcwMgBM2ixw.png 640w, https://miro.medium.com/max/1400/1*sdwri3ewG0QVcwMgBM2ixw.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
Title: Zero Day Initiative — From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange — ProxyShell!

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473
Title: CVE-2021–34473

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523
Title: CVE-2021–34523

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31207
Title: CVE-2021–31207

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-are-getting-hacked-via-proxyshell-exploits/
Title: Microsoft Exchange servers are getting hacked via ProxyShell exploits (bleepingcomputer.com)

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/msp/comments/p8ik84/polite_warning_please_patch_the_newest_exchange/h9qqq83/
Title: Polite Warning: Please Patch the Newest Exchange Vuln : msp (reddit.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/scanning/blob/main/http-vuln-exchange-proxyshell.nse
Title: scanning/http-vuln-exchange-proxyshell.nse at main · GossiTheDog/scanningContribute to GossiTheDog/scanning development by creating an account on GitHub.github.com

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1423974672383856642
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*IjYYNH-Hdk2OS1r2Bpli_Q.png" width="700" height="1121" srcSet="https://miro.medium.com/max/552/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 276w, https://miro.medium.com/max/1104/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 552w, https://miro.medium.com/max/1280/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 640w, https://miro.medium.com/max/1400/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/news/252505450/Many-Exchange-servers-still-vulnerable-to-ProxyLogon-ProxyShell?utm_campaign=ssec_security&utm_content=1629300558&utm_medium=social&utm_source=twitter
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*RlD-7L_z5RnXAPaonz3LfA.png" width="700" height="715" srcSet="https://miro.medium.com/max/552/1*RlD-7L_z5RnXAPaonz3LfA.png 276w, https://miro.medium.com/max/1104/1*RlD-7L_z5RnXAPaonz3LfA.png 552w, https://miro.medium.com/max/1280/1*RlD-7L_z5RnXAPaonz3LfA.png 640w, https://miro.medium.com/max/1400/1*RlD-7L_z5RnXAPaonz3LfA.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1423609007063851015
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*fTD2aXnSkh1IjwhVvOhOwg.png" width="700" height="447" srcSet="https://miro.medium.com/max/552/1*fTD2aXnSkh1IjwhVvOhOwg.png 276w, https://miro.medium.com/max/1104/1*fTD2aXnSkh1IjwhVvOhOwg.png 552w, https://miro.medium.com/max/1280/1*fTD2aXnSkh1IjwhVvOhOwg.png 640w, https://miro.medium.com/max/1400/1*fTD2aXnSkh1IjwhVvOhOwg.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-Powershell-via-SSRF
Title: ThreatHunting/Exchange-Powershell-via-SSRF at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-ProxyShell-RBAC
Title: ThreatHunting/Exchange-ProxyShell-RBAC at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-CVE-2021-34473-SSRF
Title: ThreatHunting/Exchange-CVE-2021–34473-SSRF at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-ProxyShell-SSRF
Title: ThreatHunting/Exchange-ProxyShell-SSRF at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/06/30/microsoft-finds-new-netgear-firmware-vulnerabilities-that-could-lead-to-identity-theft-and-full-system-compromise/
Title: example

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/current-activity/2021/08/21/urgent-protect-against-active-exploitation-proxyshell
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*rCHyIaUk8a7PX-olIw1NnA.png" width="700" height="253" srcSet="https://miro.medium.com/max/552/1*rCHyIaUk8a7PX-olIw1NnA.png 276w, https://miro.medium.com/max/1104/1*rCHyIaUk8a7PX-olIw1NnA.png 552w, https://miro.medium.com/max/1280/1*rCHyIaUk8a7PX-olIw1NnA.png 640w, https://miro.medium.com/max/1400/1*rCHyIaUk8a7PX-olIw1NnA.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/NSACyber/status/1429073988957970441?s=20
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*CvDtyvsgtYHqr5hn0IDEVA.png" width="700" height="331" srcSet="https://miro.medium.com/max/552/1*CvDtyvsgtYHqr5hn0IDEVA.png 276w, https://miro.medium.com/max/1104/1*CvDtyvsgtYHqr5hn0IDEVA.png 552w, https://miro.medium.com/max/1280/1*CvDtyvsgtYHqr5hn0IDEVA.png 640w, https://miro.medium.com/max/1400/1*CvDtyvsgtYHqr5hn0IDEVA.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/VirITeXplorer/status/1428750497872232459
Title: link

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&collection=DoublePulsar&collectionId=8343faddf0ec&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=post_sidebar-----c457b1655e9c---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_sidebar-----c457b1655e9c---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/doublepulsar/newsletters/doublepulsar-cybersecurity-threat-intelligence?source=newsletter_v3_promo--------------------------newsletter_v3_promo-----------
Title: Take a look.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fbf3adc545c1c&operation=register&redirect=https%3A%2F%2Fmedium.com%2Fdoublepulsar%2Fnewsletters%2Fdoublepulsar-cybersecurity-threat-intelligence&collection=DoublePulsar&collectionId=8343faddf0ec&newsletterV3=DoublePulsar%20Cybersecurity%20Threat%20Intelligence&newsletterV3Id=bf3adc545c1c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=newsletter_v3_promo--------------------------newsletter_v3_promo-----------
Title: Get this newsletter

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=post_actions_footer-----c457b1655e9c---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=follow_footer-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=follow_footer-7db6d2df42a6----c457b1655e9c---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fb4bad6c46577&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&newsletterV3=7db6d2df42a6&newsletterV3Id=b4bad6c46577&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=follow_footer-----c457b1655e9c---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&collection=DoublePulsar&collectionId=8343faddf0ec&source=follow_footer-----c457b1655e9c---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/pragmatic-programmers/other-security-resources-c4539fff6d4b?source=post_internal_links---------0----------------------------
Title: Other Security Resources

Search URL Search Domain Scan URL

URL: https://medium.com/@pragprog?source=post_internal_links---------0----------------------------
Title: The Pragmatic Programmers

Search URL Search Domain Scan URL

URL: https://medium.com/pragmatic-programmers?source=post_internal_links---------0----------------------------
Title: The Pragmatic Programmers

Search URL Search Domain Scan URL

URL: https://medium.com/@MikeBacina/dick-smith-scam-advertising-garners-lawsuit-against-the-guardian-c45fab3460a?source=post_internal_links---------1----------------------------
Title: Dick Smith scam advertising garners lawsuit against The Guardian

Search URL Search Domain Scan URL

URL: https://medium.com/@MikeBacina?source=post_internal_links---------1----------------------------
Title: Michael Bacina

Search URL Search Domain Scan URL

URL: https://gerritcomfix.medium.com/useful-resources-for-evaluating-subgraphs-c45f322a2dcd?source=post_internal_links---------2----------------------------
Title: Useful resources for evaluating Subgraphs

Search URL Search Domain Scan URL

URL: https://gerritcomfix.medium.com/?source=post_internal_links---------2----------------------------
Title: Gerrit

Search URL Search Domain Scan URL

URL: https://bromiley.medium.com/full-packet-fridays-c4597cfcb18f?source=post_internal_links---------3----------------------------
Title: Full Packet Fridays: Malware Traffic Analysis

Search URL Search Domain Scan URL

URL: https://bromiley.medium.com/?source=post_internal_links---------3----------------------------
Title: Matt B

Search URL Search Domain Scan URL

URL: https://javascript.plainenglish.io/transport-layer-protection-cheat-sheet-for-javascript-developers-c45d5970bdf3?source=post_internal_links---------4----------------------------
Title: Transport Layer Protection Cheat Sheet For JavaScript Developers

Search URL Search Domain Scan URL

URL: https://gotoflorian-pro.medium.com/?source=post_internal_links---------4----------------------------
Title: Florian GOTO

Search URL Search Domain Scan URL

URL: https://javascript.plainenglish.io/?source=post_internal_links---------4----------------------------
Title: JavaScript in Plain English

Search URL Search Domain Scan URL

URL: https://shice1910.medium.com/update-eat-game-hack-free-resources-generator-c45ba4d03e75?source=post_internal_links---------5----------------------------
Title: {UPDATE} Eat Game Hack Free Resources Generator

Search URL Search Domain Scan URL

URL: https://shice1910.medium.com/?source=post_internal_links---------5----------------------------
Title: Jojo Artemas

Search URL Search Domain Scan URL

URL: https://vzmediaplatform.medium.com/dont-let-your-web-security-solution-affect-performance-e30b536b76fe?source=post_internal_links---------6----------------------------
Title: Don’t let your web security solution affect performance.

Search URL Search Domain Scan URL

URL: https://vzmediaplatform.medium.com/?source=post_internal_links---------6----------------------------
Title: Verizon Media Platform

Search URL Search Domain Scan URL

URL: https://medium.com/@julia.sommer/gdpr-demystified-2-17eeb3bce18?source=post_internal_links---------7----------------------------
Title: GDPR demystified #2

Search URL Search Domain Scan URL

URL: https://medium.com/@julia.sommer?source=post_internal_links---------7----------------------------
Title: Julia Sommer

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----c457b1655e9c--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----c457b1655e9c--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://medium.com/creator-tools?source=post_page-----c457b1655e9c--------------------------------
Title: Write a story on Medium.

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page-----c457b1655e9c--------------------------------
Title: Write

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----c457b1655e9c--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----c457b1655e9c--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c%3Fsource%3Drss------cybersecurity-5 HTTP 302
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c Show response
doublepulsar.com/
Redirect Chain

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c%3Fso...
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a

227 KB
45 KB

2909ms
2909ms

Document
text/html

52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c9e498f5209c744498c600a13e63c1d59e81d2992726c71dd0eb082a71cb6a6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Request headers

:method: GET
:authority: doublepulsar.com
:scheme: https
:path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Fri, 27 Aug 2021 14:40:37 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
etag: W/"38c2c-1ollWl+mnnmlGb+jUI3KFJXdyOY"
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, lite/main-20210826-210656-6b979099c1, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
medium-missing-time: 1392
set-cookie: uid=lo_8d32b424d869; Path=/; Expires=Sat, 27 Aug 2022 14:40:34 GMT; HttpOnly; Secure; SameSite=None sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; Path=/; Expires=Sat, 27 Aug 2022 14:40:34 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_8d32b424d869; Path=/; Expires=Sat, 27 Aug 2022 14:40:34 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 2791
x-request-received-at: 1630075234366

Redirect headers

date: Fri, 27 Aug 2021 14:40:34 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
cf-ray: 68560e44bc56dfa9-FRA
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
set-cookie: uid=lo_8d32b424d869; Path=/; Domain=medium.com; Expires=Sat, 27 Aug 2022 14:40:34 GMT; HttpOnly; Secure sid=1:J0M6pq0eKTXG6439AP8nRXlEDeyp9/+QI8jWNXkTainvC634PwAlftRBgYwugrwv; Path=/; Domain=medium.com; Expires=Sat, 27 Aug 2022 14:40:34 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_8d32b424d869; Path=/; Domain=medium.com; Expires=Sat, 27 Aug 2022 14:40:34 GMT; Secure; SameSite=None __cfruid=eefcabf1e21a8593089f555c7a350a25c31a4618-1630075234; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/4, valencia/main-20210826-123830-4cdf4f0dd3
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 84
x-frame-options: sameorigin
x-obvious-info: 20210827-0800-root,0742fb32
x-obvious-tid: 1630075234119:2e69297e2d4b
x-opentracing: {"ot-tracer-spanid":"5f8bc4c75ca72b15","ot-tracer-traceid":"32b8e1c4cc57a6d5","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 unbound.css
glyph.medium.com/css/ 12 KB
1 KB 20ms
20ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 363
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 68560e58ed83dfa9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Aug 2021 16:40:37 GMT

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 338 KB
97 KB 22ms
10ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3dd90bc7589e2dfce2ebb76fbbdeb3edb151dda0fc05cb3ce013b4058be34a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: vwWN0kmfZ1m3qb2jpcTs5aMPzkV18.Op
content-encoding: gzip
etag: "267771ff0ce9ec0abb02d4e8ef49b2b6"
x-amz-request-id: C00XGR1A6ZPS8C6F
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 7159
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 97961
x-amz-id-2: wwE5t5ZIbgrbsagy1yNMvxYkmM/coaeznQBejD2cAbiFA067GV4Yn0EnP1Kg/WuKp3K7Y9RMYwc=
last-modified: Fri, 27 Aug 2021 14:21:12 GMT
server: AmazonS3
date: Fri, 27 Aug 2021 14:40:37 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1*bry5HIDtIpONm_IDzSVYWA.jpeg
miro.medium.com/max/164/ 6 KB
6 KB 34ms
31ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/164/1*bry5HIDtIpONm_IDzSVYWA.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e544bd8d73fe98d8ba7a775515ae3f80b1dc3d63f6aaded903352e5bfd0dbf5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5682
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210610-161437-d086756654
accept-ranges: bytes
cf-ray: 68560e58fd91dfa9-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H2 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 33ms
30ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 35
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4168
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210625-142430-abd62260a9
accept-ranges: bytes
cf-ray: 68560e58fd93dfa9-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H2 200 1*u9RwN0668pjS1BTgAenrNQ.png
miro.medium.com/max/60/ 2 KB
2 KB 32ms
30ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*u9RwN0668pjS1BTgAenrNQ.png?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51041a29d93ea155720fb49ddd960a39b1a081d7d43a3d051c08bb620a3cb2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 118
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2347
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e58fd95dfa9-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H2 200 0*eN7KaUa3262blFJP
miro.medium.com/max/60/ 685 B
770 B 33ms
31ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*eN7KaUa3262blFJP?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78370f1c60ca7a80d7bc4052eedbb87ad1425f418730b2cf7b3922719001d752

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 239
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 685
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e58fd98dfa9-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H2 200 1*dWXd46iLkzgxdHyPYehR3Q.png
miro.medium.com/max/60/ 1 KB
1 KB 32ms
30ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*dWXd46iLkzgxdHyPYehR3Q.png?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e798695365aaabfbd6209396d2f2e565e367bd2d29a805358798bde076c9a4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 168
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1229
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e58fd9adfa9-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H2 200 1*62rghLij4Vr4jtvWcKmWow.png
miro.medium.com/max/60/ 4 KB
4 KB 50ms
47ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*62rghLij4Vr4jtvWcKmWow.png?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

023e4896942ae770c88c045d89d253862d0bb4ecb47adfc19be2d2702412af42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 160
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3705
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e58fd9bdfa9-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*V5nZgUu_PYCxtdhyiidLaw.png
miro.medium.com/max/60/ 2 KB
2 KB 106ms
93ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*V5nZgUu_PYCxtdhyiidLaw.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f2abdf9e9752867b58046f22000379a3c4da9c0f4a0536635972bc124a7854d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 443
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1537
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ce54e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*g285h2BnD--L0oJs_cdqcQ.png
miro.medium.com/max/60/ 2 KB
2 KB 56ms
44ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*g285h2BnD--L0oJs_cdqcQ.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8816dc8228d4e702aac7c2832e7617ffbdf7aecc865587b696d063f3ea93b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 149
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2002
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cca4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 0*dflPtZeZt2OPlrjE.jpg
miro.medium.com/max/60/ 798 B
1 KB 49ms
37ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*dflPtZeZt2OPlrjE.jpg?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ffbef1177aa861458bf509b1995d08c855a289b1dceb2928773815b1c7c27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 159
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 798
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cd94e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*sdwri3ewG0QVcwMgBM2ixw.png
miro.medium.com/max/60/ 5 KB
5 KB 54ms
42ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*sdwri3ewG0QVcwMgBM2ixw.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c56db5c125272d6c1961aec103670e022d01534cfbd4baa7ff3b595f9825ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 112
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4946
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cc74e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*cTV8ShHGUNSZSjeXlobd6g.png
miro.medium.com/max/60/ 2 KB
3 KB 106ms
92ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*cTV8ShHGUNSZSjeXlobd6g.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a903333a957f9311e1d51fb0064c219e1e0f578e36fa993d750a99d0f7fe697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 48
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2192
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ceb4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 0*QEIvjO9EsGcZEAQs
miro.medium.com/max/60/ 645 B
1 KB 48ms
35ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*QEIvjO9EsGcZEAQs?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ea4c5606f00ece39073ca2c52012151e25038242447053b13ac4f2021f0c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 97
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 645
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cde4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 0*C9MLlA3nfWeN5kOg
miro.medium.com/max/40/ 3 KB
3 KB 59ms
47ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/40/0*C9MLlA3nfWeN5kOg?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02a209d50a545e4955d40866065477107a19b3ba0f74f449ce3e3f4fac6b08aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 113
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2690
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cda4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*IjYYNH-Hdk2OS1r2Bpli_Q.png
miro.medium.com/max/38/ 2 KB
3 KB 54ms
41ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/38/1*IjYYNH-Hdk2OS1r2Bpli_Q.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7df3af12e866788eb580b7542e9e29e8bffe1c046eaccea8b019fb5c9d88097b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 166
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2305
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ce34e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*61QJJfD0qkcuWbIAo7y0PA.png
miro.medium.com/max/60/ 4 KB
4 KB 67ms
54ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*61QJJfD0qkcuWbIAo7y0PA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d5fdf94cc9bcce6d26f71f0d82b4e925e0ca901df59c1d24d7d911eddb0cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 138
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3677
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ce04e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*RlD-7L_z5RnXAPaonz3LfA.png
miro.medium.com/max/58/ 5 KB
6 KB 61ms
50ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/58/1*RlD-7L_z5RnXAPaonz3LfA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6d130d8f196bb2c14843b9bd09ca0f6eb9c826133a4451082927aba4f40f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 145
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5548
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cd14e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*fTD2aXnSkh1IjwhVvOhOwg.png
miro.medium.com/max/60/ 2 KB
3 KB 45ms
35ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*fTD2aXnSkh1IjwhVvOhOwg.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9426d07320e3f576a16016df14965aa352eea15b901f44f72187ae8c4d597c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2520
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ccd4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*ODRelg7s5_qtrHoHLkTSkg.png
miro.medium.com/max/60/ 3 KB
3 KB 304ms
291ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ODRelg7s5_qtrHoHLkTSkg.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042e4e303b7ad0b97a172aa37962c7f649c1afad771dd31f8e7161744d84cdff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 141
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2939
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ce14e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*rCHyIaUk8a7PX-olIw1NnA.png
miro.medium.com/max/60/ 2 KB
2 KB 130ms
117ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*rCHyIaUk8a7PX-olIw1NnA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edac038fa41b6998706870940e3dcb6a50bf6ff175cfd7e274dc1f096f9e1c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 80
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1663
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ce64e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*CvDtyvsgtYHqr5hn0IDEVA.png
miro.medium.com/max/60/ 1 KB
2 KB 64ms
53ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*CvDtyvsgtYHqr5hn0IDEVA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afed961ddb57f36277dfd3c4746651600913c0bfff3b3a498971e1d40d027351

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 100
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1510
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cd24e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*B3TkZ12vbMbvy53nsfM0hQ.png
miro.medium.com/max/60/ 2 KB
2 KB 64ms
53ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*B3TkZ12vbMbvy53nsfM0hQ.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

525519582b1bd4a7a793e91b793c4c727c4cec22ce14884f6ba4d3aaf6ded90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 130
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1565
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cd44e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*LBYvNwHoUyGoVxj4S_hgQA.png
miro.medium.com/max/24/ 2 KB
3 KB 80ms
68ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/24/1*LBYvNwHoUyGoVxj4S_hgQA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72fdaeca4c65e6655aeeb37b8b9787e1cef79a4e8b10cee34f64f6315cef91e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 108
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2253
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cdd4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/160/160/ 8 KB
8 KB 78ms
66ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d60f382ab7dcba7579cd2088e8f9ef61e63acbcf269626a9b081c54d9624cdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 49
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8074
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cdc4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/160/160/ 10 KB
10 KB 181ms
170ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ae1072afc293ec30101e3f8d4eee96b04952b8f21ac49df261e70ae69cafbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 93
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10240
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210610-161437-d086756654
accept-ranges: bytes
cf-ray: 68560e593cd84e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
4 KB 104ms
91ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae1c273ad638e70d8bf5fd973b10ca3396efd4296ed46d5f4f9fc0c89ce19a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 48
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3143
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210610-161437-d086756654
accept-ranges: bytes
cf-ray: 68560e593cee4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
4 KB 65ms
52ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d49f9d5f6cf0fe5e246dae163447d21a876c54cdf3da502fca7d95f2441a51a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3499
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210709-175524-eebd6c4731
accept-ranges: bytes
cf-ray: 68560e593cec4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*BUHZGPHsQM7JMD9O-_FomQ.jpeg
miro.medium.com/max/60/ 989 B
1 KB 166ms
154ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*BUHZGPHsQM7JMD9O-_FomQ.jpeg?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f858ae42dc95fa7d296a95b414952a71bc640985593fc83a5ecdbbafb9a9525

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 989
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ce24e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 0*K_bitThKJP5I7YN9.png
miro.medium.com/max/60/ 5 KB
6 KB 303ms
292ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*K_bitThKJP5I7YN9.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4cd63175903f7de1128348f087273d1d0b50dec0d84b6d96d9595aacaab923

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5238
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cd34e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*2ifo7XGB-34qx2bksib9Ow.png
miro.medium.com/max/60/ 2 KB
2 KB 77ms
65ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*2ifo7XGB-34qx2bksib9Ow.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4a10cbffdbce76d8de099fabe5eaf5fe08c12fa86e846e34013f7597c716e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 57
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1978
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593ce84e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*yd67v8LbzHZQCC6poSeLfw.png
miro.medium.com/max/60/ 6 KB
6 KB 70ms
58ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*yd67v8LbzHZQCC6poSeLfw.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ced593854bb82c95cf35f22c421e3ada59d60b4c9292b58da914d4340139d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6076
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cdb4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 0*dE2uuj6qT87bIaDp
miro.medium.com/max/60/ 741 B
1 KB 77ms
67ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*dE2uuj6qT87bIaDp?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

074120e0ce9c1b6b278f30fbc208a1312ad9c87639665a2abfb86bdacb6bdbbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 59
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 741
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cd04e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 1*hn4v1tCaJy7cWMyb0bpNpQ.png
miro.medium.com/max/60/ 3 KB
3 KB 43ms
32ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*hn4v1tCaJy7cWMyb0bpNpQ.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68078ec955d9fe1ecbba1656e1f4469e2585307cfc1b5b993df6e56e5de3d359

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 109
x-envoy-upstream-service-time: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3059
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210625-142430-abd62260a9
accept-ranges: bytes
cf-ray: 68560e593cd74e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 0*PXiUyDtNl1U932J7
miro.medium.com/max/60/ 6 KB
7 KB 294ms
283ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*PXiUyDtNl1U932J7?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ff695f5b36586ec7fb3acc54730f33d4167cc2b797897bdec8a1654ee7d87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 80
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6460
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cd54e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 0*ThHM7bKiVVExIo71
miro.medium.com/max/320/ 15 KB
16 KB 57ms
44ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*ThHM7bKiVVExIo71

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d3263919f036071371394d7d4bdfa9715658cebab2cb453ec39383e5c902958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 196
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15590
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e593cea4e5c-FRA
expires: Sun, 26 Sep 2021 14:40:37 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 48ms
39ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4480565
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5928f62b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 24 KB
25 KB 37ms
28ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11610521
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5928f12b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 52ms
43ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626877
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5928f52b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 36ms
28ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626876
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5928ee2b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 40ms
33ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626876
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5928eb2b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 29ms
21ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11596143
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5928ed2b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 16 KB
17 KB 46ms
39ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5653275fd2234822f5aab4c7fb5bc5325e4991570295998f1ab5a83287c7f285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626876
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5928f42b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 charter-400-normal.woff
glyph.medium.com/font/be78681/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 31 KB
31 KB 26ms
26ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fefca2e39b0c80d4d1c9b40a41787df0f738a85ff142e5295f17b2e96711ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12040954
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e59faa52b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 31 KB
32 KB 22ms
22ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88a6fd9c0f927b6c6eb6a0333d8df738064c2f09458bb23064d319ae34f344f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10996848
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e5a1ac02b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H2 200 manifest.7ef8f5b3.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 37ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d62c45fc2fb98a30f520480ed1060f0000ec78a37bfa80103e7d7ff3930b084

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61682
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XMWGDHQ4K7G62N
x-amz-id-2: Pm2+/HAp0/3TEVFXrQqSdK0YvIvEaBwPZowt4IvnEJ1coZHN0mdL2at1s+7gI/eaxZAnU0Ejseo=
last-modified: Thu, 26 Aug 2021 21:21:11 GMT
server: cloudflare
etag: W/"4a6bc00549431fbb0b6b9980a0ea71e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: LU4bwwcpkYPNbYJf2P9ph8Q5sFXwjYgs
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a7fe3dfa9-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H2 200 9115.1a9358c4.js Show response
cdn-client.medium.com/lite/static/js/ 732 KB
228 KB 32ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

038262231160fee976d84fa8d1db80567769112008a892e0edeb76f6c1121165

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62378
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 9WCQMJXXDY7V1E5T
x-amz-id-2: yenI6fCJLrENlkqO2VHecbdeXoIeqtf9kfQS8Gz8dMYywh2HBIP47vsCHroQtTsLhkdCQ/i4JKM=
last-modified: Thu, 15 Jul 2021 18:50:35 GMT
server: cloudflare
etag: W/"3b5c778737b6d559ce5f7a8c478f6203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QAH5KPPE7VyycTXphMPwmxvbaI8QEy7U
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a7fe5dfa9-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H2 200 main.994b41d4.js Show response
cdn-client.medium.com/lite/static/js/ 826 KB
216 KB 34ms
32ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.994b41d4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d67ee8bdede3d1235705cc312c9c039d5e1dc94e77ca56a3ba07a944657b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61682
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XJQM3TKT2ZK5WW
x-amz-id-2: T4+pA3JCIifDCbLw4c5+Eu5uxKhtYZvbOKEMl2DqKgHWvdv76qvW3mm/iC3J/GAwYgMJtpRlEWY=
last-modified: Thu, 26 Aug 2021 20:49:50 GMT
server: cloudflare
etag: W/"719be975df51b62899dfb1005395f3fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Xb5L_YVIPDR4MJqO72QLWwBNcJmMxrqQ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a7fe7dfa9-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H2 200 5573.159bf40f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 32ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 316645
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: W5EH3ZWGCATAJ0JK
x-amz-id-2: uquA+D1mKTUgmaodaYFoBDYRFjBCghvQCPgGBuwnPNqPSgEh4m7aoHPDNWRkrQ4qGn6JNGvqqTU=
last-modified: Mon, 24 May 2021 10:33:47 GMT
server: cloudflare
etag: W/"285e9d718f6e570e00b30e966996ec1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: HmLCtdjGYWgk2SnFK4M0oX_6tJ50SNp9
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a7fe8dfa9-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H2 200 instrumentation.79ae5839.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 27ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.79ae5839.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d2ff27d2b587da629e4ff4aaae0eb0541e5dc2412152dd075034da1fda8c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 247299
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: J2X50Q7HDNZ71F3F
x-amz-id-2: g3zCkktcJ9ReeI1AFMqOpK9rRXz8/VPyIjAoes+rfGLsktOCaQ4+5Ia5zaq4djtv+mFDgoNGdEU=
last-modified: Tue, 10 Aug 2021 17:28:37 GMT
server: cloudflare
etag: W/"931f39d524b255713d926cc2783fa3b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: IhHmxYfBmiCWq8oF20hR2kM1bdZ6KcGr
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a7fe9dfa9-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H2 200 reporting.6471519f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 23ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.6471519f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bbacda37b119c290c184c6975dc0f9e7892a22c56bb572d70457e437484864d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 932357
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: Q0F7MQAAJVH2M7V8
x-amz-id-2: UGXQIw7HsYZm/FvYo7E+nq3jKishQRAFtyQb69eEX/C8myd/Yv4QrwPT9xzsKJnaEtF0J6LNuB8=
last-modified: Wed, 16 Jun 2021 18:41:31 GMT
server: cloudflare
etag: W/"69e0bbdc0c37d2f46b6be19732366a3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8sxb2msbxkYmtYsAbhhIRpG6q5cNmD6C
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a7feadfa9-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 8743.7d03a40a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
3 KB 21ms
19ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8743.7d03a40a.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af53bb392cf949de35ca399079add6d28e09d25b1b2072624fc78c804dfd607e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1206948
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4NZMDC7ZBPWAV190
x-amz-id-2: ZUBXr7aW3orcBv9ptMxd06/cdA70rnswZyRHz5tLoqeATx1Nzn0g6Z58R7d6IYzS28w8SrTe3Y8=
last-modified: Thu, 12 Aug 2021 22:48:49 GMT
server: cloudflare
etag: W/"936def59884aa62578af763d38ada48b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8K2WGzSspFykD7aJolN8XskVj5wges.6
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f7a4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 192.bd4f3aac.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 52 KB
16 KB 28ms
26ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/192.bd4f3aac.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ef36cd81a32a63c14214d2d7c45e0809be147e68869ea1a5c34feab6d207fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256216
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HE2JX0D3N0HFJWPV
x-amz-id-2: xT6Vc2y/IKRw13Y6mFty3zhTAW3P2KJtPdONsE2ViVDmlog8s5HQS1BU04REgDOv57Zc2bimVW4=
last-modified: Tue, 24 Aug 2021 09:09:56 GMT
server: cloudflare
etag: W/"4f1fc9f3b20e7abf2d4dbc3787d5b3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jX6yBDaCpbGvooQJEN_NBjoQ6c8IUs.m
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f7d4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 2018.cda2d533.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 27ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2018.cda2d533.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80822fa48ad371fcf8ee70251a00651a367ba539273ff7e5b2ca639dd33bcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770886
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: TWMY5CZYZ83GGSGS
x-amz-id-2: lYozncTulc/BHm66dCpvSwEQnzNedrRJe34fIsfr+cC90MpkHdlsy3Gu3qZxT21rakq6XDUn1GQ=
last-modified: Tue, 17 Aug 2021 22:56:28 GMT
server: cloudflare
etag: W/"3621e750a188b1d8d3551f5e4f14ca5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 9Qg5w2LycnY2p2.IpNlQkjayiNAiJLCG
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f7f4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 1645.857c77e3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 41ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1645.857c77e3.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3207bd24557fefc2773c0bb9d388545f3666a14bf86abe03f10f95272ca24b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306402
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: X6J2114PBMSE058Z
x-amz-id-2: g93jYna38ZY4eXNioFYqZ9NwWZhAGAVg3srn0B6l+39WUry39VYgNWVrKhZ0hl33hq7JygrL7rg=
last-modified: Fri, 30 Jul 2021 08:59:41 GMT
server: cloudflare
etag: W/"f2fa2a66ec7e88ed7e1a395be45b7761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hfMcSOG0aubeZCLFwQh.77Bn_Z1X1dNo
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f834e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 5526.c36a87ee.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
7 KB 32ms
29ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5526.c36a87ee.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6550693dadb570fdd94da3996a0887c68d4d291c0818f1528d1a7bc930d8b869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 321801
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 81XH278PW6N0PAFP
x-amz-id-2: 3lDO9y4UvL8/tRjZu2spqcmLlLmUToiFH24AoAV1vNJIZieNqiqGCBbL49a7P0as77vwa4uqcBg=
last-modified: Mon, 23 Aug 2021 20:31:41 GMT
server: cloudflare
etag: W/"761eda416058e1944cd688fb8a540df1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PW9bD0uYWuHd8da6Vje7AfFWyX6jId0x
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f864e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 3930.c5902e0c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 27ms
24ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3930.c5902e0c.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fcdf1b9c29d79fa8679eeefa1573c239bc5bea4dd2eed064fc6e2a0d1c97f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306414
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B1CNWTWTNN7QJ84F
x-amz-id-2: JSd+QrBUwpEmhcSYy4DvM1h7ZQW7sCMrt74GmEqXXZ+c3mx49RTBMAiTPylkbzBtnlRhNAwa0EA=
last-modified: Tue, 27 Jul 2021 23:29:34 GMT
server: cloudflare
etag: W/"523e01f518bae7c704faab27ee48575b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: g1rcqxHIKxADWbGA9ykroZlFG2mBSbal
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f894e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 1034.cb1bb58c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 32ms
29ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1034.cb1bb58c.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0393d1706ef05b8c2ae9f12bd4d71aba8affbebee2dfa6fccba81b86e2e725ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 574165
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 16ZWNDS0ZKECC6WH
x-amz-id-2: gL30UYJPvbHtWtva58jlsO8AcPNHFFgOFgc3dYAF16aPdrOEJCQjy/B+wNXjKG7Svgclz3aPdXE=
last-modified: Fri, 20 Aug 2021 22:09:42 GMT
server: cloudflare
etag: W/"a7bb87785e9280af04400a0e4409f139"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Zbokbg3pt9AMIsmxs9O5YuopwjfoIeNh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f8b4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 9088.6b836eb8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
1 KB 27ms
24ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9088.6b836eb8.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a1af335c12488ca849dbabfc6192f0710ff328f926f54859c4793b581c649d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 772129
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: TWMQP6NY1SHV3H46
x-amz-id-2: P6Glpy6KRMo0jPg/5Uo6AHlIXNoiUl8McJmmF2B6Ufu0JUPID/ZYdV2VnK5NZApz4twljuxMB9E=
last-modified: Tue, 17 Aug 2021 22:56:34 GMT
server: cloudflare
etag: W/"2d7e927dc8d9968ea009006e3c4a2993"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 1Y1mE1VEkn6tHmek0cTp8N4rqJYM57uz
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f8d4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 4822.2cff56f2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 24ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4822.2cff56f2.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac7c08c637f489dd02b2d3a6ff4aca3c7e038a920e39a685f07f81228c419a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61682
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XGFSKYC5S40R8M
x-amz-id-2: OugIBGwL14zWp/fJfeBV2X+FbtWTUvlKzHeS2DDoDtMXToNvmZD8tToNvgkU2qKwZeAZ8ELUTA0=
last-modified: Thu, 26 Aug 2021 19:50:20 GMT
server: cloudflare
etag: W/"42119393de9a3fbcec2f40d20813d412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PDl9j6B.v0J0qnnnUbA1qIYrx0RB8HuO
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f904e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 1661.8bde4f1f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 39ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1661.8bde4f1f.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2c52d005eafc6341d3d19a7a8a05ed649686c6881ab62155ae95d4618adf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61682
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XH0YX9ZQMX1900
x-amz-id-2: m4hqI7pcnVQC+f/M1CpVEdlgbpazOHscr46K+k8TigTmVSwWhLxmy66zyQFZwNJce8WM8ql8A6c=
last-modified: Thu, 26 Aug 2021 20:49:21 GMT
server: cloudflare
etag: W/"b1c0813455329a225ee442b32731cb6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: MYC7eSjw3Gv0b9pmI.sZjrOlPHWqvQFf
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f924e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 1801.5518e725.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 23ms
20ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1801.5518e725.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499d277272839c165137bbaf1609abf7d5347654872481e6577ba16b992e2bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61682
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XHN9ZCDHX0D6AZ
x-amz-id-2: /7gX2YCX9mjnVIQltelx5/0JUd29HWAEtOdWmbxavEZWmLO8V9FaZPo7YeBec/x2Mn35J1qHD+w=
last-modified: Thu, 26 Aug 2021 19:50:16 GMT
server: cloudflare
etag: W/"a7e7645ce354df36d07de97a9db0b4fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: dkwVyJzhMR2V1Q4uXlf9b.kU9ffa8Mny
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f964e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 233.3f1bf597.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 25ms
22ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/233.3f1bf597.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5748a354a1c79fdb238f56dde081004de39bb61a52bd74676e036f3786db9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84631
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: M1D460CJNMXJFR3W
x-amz-id-2: WvD2dY5ACVaoaPwLHGxxsdImiqDEfua4ZYyzRfXl0EVXo7qo+Jfo4ER0XaYKm2/tvIrieHPsTZA=
last-modified: Thu, 26 Aug 2021 14:04:48 GMT
server: cloudflare
etag: W/"45a93362ee195c63f33996b087f1f70e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 0DB7e2k6wso6Y30mPNz3kNDMiOdlVA_v
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f994e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 2547.e8742600.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 24ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2547.e8742600.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e83c6b0ea99b4caf907cc41097879e6edc6ffd49cfe6266275abd3bcf771737c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 327647
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WGH530ZCK53MDGAB
x-amz-id-2: g8Z3KW7EeaIUsMOMKKvQvw7/3LFx6oQixwhB8+NggASw1QHDkR2j+A1knOaWkjHVcXuP0KTqFOg=
last-modified: Mon, 23 Aug 2021 17:29:14 GMT
server: cloudflare
etag: W/"634669d902b0fa87308e25ba23f201c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: XOnHyyNYFwPkhDM11CZDDyCIAUVzEzQ.
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f9c4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 7766.5a9d116e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 42 KB
11 KB 52ms
49ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7766.5a9d116e.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6f7776d9114c66723e5c20fb977343f5a94c7186be3cd5a9e921522e73522c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228805
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: H3RYSSR6MXR8Q0N8
x-amz-id-2: BulkmCCZ5hGxesdLeP0aKM4GI+gcb5mCGKSgOxYwIA9jHSOgc/ztP4olIfch8mDz/LxTJ/X4rfY=
last-modified: Tue, 24 Aug 2021 22:06:19 GMT
server: cloudflare
etag: W/"6c9097540f2871e59d12f2f8330e5d59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: .7d7QLFsuuFWQpCSYU6SbU2vLpi_GMRp
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9f9f4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 8548.c16341cf.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 37ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8548.c16341cf.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b609bf586cb8e62af2f3267bbaa50c9f11d7d6e86e1c84e2eecfbc2be949ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 327647
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WGH8SC4QBKFDV4Z9
x-amz-id-2: Z6n1/1kDon8f2iWzV15aEGo7KBEyi36N7uM7ftinlLYKQVbVCtzjXVHTtoOAvJOd2UsAXM3m1bs=
last-modified: Mon, 23 Aug 2021 17:29:19 GMT
server: cloudflare
etag: W/"0440a28543c8a321858e2a5d2f4ab748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jTPqm0K2BoBJEteItKLWNsyzZVO0K5DQ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fa04e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 2382.6222239d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 27 KB
9 KB 32ms
29ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2382.6222239d.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6df94cc15c64e450354bf62f7de16c8dc4b0de88d2ff220c2eebe5ef953b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256216
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HE2HX943YR1RFSQQ
x-amz-id-2: 6meXpX37gcP/PygHl6AB8A/uNOsFTssXnExbLQnpFNiHTFx9Mc0lWSR1So6gAZ5kSF9aqCb7Jj0=
last-modified: Tue, 24 Aug 2021 15:18:17 GMT
server: cloudflare
etag: W/"15152b42d192dcb833b8610e94a0d3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: AUcuwIVJo8.8r4vBikFfDnNfmr4ORyVj
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fa14e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 3521.7b571f2d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 32ms
29ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3521.7b571f2d.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389d660ad6302843f61ead3441874022a81cc38678b5d0bf041897e376db4d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256216
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HE2PX4VX1WDDT8QM
x-amz-id-2: ewnAElXYPP51IcBzx+7bBEzl9J4F3B2gzMGDGIBXn+peP8lLg1HvvH8btesGfiei95ALxa1pNVw=
last-modified: Tue, 24 Aug 2021 15:18:18 GMT
server: cloudflare
etag: W/"2be26c5818226d5e9617fae95d890b12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: .D30YcAtl19XKpnTL7rR.HvN7ZrbaT3B
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fa34e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 284.5c0cbf65.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 60 KB
19 KB 33ms
29ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/284.5c0cbf65.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a551671d29fb4718e5697b374fc9d0ab5f362651fb03863a6fe57a8a29ae9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 232331
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4VRQFD003NAPXJN7
x-amz-id-2: UWQDIQDWBXGM6hy9SCjaOQLPWrRfp7tZPQlL6wiGK5uN/0OaRCPNx7aj+3nx3q/fR9k/4KOFYno=
last-modified: Tue, 24 Aug 2021 21:56:46 GMT
server: cloudflare
etag: W/"c6ce4175be51298732674857bb320789"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: traw8MMWidmC5lZzhC74sf0gtEaca743
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fa54e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 3673.914f729b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 40ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3673.914f729b.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c4fa2b831a9d8a8d76c356c37f51a8c564fde548e73088dcd3627363d98d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 772129
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: TWMMVYJ9MJ571280
x-amz-id-2: u6o5miR+kpyj/CDFsuqGaPsJzP6Ms06iG1IgA6dL4PnxsBk16voAMZZhqmjXr3L+tTwj0GTgIP0=
last-modified: Tue, 17 Aug 2021 22:55:21 GMT
server: cloudflare
etag: W/"e35219bec27324510fb4186a944b5077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: z8cs.fo5ah.ZtAE8riudhOdBKa.jRZDe
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fa64e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 7883.e324030d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 47ms
43ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7883.e324030d.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3903354e40a89bc08ffd179ce96dc3dfe7f3603bfaa1f52982045573b32c40bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284922
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: G4JJTH8CGZV4Y7Q9
x-amz-id-2: Dfg28nO4QGLmEwFJD0l24pqrirtw05AVstWMGoTfAYzBD/CauFTCcoifQbpDzibFX8/UB4rIMmg=
last-modified: Mon, 23 Aug 2021 15:58:51 GMT
server: cloudflare
etag: W/"4de031117e444a226f3f000fd57e0c02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 63NAyQdWbi0sN0Rap1TcfEcjRfuXxOw4
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fa74e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 8886.cfbe554f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 41ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8886.cfbe554f.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8d5b9f74625e511e3c8d63848e7a54c98016daed84f8df3bc166368586afa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 574164
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 16ZSD6WQ4QS93P8V
x-amz-id-2: zb9NWrod2w6iFs4ffdtaU+mgbDShWCkw07xJkPUzUdF5bq3nhqmmcNxyXVXDHf6LqYd8j9wVL6s=
last-modified: Fri, 20 Aug 2021 22:09:48 GMT
server: cloudflare
etag: W/"bad81cae8a761510d8b321ec18487aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jC2fjNgjas4N8HxT6dJJMlTQRnKnnwJ0
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fa94e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 1334.9f48b6f9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 29ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1334.9f48b6f9.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5388efddd16e46845ff6bc0b750d6273ee98feae2dce22044c0019336019c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256216
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: ZYY2T22JMBVA1BKS
x-amz-id-2: t+JWQ1G6imO5VW/n/qgd37gGMyaEzjHxxSEye8YW6fyF3KnDjgY+L6WdheZFztrB/sb+wuFwCHk=
last-modified: Mon, 23 Aug 2021 22:24:56 GMT
server: cloudflare
etag: W/"061f34b24a9823dad6ce4c20c2a5371a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: HL_msvZD7dBka0Fb5tYDffxkzTQZK2A6
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fab4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 2796.096c850a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
2 KB 38ms
35ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2796.096c850a.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830f40ef2a3e1b3f6fa8391cc6c93d8ed19dcc454398596ec98aa2c6ebef48bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228805
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WMCZHFNQ8YYJBJV0
x-amz-id-2: OK0V/Vo9w3XD5N39zQvBiIv5zSIp4rWbsRC/sidoEOcFa/BujBdJY2xFTIcqs2OUw6ej3Q+4hoY=
last-modified: Tue, 24 Aug 2021 22:06:15 GMT
server: cloudflare
etag: W/"b0bb01ac70b4fd8a0d891526f29379eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ARdra2oSJdJHZZnZoXCfUdf_CCf3LTW.
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fac4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 4824.6b3e6b44.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 33ms
29ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4824.6b3e6b44.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d8aa4689a04989a7698e498bc9d2b842b15742cd7f6710017620cd5c0ad22ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 103661
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WSTG98916TWKZ2JM
x-amz-id-2: ujqppIdHXzTj/dT0+jYMLju6steAU3tFqReU7PysVbb/JLTW3zKCpLSkJ+gpdML/hOadOlCZuxA=
last-modified: Wed, 25 Aug 2021 13:53:05 GMT
server: cloudflare
etag: W/"278ba5b435ac605d83f57fd2eaa62ee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: YRQFA5Djzmyv4JskZIjtJVVOVb3QAlCM
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fae4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 9972.26470b0a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 44ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9972.26470b0a.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ce16af99f8a960767cf02eb3e2a0c55b201717d5eb340ca5e278a46cb67661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1028595
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 0GK623R94MWXM07C
x-amz-id-2: 5iVZc/XLUE312vye3HxLqNlSPwlWIDG7UkPPihZ/IoUQfvsz1MHAQldLH5lC/ZQivWMjPliNTY0=
last-modified: Tue, 10 Aug 2021 19:21:00 GMT
server: cloudflare
etag: W/"15d31b767f97e3e3bb1a8dfd0487c404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: _IvxDCIDoxpQwW3V1ICnh0pCORcUIH0_
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fb04e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 1743.f8cf1ba4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 48 KB
16 KB 33ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1743.f8cf1ba4.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f724cafa4496101c379bed8a55779f79605e2c99fa027fa7d3217177abc00193

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228805
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WMCH4TXWME47N586
x-amz-id-2: BSH7wo9GloNY7j38vpwozoaBpt0vk1+b51cvBxqkMhq+eZ4V8UlhOXgax597a8NapqLfQNzqgC0=
last-modified: Tue, 24 Aug 2021 22:06:14 GMT
server: cloudflare
etag: W/"8cf2b8a01c3976ec8e8ef9e83878fcbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Htz.OdRDO.b0dz_.UHNOm7aYrFrwfCWW
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fb14e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 3179.ca7a9e77.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
6 KB 41ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3179.ca7a9e77.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103c8f4bcf8bffd0fea54ecad915230d6025023083349a94e5e32ff50c0b96f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 240980
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: M1NCG9YXY4YCEG11
x-amz-id-2: 2HPAoX+pzZg1gqw1wFHz1v5TWQoTmd/rZfABarurHrgrMDUMJdtv2SLFpz7Ig2Urcd/1f+1ozIs=
last-modified: Tue, 24 Aug 2021 17:38:51 GMT
server: cloudflare
etag: W/"eb1211b8f96bfff7eb555a987d2f398f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Ew7B8.WqI4JfP9cjtD.9Y1fUb57m3tTg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fb24e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 5285.4e75ee33.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 41ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5285.4e75ee33.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143be9b55563d57d3e4601b0281c8c5a6c698e8336841433f7f5f959605e2e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 545817
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B32DNYKS86E601NP
x-amz-id-2: AKV1pPOzYEVYi4DUNjlnOm2kZ44Al2wQfqfXV9Ur3WDER7W+y9C+9sZqnyixRPgKgS9nsoybqi8=
last-modified: Fri, 06 Aug 2021 23:56:45 GMT
server: cloudflare
etag: W/"04c5ee41730f353b1d05069bcd871516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: pUrFPUFmPXHrX9Bl27jtechGfL6tmoiJ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fb34e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 176.d220b053.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 44 KB
13 KB 42ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/176.d220b053.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b891f3fd101f913d6c2d42b7dccce4d53d33e49d733b8f4774a6559bb534be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228805
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WMCS88J4X7T996E4
x-amz-id-2: vGT55wXw8CkjlZrU2ETG8zQ0cPDVMqDYpWiqLTWJma9RBfWYfYermgvxc0g+JWxBZrVtO8ZkFcw=
last-modified: Tue, 24 Aug 2021 22:06:14 GMT
server: cloudflare
etag: W/"24d642e038bd318427fd27f526d90575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: a7PcCP_gZr9PQ8ON7BLwAgQDxzOGl8zf
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fb44e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 5231.717f8f99.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 81 KB
25 KB 44ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5231.717f8f99.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd520777ff12430259aea76eedc236888374a44fe25dc771b5abc1616794186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 232325
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4VRS3M19VN7W150F
x-amz-id-2: mKAWQV+lF4C+F+jJK6WfNuEFEdCXykoKMlGQSoF6ZM98qEmqODyInNfkwTjEbwaH0L92dpXf+BU=
last-modified: Tue, 24 Aug 2021 19:47:54 GMT
server: cloudflare
etag: W/"57722078cd70cdf6b02eb3cda1d11496"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: kPD6XlU3Vd1qTv95x4zWqIeZ9zytUZzC
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fb54e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

GET
H3-29 200 Post.26d06aa9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 44ms
40ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.26d06aa9.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

111cac9ce607d1b598d07b88659f6145cdc1015153fc3ae036c98f37eb9d5a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 240192
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6ZZNRZB5B7KPA7GG
x-amz-id-2: 7sskV5YLD896/1+fPPl2UrYVWsAt0xighHmIZx6HLb70YJR+SlhSaszAylJNH5D+e/pa5wvGt00=
last-modified: Tue, 24 Aug 2021 19:13:32 GMT
server: cloudflare
etag: W/"3ca948800e027dc5381ab50cc28a4b83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: NQY70N9TASbAoON8LSbeLRg7S9QWRRht
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e5a9fb64e5c-FRA
expires: Sat, 27 Aug 2022 14:40:37 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 141 B
455 B 221ms
221ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5d03b4009d8fe7e7e1e01abe936456448f3eaa1041083759b5a1ff25c9ab4ba1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 195
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"8d-yPNOdJ2q+4IpwFRlf/8LXqMhZeQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86
x-envoy-upstream-service-time: 106
medium-missing-time: 0
content-length: 141
x-xss-protection: 0
x-request-received-at: 1630075238072

POST
H2 200 graphql Show response
doublepulsar.com/_/ 46 KB
9 KB 765ms
765ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ab66d537424af570bf85c12629c8436512b42248cfd44c2bd55dbc1579dbdc5d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 5278
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: PostViewerEdgeContent
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: PostViewerEdgeContent
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"b716-4fl4996sPMXeriyupxaml9GdvYM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 642
medium-missing-time: 70
x-xss-protection: 0
x-request-received-at: 1630075238261

POST
H2 200 graphql Show response
doublepulsar.com/_/ 443 B
785 B 272ms
272ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4bf2ea6861499e938670354f17dfb7fc4aa5447e4ba95a2194caa52c01f3cfb0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 603
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: UserViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: UserViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"1bb-dnEE0yA5U7SVsNFpsZMru/XiXTU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 143
medium-missing-time: 0
content-length: 443
x-xss-protection: 0
x-request-received-at: 1630075238269

POST
H2 200 graphql Show response
doublepulsar.com/_/ 395 B
735 B 243ms
242ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4d957cb1b09dbcee7ebcb0d11bfe0dfe14a8a4c56004ddc852e137cfb716545e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 599
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: CollectionViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"18b-VmdFf/4p1sIobsXAbV/BdNxVW3Q"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 121
medium-missing-time: 0
content-length: 395
x-xss-protection: 0
x-request-received-at: 1630075238271

POST
H2 200 graphql Show response
doublepulsar.com/_/ 181 B
521 B 220ms
220ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

539ff8edffa9c32c76ed635255a9e54b6365fa17b678a7a7a20764d4a2d3147a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 311
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: TopicViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: TopicViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"b5-OPDzMwmROpNWAclJhhHwHfC/05Y"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 97
medium-missing-time: 0
content-length: 181
x-xss-protection: 0
x-request-received-at: 1630075238272

POST
H2 200 graphql Show response
doublepulsar.com/_/ 281 B
621 B 292ms
292ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d1a00ac7a95eb9d35624ada3ab48f69a42fb0b64330877497d2a215b6fa574ec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 451
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: PostViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: PostViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"119-0kmpo/G4LARXbtoDDwGiMgylqi8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 173
medium-missing-time: 4
content-length: 281
x-xss-protection: 0
x-request-received-at: 1630075238320

POST
H2 200 graphql Show response
doublepulsar.com/_/ 208 B
550 B 251ms
250ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5ffcb7f577dea6a747ffcd54f53d0a7e08dd9b48982411524af847f10c8bf68f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 547
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"d0-Bvgz5GyJQ356+jHGC/CzL1vpuWA"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 135
medium-missing-time: 6
content-length: 208
x-xss-protection: 0
x-request-received-at: 1630075238459

POST
H2 200 graphql Show response
doublepulsar.com/_/ 208 B
548 B 266ms
266ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

aaeb4029349a9e62f4f2d1d4124d5988f8c7582ee90f161ae494620bb234cbe9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 510
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"d0-SkWB9n4epDmtvyMSwlADT5iB9QY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 150
medium-missing-time: 2
content-length: 208
x-xss-protection: 0
x-request-received-at: 1630075238459

GET
H3-29 200 8342.6aa0b45e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
34 KB 19ms
18ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8342.6aa0b45e.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 310244
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XZ1MCW81DYX4XYRA
x-amz-id-2: JBq2v1mt0X2gMH7anuTD0L29hBl6YEbcNFuFx4UcXyhBHZAwmrTku09UuVijG7UrHr9mRGJu58E=
last-modified: Fri, 14 May 2021 07:49:57 GMT
server: cloudflare
etag: W/"5daacb41c4e6b401be87ada016250ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QtuMS.aBLj19jleyzZwgHGYQHQ8_ziQc
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e609bb04e5c-FRA
expires: Sat, 27 Aug 2022 14:40:38 GMT

GET
H3-29 200 5402.a7b8fceb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 28 KB
10 KB 16ms
15ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5402.a7b8fceb.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe20d15189023af0455c9c6ac8f7e03ec7c42a2b8c794c141919951ea7ebd335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61681
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XR0QVABB9H7QKN
x-amz-id-2: ui3sDlfBKjMUHjYygfTfD8Wq/zshrYIg8WVzOA1Udn00MznU0ju9eg6I/GOCy6Iy91VjK/dHvoQ=
last-modified: Thu, 26 Aug 2021 19:50:20 GMT
server: cloudflare
etag: W/"d3eb9f530ff9cd082432ab1c8f94ab55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jA49vMNQvVfbDZJtP6J2_3t5Tcy_XRsm
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e609bb34e5c-FRA
expires: Sat, 27 Aug 2022 14:40:38 GMT

GET
H3-29 200 9590.e1dc898a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 50 KB
15 KB 20ms
19ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9590.e1dc898a.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96be4a55208ca0e90dd710cc6eb9f4b612fe08c1a9d08a4a2c81ba1253488b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284873
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1386RQ6QVA9NM4FZ
x-amz-id-2: BNiopad20V2t8oC3Y/AGpV5L2W1dOGg1/4YMwjmergyO/TBb70z34bAccHyfZMlQfBS0IiACfh0=
last-modified: Mon, 23 Aug 2021 16:37:37 GMT
server: cloudflare
etag: W/"4797460f196378b05736df91276418bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ZLRuWfyfXz_JRiyLROmjSHK47Tscx61k
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e609bb54e5c-FRA
expires: Sat, 27 Aug 2022 14:40:38 GMT

GET
H3-29 200 3913.ce667336.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 60 KB
19 KB 17ms
17ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3913.ce667336.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a94e6849b61a757cf02abe1a5b7b55f869d14cd3dcfa91da02141fc849df0b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284873
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1388V1V67J8PQEGQ
x-amz-id-2: VStgJxACkHptfgEpT4QWK2ndvoC6GUt2wRZO0QmGh+M3P9ikkaAvtLkAzEHsuGjFEbWr0/r0PGw=
last-modified: Mon, 23 Aug 2021 16:37:34 GMT
server: cloudflare
etag: W/"770008cbfaab302d911ea7f49dd60982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hLIX6ks3p3.eNjd7lXI_C2Vs2dZnNZGd
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e609bb64e5c-FRA
expires: Sat, 27 Aug 2022 14:40:38 GMT

GET
H3-29 200 ThreadedResponsesSidebar.b4b24dc4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 21ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.b4b24dc4.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

904397f76a8b5003581d647a59b7f0c48820e72692bae32f62faa78d9d08ece0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 369575
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PAYY82KBF9445XTF
x-amz-id-2: NBotOpydCg3BY7t3KyMN0XVJnQ/WhoyTsejT2bJA9oHtlZOVZ9U9rjeFnPnMaWBTThS/pwPkCyk=
last-modified: Fri, 20 Aug 2021 16:01:38 GMT
server: cloudflare
etag: W/"3deb3f7ac0f5b502877a149f3f580bed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: n1elk1RMi_Uy7j2PA3HQMs3IWHzbnXEk
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e609bb74e5c-FRA
expires: Sat, 27 Aug 2022 14:40:38 GMT

GET
H3-29 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 31ms
31ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

685ebea4a8c71de75cf3b4f8c51d8ca871eb2edfbe2b5ae36c2becd2b22c4629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306338
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e624b862b1a-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:38 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 94 B
433 B 249ms
249ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0edebda7c824603f9d5502a48e012b991c04985cdf27360b157dc3ef2214e2ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869; dd_cookie_test_c985adf3-8964-4cec-900a-0cc3fad805b7=test; _dd_s=rum=0&expire=1630076138576; dd_cookie_test_a9ddb552-d738-40c7-8382-0bb217fb788c=test; dd_cookie_test_f4b32580-67c6-4b7a-91b1-90eec457fc35=test
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 5605
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"5e-UW74HFK6f2lqS7izUUVo2HGVz/M"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 124
medium-missing-time: 5
content-length: 94
x-xss-protection: 0
x-request-received-at: 1630075238918

GET
H3-29 200 0*eN7KaUa3262blFJP
miro.medium.com/max/700/ 39 KB
40 KB 22ms
21ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/0*eN7KaUa3262blFJP

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8942b90f53f2c2ab0836230b85c3055701e5ab9b3439b0fa4c7bc0366d400e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 357
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 40443
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e6349814e5c-FRA
expires: Sun, 26 Sep 2021 14:40:38 GMT

GET
H3-29 200 1*u9RwN0668pjS1BTgAenrNQ.png
miro.medium.com/max/700/ 115 KB
116 KB 28ms
27ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*u9RwN0668pjS1BTgAenrNQ.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf1d0212a4714b3f473779b2c0bc89ecc064414c86ae363d83b0033c9d1f74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
x-envoy-upstream-service-time: 45
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 118125
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560e6349844e5c-FRA
expires: Sun, 26 Sep 2021 14:40:38 GMT

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 124ms
123ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869; _dd_s=rum=0&expire=1630076138576; lightstep_guid/lite-web=1d0843d804322e57; lightstep_session_id=18005a0457689c96
content-length: 194
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:39 GMT
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, clientele/main-20210818-220841-79e497bc6b
x-envoy-upstream-service-time: 8
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 121ms
121ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869; _dd_s=rum=0&expire=1630076138576; lightstep_guid/lite-web=1d0843d804322e57; lightstep_session_id=18005a0457689c96; dd_cookie_test_8c2ccbb9-da57-41ad-9eaf-3a7a307f791b=test
content-length: 220
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:39 GMT
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, clientele/main-20210818-220841-79e497bc6b
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6515
date: Fri, 27 Aug 2021 12:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 27 Aug 2021 14:52:04 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 39ms
39ms Script
text/javascript 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss------cybersecurity-5&gi=21b2a64cad0a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 127
etag: "494b4c270c41c5456742136e682b1007"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Fri, 27 Aug 2021 14:38:32 GMT
x-amz-cf-pop: ZRH50-C1
content-length: 23861
x-amz-cf-id: 7n58mRDM6TfGWhropnS0JL-b4QB3k1HPCFxKkZP2tcfm9DT2bniruA==

GET
H3-29 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/135/ 4 KB
4 KB 18ms
18ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/135/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971c28b0d1f472873001dc7dc6a2cccb67ae422fd00cd6a12e753fbc1ff1e2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 90
x-envoy-upstream-service-time: 104
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4048
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 68560e686ca24e5c-FRA
expires: Sun, 26 Sep 2021 14:40:39 GMT

GET
H3-29 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/135/ 4 KB
5 KB 19ms
18ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/135/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a16399be3dd5a77dab492b09571656ea17bcab138b1422484312c761aecbf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4354
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 68560e686ca44e5c-FRA
expires: Sun, 26 Sep 2021 14:40:39 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 208 B
549 B 210ms
209ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5ffcb7f577dea6a747ffcd54f53d0a7e08dd9b48982411524af847f10c8bf68f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869; _dd_s=rum=0&expire=1630076138576; lightstep_guid/lite-web=1d0843d804322e57; lightstep_session_id=18005a0457689c96; dd_cookie_test_8c2ccbb9-da57-41ad-9eaf-3a7a307f791b=test
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 576
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"d0-Bvgz5GyJQ356+jHGC/CzL1vpuWA"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 95
medium-missing-time: 2
content-length: 208
x-xss-protection: 0
x-request-received-at: 1630075239828

GET
H3-29 200 responses.editor.1db6aecd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.1db6aecd.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d9552c1a8a70745378143287ac280762bb3a0bb1f338157d4d1c2b96383b563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306230
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PAYG2E7JEN12TKBP
x-amz-id-2: j4H31BdSgNacdzt2rZi1AiRb2Bn75YDg83Vln4NPrNzF7rJKdMzdqIwIzhQioMKXS3fICp1NIow=
last-modified: Fri, 20 Aug 2021 14:33:44 GMT
server: cloudflare
etag: W/"ffc07db1aa2d1688216d374167949218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Dz5YOwqhcOGy3u_s2XH6oBKfek607CgG
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560e696eea4e5c-FRA
expires: Sat, 27 Aug 2022 14:40:39 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 3 KB
1 KB 471ms
471ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd7436e1b6af2682060e21ec5f44e3932a963bb8c847db895de7bdd5941ed487

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 63a6ce4312a135f4
cookie: uid=lo_8d32b424d869; sid=1:gUQoO0TcXZiJqtUZtO5lTjGzSsRHPenulGz/DfZX1XYwuknvfwp9KLMFvMsPbKqu; optimizelyEndUserId=lo_8d32b424d869; _dd_s=rum=0&expire=1630076138576; lightstep_guid/lite-web=1d0843d804322e57; lightstep_session_id=18005a0457689c96; dd_cookie_test_8c2ccbb9-da57-41ad-9eaf-3a7a307f791b=test
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 7136
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
graphql-operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 67b7ed8641f7b0d5
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Graphql-Operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 63a6ce4312a135f4

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"b04-P7i/wN6dCkDHmjx3PA0sfmg7LSQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 338
medium-missing-time: 18
x-xss-protection: 0
x-request-received-at: 1630075239988

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
87 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=977882535&t=pageview&_s=1&dl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&ul=en-us&de=UTF-8&dt=Multiple%20threat%20actors%2C%20including%20a%20ransomware%20gang%2C%20exploiting%20Exchange%20ProxyShell%20vulnerabilities%20%7C%20by%20Kevin%20Beaumont%20%7C%20Aug%2C%202021%20%7C%20DoublePulsar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1636143027&gjid=1455388442&cid=1674372570.1630075240&tid=UA-24232453-2&_gid=171860764.1630075240&_r=1&_slc=1&z=559327756

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Aug 2021 14:40:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doublepulsar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 90 B
561 B 170ms
170ms Script
text/javascript 2600:9000:2190:7a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:7a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

2b0701c2ca76e7d640a4158f75d2acd5d76fb8cd89c144dc1964f4dc70eaee85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-1lsbtPd5j22eAhS1qugjGhfUUw8"
x-amz-cf-id: Z_LVZKsulGWTZkQmGijDwa3LyNA6HwqiayfYykSiG0NSZIrC8-xesg==

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
715 B 155ms
143ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13be28f2e7bab5b4f87d2db18b802b2f7c78e634c6fbdf22c6585267d6c5610c

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Zz8zJRuHHEoA1XTXaY3pYWjf%2FsrxWueiqbYaz0I3fKcGzppaz4cSd6Apz4B74Chhk8EKM1v2bf2F35nGrodSEoSWYj7ZEzuB4KnjoeP7RrL7hEJn%2BEFQTo43ugamt8GSiQ%2Fwq7aV9YRmxufpv0pCILSFh%2F%2Bo%2FM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
cf-ray: 68560e6c9b33d6d5-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 134ms
134ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8heXe5UE48ddmcJrT%2FpDEJWojI%2BavtENBqvAaw15PpiKQ7bcQ61SfDJfPg%2FVmWaaHTwQnn6higtqS%2Bk9MI0ul%2FAgzjWNEDc8%2F97TL7d%2FofSqQ8lBY00pkVPT%2BwdQuyDgbK4ZSpGvaj%2Fx%2F9MuMaT8uiI0gmD8uo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560e6bab762c36-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 114ms
112ms Fetch
application/json 2600:1f18:24e6:b902:3560:f86b:b647:d2d7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:3560:f86b:b647:d2d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 14:40:40 GMT
content-length: 2
content-type: application/json

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0 94ms
94ms Preflight 2600:1f18:24e6:b902:3560:f86b:b647:d2d7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b902:3560:f86b:b647:d2d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
624 B 322ms
321ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 13c6fbe6655b56d890654b9c53c686558f1190c59b060f59f58b4d06b2e7546d

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 0e9c39282a76497592bef9a03674fe66-2021082714
content-length: 312
x-amz-cf-id: FqxtLknIcOMLcZMS3l7GJvlBosu9SnoJrrEkdCbD009lxsJkXndrLQ==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 0
0 112ms
111ms Preflight
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://doublepulsar.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Fri, 27 Aug 2021 14:40:40 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
242 B 112ms
111ms XHR
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://doublepulsar.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 27 Aug 2021 14:40:40 GMT
Content-Type: text/plain

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 122ms
121ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _ga=GA1.2.1674372570.1630075240; _gid=GA1.2.171860764.1630075240; _gat=1
content-length: 1439
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
sepia-upstream: medium
server: nginx
content-type: application/octet-stream
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, clientele/main-20210818-220841-79e497bc6b
x-envoy-upstream-service-time: 6
set-cookie: uid=lo_4cff8f4f248e; Path=/; Expires=Sat, 27 Aug 2022 14:40:40 GMT; HttpOnly; Secure
content-length: 0

GET
H2 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 23ms
22ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10920417
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560e6cb81905fd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:40:40 GMT

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
562 B 184ms
183ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

92c3e2cc5db457583981233f7cfc1927a78345d39344285bd83ffefc72c10579

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:40:40 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"b4-p0RCNKzS0R9lBn6gZh5BgyxHLyk"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: b409d09b6d054c2784a82d0eb257fde3-2021082714
content-length: 180
x-amz-cf-id: 5n9z6WKdPL4oypTqNz2txm8Te4i6w2Ns3HTdTF6wcpG_fO3R9WRKnQ==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
386 B 194ms
194ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:40:41 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: a6abd10be6fd4c489d9e6a4924acbd10-2021082714
content-length: 28
x-amz-cf-id: Bare0zthFriXUC_TT1SDH86puQXCoBqkiBNFZYWH4frkprus7-CEHw==

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
674 B 118ms
118ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1221c64f3ed630127dd61ccc4ddab8fe9fcdf8c078d5fe61b60d709b5a8e91a

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzO5EZJVLPGcWy6gLbCWHAkYYpCNSgbKMzwYkLgxAkemhkyCcm22EBpei%2F1BgVdT6RmfUCF72pZ2l2O0L%2BF3e34kStnHem%2FSpK8Ac7%2FhwtWjAnVvxfsFYr1flp5R6W0WKsTv5Ie2KTiWJbBHDXkYu3oPiy%2BY614%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
cf-ray: 68560e7088a6d6d5-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 106ms
106ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:40:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEJRW528K9xqGn7pr3SP%2B9T9GcgYvciXyLpxnl0lcn3S00vlzPOECoCGJEcPbt6xBl1AeRi72T5im4E%2F0I1HCBAeryUP61%2F3jPWGH4Pl4lYDYeadOR3dmA7W0xQHBXI1U7tkkwaq0R5YRFGI7Yg7dNxLzkaZACc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560e6fdfe6d6d5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
386 B 323ms
322ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:40:41 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: cba04b857aea4d7d9ce8aa25e1c3b270-2021082714
content-length: 28
x-amz-cf-id: jELHY_1o8KE7DvPnXOY2s7yY8nzM4uZiOL9-1HDurRaALtVU1I2g9w==

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
670 B 140ms
140ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cebeda70e45f3e141f86029321646fe6662fac24232e94ccbea35e418da51a94

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tb%2FjxNmUND0%2FpodfABvmhI1ZlpjNAoj7E8kBsgJjw5jQI3sgoSsvuTEOfNNYdqnodmzwqgvYso1ffHxECDOqU7mWSVI7BPdtnWDYweBQVo69KmeO339T98HtJPczFsX2TAOhPKPGr2A5i6SPNPeiB64tjbFSZjE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 27
cf-ray: 68560e73dd1bd6d5-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 105ms
105ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:40:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxA7T%2FgI6PufxBApLcHVTwPcXdva7Gk%2FldIgtQ67tz4yx1dwcpFuKlz8UUzZUZ5IpUFYRfvYjq3faeNQOrNUxFpnRXT8SLEgTgpk57uGhC6s5QtkdoEeT0ao2CBAhIThBH3v%2F6rpIpeM7%2Bs1ZXvWobfCZzoGQPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560e733c58d6d5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
674 B 117ms
117ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1172fee563ae0169410517a0fd4afbd1df90f6c2a97afed9cc322173b0ff448c

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjwWuVFGJmDkdtiEsThCbjQScyZMi0GAQZ5fmI6%2BwygVG7rEGS4wuXb9HAbpqHCGZEQZPFiCrJdqlzWz4isEfIKfKbBvGUNsEunXs1uZ0W9Eh7EqeZUgC%2FppdI7twKkyyxZRWckQc5jGEjhW3%2BLVEaU2eevipVo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 68560e777a4cd6d5-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 120ms
120ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:40:42 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 7
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScVRJ%2BiIV2Mf6K04BX1m7TUdEOVNyzS7rGt8MkpbgzudPdykIzUyrqc0WDY5usiPW06mEf7OB5HeGyKyT6ua%2F9TY2a9xYRwuPMzWlMpdjl%2BCfw0vQJ0LnhxAs5dBG%2FWIcpRluNLD0qRaw1h6zKvZjWHmL5DHGzo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560e76b8f3d6d5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 400 batch Show response
doublepulsar.com/_/ 24 B
282 B 151ms
150ms Fetch
text/plain 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a2d7229fed40e53774254adcf39d0cd21e4a7c7de4512c32b189b79ea88a2d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
x-xsrf-token: 1
accept-language: en-US
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
content-length: 10158
:path: /_/batch
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:43 GMT
x-content-type-options: nosniff
sepia-upstream: medium
server: nginx
content-type: text/plain; charset=utf-8
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3
x-envoy-upstream-service-time: 7
set-cookie: uid=lo_fa549c62aae7; Path=/; Expires=Sat, 27 Aug 2022 14:40:43 GMT; HttpOnly; Secure
content-length: 24

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
674 B 109ms
109ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23cb4cf905a2d02944319e3b5370800b750c94461a7e6e4c04d01f38ee6e0a2b

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:40:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVbSbQ%2FOXXNOJU7sHeVbxxz770WKXA4%2FgnMlvSSqPa7fJ5O1KssZXVaBZCsfcY7B1N06Q4WqZJNAE%2BrXeYTVO3XLVEglrHOaFc4ekmofSpI9RPsCni0EKr4C1tknaeUxpdB5n5qta1bkJfXX%2BCZjX0x2g9RdNys%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 68560e86aa52d6d5-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 109ms
108ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:40:44 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mRgLNHr%2FesfAfWqoCC6DqIjO9jhXp1MWgzaN%2FbgNyFzqRWhrk3Gxoy0us3mURWKArAZy6CNFAUIYTPbIUaUUcY5fUr4DOx1QnV8NOoZkPn1CpGOXaQ2jzHGUTx9QmzOm8NwmyIFAKNV%2FC%2B%2F18d26mKIeMkLygI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560e85fd062c36-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doublepulsar.com/	1970-01-19 20:49:21	Name: _gid Value: GA1.2.171860764.1630075240
.doublepulsar.com/	1970-01-19 20:47:55	Name: _gat Value: 1
.doublepulsar.com/	1970-01-20 14:19:07	Name: _ga Value: GA1.2.1674372570.1630075240

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
doublepulsar.com
errors.client.optimizely.com
glyph.medium.com
lightstep.medium.systems
medium.com
miro.medium.com
www.google-analytics.com
13.224.96.57
2600:1f18:24e6:b902:3560:f86b:b647:d2d7
2600:9000:2190:7a00:19:9934:6a80:93a1
2600:9000:21f3:6600:11:f728:3040:93a1
2606:4700:3032::6815:5081
2606:4700:7::a29f:9904
2a00:1450:4001:803::200e
2a02:26f0:6c00:2a0::13b8
3.225.10.210
52.1.119.170
023e4896942ae770c88c045d89d253862d0bb4ecb47adfc19be2d2702412af42
02a209d50a545e4955d40866065477107a19b3ba0f74f449ce3e3f4fac6b08aa
038262231160fee976d84fa8d1db80567769112008a892e0edeb76f6c1121165
0393d1706ef05b8c2ae9f12bd4d71aba8affbebee2dfa6fccba81b86e2e725ae
042e4e303b7ad0b97a172aa37962c7f649c1afad771dd31f8e7161744d84cdff
05a1af335c12488ca849dbabfc6192f0710ff328f926f54859c4793b581c649d
074120e0ce9c1b6b278f30fbc208a1312ad9c87639665a2abfb86bdacb6bdbbf
0b891f3fd101f913d6c2d42b7dccce4d53d33e49d733b8f4774a6559bb534be6
0c8816dc8228d4e702aac7c2832e7617ffbdf7aecc865587b696d063f3ea93b3
0d9552c1a8a70745378143287ac280762bb3a0bb1f338157d4d1c2b96383b563
0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107
0edebda7c824603f9d5502a48e012b991c04985cdf27360b157dc3ef2214e2ac
0fcdf1b9c29d79fa8679eeefa1573c239bc5bea4dd2eed064fc6e2a0d1c97f4b
103c8f4bcf8bffd0fea54ecad915230d6025023083349a94e5e32ff50c0b96f7
111cac9ce607d1b598d07b88659f6145cdc1015153fc3ae036c98f37eb9d5a59
1172fee563ae0169410517a0fd4afbd1df90f6c2a97afed9cc322173b0ff448c
12ae1072afc293ec30101e3f8d4eee96b04952b8f21ac49df261e70ae69cafbf
13be28f2e7bab5b4f87d2db18b802b2f7c78e634c6fbdf22c6585267d6c5610c
13c6fbe6655b56d890654b9c53c686558f1190c59b060f59f58b4d06b2e7546d
143be9b55563d57d3e4601b0281c8c5a6c698e8336841433f7f5f959605e2e34
1a903333a957f9311e1d51fb0064c219e1e0f578e36fa993d750a99d0f7fe697
23cb4cf905a2d02944319e3b5370800b750c94461a7e6e4c04d01f38ee6e0a2b
23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7
24ffbef1177aa861458bf509b1995d08c855a289b1dceb2928773815b1c7c27d
29c4fa2b831a9d8a8d76c356c37f51a8c564fde548e73088dcd3627363d98d75
2b0701c2ca76e7d640a4158f75d2acd5d76fb8cd89c144dc1964f4dc70eaee85
2d62c45fc2fb98a30f520480ed1060f0000ec78a37bfa80103e7d7ff3930b084
2f858ae42dc95fa7d296a95b414952a71bc640985593fc83a5ecdbbafb9a9525
37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55
389d660ad6302843f61ead3441874022a81cc38678b5d0bf041897e376db4d43
3903354e40a89bc08ffd179ce96dc3dfe7f3603bfaa1f52982045573b32c40bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
499d277272839c165137bbaf1609abf7d5347654872481e6577ba16b992e2bd6
4bf2ea6861499e938670354f17dfb7fc4aa5447e4ba95a2194caa52c01f3cfb0
4d957cb1b09dbcee7ebcb0d11bfe0dfe14a8a4c56004ddc852e137cfb716545e
50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93
51041a29d93ea155720fb49ddd960a39b1a081d7d43a3d051c08bb620a3cb2e3
525519582b1bd4a7a793e91b793c4c727c4cec22ce14884f6ba4d3aaf6ded90c
539ff8edffa9c32c76ed635255a9e54b6365fa17b678a7a7a20764d4a2d3147a
5653275fd2234822f5aab4c7fb5bc5325e4991570295998f1ab5a83287c7f285
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
5ced593854bb82c95cf35f22c421e3ada59d60b4c9292b58da914d4340139d17
5d03b4009d8fe7e7e1e01abe936456448f3eaa1041083759b5a1ff25c9ab4ba1
5f2abdf9e9752867b58046f22000379a3c4da9c0f4a0536635972bc124a7854d
5ffcb7f577dea6a747ffcd54f53d0a7e08dd9b48982411524af847f10c8bf68f
63ff695f5b36586ec7fb3acc54730f33d4167cc2b797897bdec8a1654ee7d87b
6550693dadb570fdd94da3996a0887c68d4d291c0818f1528d1a7bc930d8b869
68078ec955d9fe1ecbba1656e1f4469e2585307cfc1b5b993df6e56e5de3d359
685ebea4a8c71de75cf3b4f8c51d8ca871eb2edfbe2b5ae36c2becd2b22c4629
6fefca2e39b0c80d4d1c9b40a41787df0f738a85ff142e5295f17b2e96711ad3
72fdaeca4c65e6655aeeb37b8b9787e1cef79a4e8b10cee34f64f6315cef91e3
78370f1c60ca7a80d7bc4052eedbb87ad1425f418730b2cf7b3922719001d752
78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee
7d6d130d8f196bb2c14843b9bd09ca0f6eb9c826133a4451082927aba4f40f39
7df3af12e866788eb580b7542e9e29e8bffe1c046eaccea8b019fb5c9d88097b
830f40ef2a3e1b3f6fa8391cc6c93d8ed19dcc454398596ec98aa2c6ebef48bd
83b609bf586cb8e62af2f3267bbaa50c9f11d7d6e86e1c84e2eecfbc2be949ef
8a16399be3dd5a77dab492b09571656ea17bcab138b1422484312c761aecbf2d
8a6f7776d9114c66723e5c20fb977343f5a94c7186be3cd5a9e921522e73522c
8bbacda37b119c290c184c6975dc0f9e7892a22c56bb572d70457e437484864d
8d3263919f036071371394d7d4bdfa9715658cebab2cb453ec39383e5c902958
8ef36cd81a32a63c14214d2d7c45e0809be147e68869ea1a5c34feab6d207fa2
904397f76a8b5003581d647a59b7f0c48820e72692bae32f62faa78d9d08ece0
92c3e2cc5db457583981233f7cfc1927a78345d39344285bd83ffefc72c10579
92d2ff27d2b587da629e4ff4aaae0eb0541e5dc2412152dd075034da1fda8c25
96be4a55208ca0e90dd710cc6eb9f4b612fe08c1a9d08a4a2c81ba1253488b2f
971c28b0d1f472873001dc7dc6a2cccb67ae422fd00cd6a12e753fbc1ff1e2ea
99a551671d29fb4718e5697b374fc9d0ab5f362651fb03863a6fe57a8a29ae9f
9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16
9d8aa4689a04989a7698e498bc9d2b842b15742cd7f6710017620cd5c0ad22ea
9f9426d07320e3f576a16016df14965aa352eea15b901f44f72187ae8c4d597c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2d7229fed40e53774254adcf39d0cd21e4a7c7de4512c32b189b79ea88a2d5f
a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a94e6849b61a757cf02abe1a5b7b55f869d14cd3dcfa91da02141fc849df0b95
aaeb4029349a9e62f4f2d1d4124d5988f8c7582ee90f161ae494620bb234cbe9
ab66d537424af570bf85c12629c8436512b42248cfd44c2bd55dbc1579dbdc5d
ad2c52d005eafc6341d3d19a7a8a05ed649686c6881ab62155ae95d4618adf35
ae1c273ad638e70d8bf5fd973b10ca3396efd4296ed46d5f4f9fc0c89ce19a76
af4cd63175903f7de1128348f087273d1d0b50dec0d84b6d96d9595aacaab923
af53bb392cf949de35ca399079add6d28e09d25b1b2072624fc78c804dfd607e
afed961ddb57f36277dfd3c4746651600913c0bfff3b3a498971e1d40d027351
b1221c64f3ed630127dd61ccc4ddab8fe9fcdf8c078d5fe61b60d709b5a8e91a
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b3207bd24557fefc2773c0bb9d388545f3666a14bf86abe03f10f95272ca24b2
b3d5fdf94cc9bcce6d26f71f0d82b4e925e0ca901df59c1d24d7d911eddb0cbd
b5c56db5c125272d6c1961aec103670e022d01534cfbd4baa7ff3b595f9825ce
bac7c08c637f489dd02b2d3a6ff4aca3c7e038a920e39a685f07f81228c419a3
c4a10cbffdbce76d8de099fabe5eaf5fe08c12fa86e846e34013f7597c716e88
c5388efddd16e46845ff6bc0b750d6273ee98feae2dce22044c0019336019c1f
c5748a354a1c79fdb238f56dde081004de39bb61a52bd74676e036f3786db9e6
c88a6fd9c0f927b6c6eb6a0333d8df738064c2f09458bb23064d319ae34f344f
c8ea4c5606f00ece39073ca2c52012151e25038242447053b13ac4f2021f0c02
c9e498f5209c744498c600a13e63c1d59e81d2992726c71dd0eb082a71cb6a6f
ccf1d0212a4714b3f473779b2c0bc89ecc064414c86ae363d83b0033c9d1f74f
cd520777ff12430259aea76eedc236888374a44fe25dc771b5abc1616794186c
cebeda70e45f3e141f86029321646fe6662fac24232e94ccbea35e418da51a94
d1a00ac7a95eb9d35624ada3ab48f69a42fb0b64330877497d2a215b6fa574ec
d3dd90bc7589e2dfce2ebb76fbbdeb3edb151dda0fc05cb3ce013b4058be34a2
d49f9d5f6cf0fe5e246dae163447d21a876c54cdf3da502fca7d95f2441a51a6
d60f382ab7dcba7579cd2088e8f9ef61e63acbcf269626a9b081c54d9624cdaf
e0ce16af99f8a960767cf02eb3e2a0c55b201717d5eb340ca5e278a46cb67661
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e544bd8d73fe98d8ba7a775515ae3f80b1dc3d63f6aaded903352e5bfd0dbf5f
e798695365aaabfbd6209396d2f2e565e367bd2d29a805358798bde076c9a4be
e80822fa48ad371fcf8ee70251a00651a367ba539273ff7e5b2ca639dd33bcfd
e83c6b0ea99b4caf907cc41097879e6edc6ffd49cfe6266275abd3bcf771737c
e8942b90f53f2c2ab0836230b85c3055701e5ab9b3439b0fa4c7bc0366d400e5
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8
e9d67ee8bdede3d1235705cc312c9c039d5e1dc94e77ca56a3ba07a944657b06
edac038fa41b6998706870940e3dcb6a50bf6ff175cfd7e274dc1f096f9e1c30
f6df94cc15c64e450354bf62f7de16c8dc4b0de88d2ff220c2eebe5ef953b1ff
f724cafa4496101c379bed8a55779f79605e2c99fa027fa7d3217177abc00193
fb8d5b9f74625e511e3c8d63848e7a54c98016daed84f8df3bc166368586afa5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd7436e1b6af2682060e21ec5f44e3932a963bb8c847db895de7bdd5941ed487
fe20d15189023af0455c9c6ac8f7e03ec7c42a2b8c794c141919951ea7ebd335
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

doublepulsar.com Open in urlscan Pro 52.1.119.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

70 %IPv6

8 Domains

13 Subdomains

10 IPs

2 Countries

1520 kBTransfer

3853 kBSize

3 Cookies

72 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

13
Subdomains

10
IPs

2
Countries

1520 kB
Transfer

3853 kB
Size

3
Cookies

132 HTTP transactions
0 data transactions