garykongcybersecurity.medium.com Open in urlscan Pro
2606:4700:7::a29f:9904 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/fhrZZuhcX3
Effective URL:
https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
Submission: On December 28 via manual (December 28th 2023, 7:38:33 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 97 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 83 HTTP transactions. The main IP is 2606:4700:7::a29f:9904, located in United States and belongs to CLOUDFLARENET, US. The main domain is garykongcybersecurity.medium.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 18th 2023. Valid for: 3 months.

This is the only time garykongcybersecurity.medium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
51	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	18.161.111.73 18.161.111.73	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:e200:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
83	9

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)

garykongcybersecurity.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
garykongcybersecurity.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.111.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-73.mrs52.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e200:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	medium.com garykongcybersecurity.medium.com glyph.medium.com — Cisco Umbrella Rank: 22280 miro.medium.com — Cisco Umbrella Rank: 15278 cdn-client.medium.com — Cisco Umbrella Rank: 23250	1 MB
4	branch.io cdn.branch.io — Cisco Umbrella Rank: 989 api2.branch.io — Cisco Umbrella Rank: 721	24 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	266 B
1	app.link app.link — Cisco Umbrella Rank: 2381	634 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	82 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	t.co t.co — Cisco Umbrella Rank: 589	613 B
83	7

	Domain	Requested by
37	cdn-client.medium.com	garykongcybersecurity.medium.com cdn-client.medium.com
17	garykongcybersecurity.medium.com	t.co cdn-client.medium.com
11	miro.medium.com	garykongcybersecurity.medium.com
9	glyph.medium.com	glyph.medium.com
3	api2.branch.io	cdn-client.medium.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.link	cdn.branch.io
1	cdn.branch.io	t.co
1	www.googletagmanager.com	cdn-client.medium.com
1	static.cloudflareinsights.com	garykongcybersecurity.medium.com
1	t.co
83	11

This site contains links to these domains. Also see Links.

Domain
rsci.app.link
medium.com
portswigger.net
www.w3schools.com
pu
developer.mozilla.org
digital-forensics.sans.org
www.winitor.com
www.virustotal.com
www.autoitscript.com
domoticx.com
www.hexacorn.com
github.com
manalyzer.org
www.hybrid-analysis.com
attack.mitre.org
docs.microsoft.com
www.immunityinc.com
www.linkedin.com
nosfera0x2.medium.com
lockpin010.medium.com
help.medium.com
medium.statuspage.io
blog.medium.com
policy.medium.com
speechify.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-09-11` - `2024-10-09`	a year	crt.sh
appipv4.link Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
Frame ID: BD317CA2DDD4C8EF7822FCC73A246109
Requests: 83 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Technical Analysis of ProfileVisitor Malware on Facebook | by Gary Kong | Medium

Page URL History Show full URLs

https://t.co/fhrZZuhcX3 Page URL
https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1 Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

83
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

1358 kB
Transfer

3441 kB
Size

7
Cookies

97 Outgoing links

These are links going to different origins than the main page.

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F9c274d576df1&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderUser&source=---two_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Ftechnical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---two_column_layout_nav-----------------------new_post_topnav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F10a3b509d1a2&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Ftechnical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1&user=Gary+Kong&userId=10a3b509d1a2&source=post_page-10a3b509d1a2----9c274d576df1---------------------post_header-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F9c274d576df1&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Ftechnical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1&user=Gary+Kong&userId=10a3b509d1a2&source=-----9c274d576df1---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F9c274d576df1&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Ftechnical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1&source=-----9c274d576df1---------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D9c274d576df1&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Ftechnical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1&source=-----9c274d576df1---------------------post_audio_button-----------
Title: Listen

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp
Title: Burp Suite

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/js/js_arrays.asp
Title: array

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/js/js_loop_for.asp
Title: For Loop

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/jsref/jsref_fromcharcode.asp
Title: String.fromCharCode()

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/jsref/jsref_eval.asp
Title: eval()

Search URL Search Domain Scan URL

URL: https://pu*****/
Title: https://pu*****

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/js/js_api_fetch.asp
Title: fetch()

Search URL Search Domain Scan URL

URL: https://pu*****/ajax/7z[.]php.
Title: https://pu*****/ajax/7z[.]php.

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/API/Blob
Title: blob

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types
Title: MIME type

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/jsref/met_document_createelement.asp
Title: document.createElement(“a”)

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/jsref/met_node_appendchild.asp
Title: document.body.appendChild()

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/jsref/met_html_click.asp
Title: click()

Search URL Search Domain Scan URL

URL: https://digital-forensics.sans.org/media/hex_file_and_regex_cheat_sheet.pdf
Title: file signature

Search URL Search Domain Scan URL

URL: https://www.winitor.com/
Title: PEStudio

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/
Title: VirusTotal

Search URL Search Domain Scan URL

URL: https://www.autoitscript.com/wiki/AutoIt_and_Malware
Title: AutoIt

Search URL Search Domain Scan URL

URL: http://domoticx.com/autoit3-decompiler-exe2aut/
Title: Exe2Aut

Search URL Search Domain Scan URL

URL: https://www.hexacorn.com/blog/2014/11/28/decompiling-compiled-autoit-scripts-64-bit/
Title: Hexacorn

Search URL Search Domain Scan URL

URL: https://github.com/g4xyk00/autoit64to32
Title: PowerShell script

Search URL Search Domain Scan URL

URL: https://manalyzer.org/report/b846719e234b5697da4bf0f0e2ac632d
Title: Manalyzer

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/1679b1c83a99fb76b6c5f0afa25104506ea00be5bb551449d46579467bcc6d53
Title: Hybrid Analysis

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/
Title: MITRE ATT&CK

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
Title: Process Monitor

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1012/
Title: T1012 Query Registry

Search URL Search Domain Scan URL

URL: https://www.immunityinc.com/products/debugger/
Title: Immunity Debugger

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1497/
Title: T1497 Virtualization/Sandbox Evasion

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/feature-discovery
Title: CPUID with EAX value of 1

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-writeprocessmemory
Title: WriteProcessMemory

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1055/
Title: T1055 Process Injection

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-getasynckeystate
Title: GetAsyncKeyState

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1056/
Title: T1056 Input Capture

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/inputdev/virtual-key-codes
Title: VK_CONTROL

Search URL Search Domain Scan URL

URL: https://medium.com/tag/malware-analysis?source=post_page-----9c274d576df1---------------malware_analysis-----------------
Title: Malware Analysis

Search URL Search Domain Scan URL

URL: https://medium.com/tag/reverse-engineering?source=post_page-----9c274d576df1---------------reverse_engineering-----------------
Title: Reverse Engineering

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----9c274d576df1---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fusers%2F10a3b509d1a2%2Flazily-enable-writer-subscription&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Ftechnical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1&user=Gary+Kong&userId=10a3b509d1a2&source=-----9c274d576df1---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/in/gary-kong-cybersecurity
Title: http://www.linkedin.com/in/gary-kong-cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fc2b298bfc3ab&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Finsecure-802-1x-port-based-authentication-using-eap-md5-c2b298bfc3ab&user=Gary+Kong&userId=10a3b509d1a2&source=-----c2b298bfc3ab----0-----------------clap_footer----bf949470_a4b7_4e95_836b_232b0bcf5533-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc2b298bfc3ab&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Finsecure-802-1x-port-based-authentication-using-eap-md5-c2b298bfc3ab&source=-----9c274d576df1----0-----------------bookmark_preview----bf949470_a4b7_4e95_836b_232b0bcf5533-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fb0926926e2f7&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Fwalkthrough-on-finding-vulnerabilities-on-codesys-webvisu-and-ifm-smartplc-b0926926e2f7&user=Gary+Kong&userId=10a3b509d1a2&source=-----b0926926e2f7----1-----------------clap_footer----bf949470_a4b7_4e95_836b_232b0bcf5533-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fb0926926e2f7&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Fwalkthrough-on-finding-vulnerabilities-on-codesys-webvisu-and-ifm-smartplc-b0926926e2f7&source=-----9c274d576df1----1-----------------bookmark_preview----bf949470_a4b7_4e95_836b_232b0bcf5533-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fc197794a3af4&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2F4-steps-to-create-a-strategic-investment-in-industrial-cybersecurity-c197794a3af4&user=Gary+Kong&userId=10a3b509d1a2&source=-----c197794a3af4----2-----------------clap_footer----bf949470_a4b7_4e95_836b_232b0bcf5533-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc197794a3af4&operation=register&redirect=https%3A%2F%2Fgarykongcybersecurity.medium.com%2F4-steps-to-create-a-strategic-investment-in-industrial-cybersecurity-c197794a3af4&source=-----9c274d576df1----2-----------------bookmark_preview----bf949470_a4b7_4e95_836b_232b0bcf5533-------

Search URL Search Domain Scan URL

URL: https://medium.com/@irfanbhat3/gdb-cheatsheet-4dae0ed5a4b9?source=read_next_recirc-----9c274d576df1----0---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@irfanbhat3?source=read_next_recirc-----9c274d576df1----0---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F4dae0ed5a4b9&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40irfanbhat3%2Fgdb-cheatsheet-4dae0ed5a4b9&user=Irfan+Farooq&userId=c9e3eb045245&source=-----4dae0ed5a4b9----0-----------------clap_footer----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@irfanbhat3/gdb-cheatsheet-4dae0ed5a4b9?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----9c274d576df1----0---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F4dae0ed5a4b9&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40irfanbhat3%2Fgdb-cheatsheet-4dae0ed5a4b9&source=-----9c274d576df1----0-----------------bookmark_preview----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@nourhanelyamany/malware-reverse-engineering-ctfs-4b6ab97cd520?source=read_next_recirc-----9c274d576df1----1---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@nourhanelyamany?source=read_next_recirc-----9c274d576df1----1---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/cyberscribers-exploring-cybersecurity?source=read_next_recirc-----9c274d576df1----1---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------
Title: CyberScribers

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fcyberscribers-exploring-cybersecurity%2F4b6ab97cd520&operation=register&redirect=https%3A%2F%2Fmedium.com%2Fcyberscribers-exploring-cybersecurity%2Fmalware-reverse-engineering-ctfs-4b6ab97cd520&user=Nourhanelyamany&userId=1d73843b974d&source=-----4b6ab97cd520----1-----------------clap_footer----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@nourhanelyamany/malware-reverse-engineering-ctfs-4b6ab97cd520?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----9c274d576df1----1---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------
Title: 1

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F4b6ab97cd520&operation=register&redirect=https%3A%2F%2Fmedium.com%2Fcyberscribers-exploring-cybersecurity%2Fmalware-reverse-engineering-ctfs-4b6ab97cd520&source=-----9c274d576df1----1-----------------bookmark_preview----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@AMGAS14/list/natural-language-processing-0a856388a93a?source=read_next_recirc-----9c274d576df1--------------------------------
Title: Natural Language Processing1038 stories·515 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@avaen/extraction-and-analysis-of-injected-shellcode-77445e8b6504?source=read_next_recirc-----9c274d576df1----0---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@avaen?source=read_next_recirc-----9c274d576df1----0---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F77445e8b6504&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40avaen%2Fextraction-and-analysis-of-injected-shellcode-77445e8b6504&user=Dawid+Bolkowski&userId=5ffcb4260108&source=-----77445e8b6504----0-----------------clap_footer----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@avaen/extraction-and-analysis-of-injected-shellcode-77445e8b6504?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----9c274d576df1----0---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F77445e8b6504&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40avaen%2Fextraction-and-analysis-of-injected-shellcode-77445e8b6504&source=-----9c274d576df1----0-----------------bookmark_preview----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://nosfera0x2.medium.com/reverse-engineering-injection-series-part-3-a308b421264d?source=read_next_recirc-----9c274d576df1----1---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://nosfera0x2.medium.com/?source=read_next_recirc-----9c274d576df1----1---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fa308b421264d&operation=register&redirect=https%3A%2F%2Fnosfera0x2.medium.com%2Freverse-engineering-injection-series-part-3-a308b421264d&user=nosfera0x2&userId=243a765527ea&source=-----a308b421264d----1-----------------clap_footer----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://nosfera0x2.medium.com/reverse-engineering-injection-series-part-3-a308b421264d?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----9c274d576df1----1---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa308b421264d&operation=register&redirect=https%3A%2F%2Fnosfera0x2.medium.com%2Freverse-engineering-injection-series-part-3-a308b421264d&source=-----9c274d576df1----1-----------------bookmark_preview----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@0xMr_Robot/buckeye-ctf-2023-reverse-engineering-challenges-f050d3dd4dd3?source=read_next_recirc-----9c274d576df1----2---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@0xMr_Robot?source=read_next_recirc-----9c274d576df1----2---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Ff050d3dd4dd3&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%400xMr_Robot%2Fbuckeye-ctf-2023-reverse-engineering-challenges-f050d3dd4dd3&user=0xMrRobot&userId=e60839afa262&source=-----f050d3dd4dd3----2-----------------clap_footer----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/@0xMr_Robot/buckeye-ctf-2023-reverse-engineering-challenges-f050d3dd4dd3?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----9c274d576df1----2---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Ff050d3dd4dd3&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%400xMr_Robot%2Fbuckeye-ctf-2023-reverse-engineering-challenges-f050d3dd4dd3&source=-----9c274d576df1----2-----------------bookmark_preview----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://lockpin010.medium.com/x86-architecture-for-reverse-engineering-malware-analysis-d8de6a82d458?source=read_next_recirc-----9c274d576df1----3---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://lockpin010.medium.com/?source=read_next_recirc-----9c274d576df1----3---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fd8de6a82d458&operation=register&redirect=https%3A%2F%2Flockpin010.medium.com%2Fx86-architecture-for-reverse-engineering-malware-analysis-d8de6a82d458&user=Ahmet+G%C3%B6ker&userId=1bf63f052d88&source=-----d8de6a82d458----3-----------------clap_footer----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://lockpin010.medium.com/x86-architecture-for-reverse-engineering-malware-analysis-d8de6a82d458?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----9c274d576df1----3---------------------b02808fc_7b47_48dc_a0d5_0c490aaed91f-------
Title: 1

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fd8de6a82d458&operation=register&redirect=https%3A%2F%2Flockpin010.medium.com%2Fx86-architecture-for-reverse-engineering-malware-analysis-d8de6a82d458&source=-----9c274d576df1----3-----------------bookmark_preview----b02808fc_7b47_48dc_a0d5_0c490aaed91f-------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----9c274d576df1--------------------------------
Title: See more recommendations

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----9c274d576df1--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=post_page-----9c274d576df1--------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----9c274d576df1--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=post_page-----9c274d576df1--------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=post_page-----9c274d576df1--------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----9c274d576df1--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----9c274d576df1--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://speechify.com/medium?source=post_page-----9c274d576df1--------------------------------
Title: Text to speech

Search URL Search Domain Scan URL

URL: https://medium.com/business?source=post_page-----9c274d576df1--------------------------------
Title: Teams

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/fhrZZuhcX3 Page URL
https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 fhrZZuhcX3
t.co/ 485 B
613 B 267ms
161ms Document
text/html 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/fhrZZuhcX3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 242
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 19:38:21 GMT
expires: Thu, 28 Dec 2023 19:43:22 GMT
perf: 7469935968
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: f68f0a315931ff3ca6e108eefa47c0a12c6aa866a9e8d6aa7aea49f99d0045dc
x-response-time: 121
x-transaction-id: f95027355b56eefd
x-xss-protection: 0

GET
H2 200 Primary Request technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1 Show response
garykongcybersecurity.medium.com/ 192 KB
37 KB 316ms
220ms Document
text/html 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Requested by

Host: t.co
URL: https://t.co/fhrZZuhcX3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2dcb0368169699d98c9d06f7e81ddd178bc84e5981d3d5be75edb847b44358

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: HIT
cf-ray: 83cc436299889136-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 19:38:22 GMT
expires: Fri, 29 Dec 2023 19:38:22 GMT
link: <https://glyph.medium.com/css/unbound.css>; as="style"; rel="preload"
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, lite/main-20231219-233042-49fba430e3, rito/main-20231219-233042-49fba430e3, tutu/main-20231219-223821-369a420078
medium-missing-time: 161
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-cache-key: garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
worker-cache-middleware: true
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 348
x-request-received-at: 1703782187042

GET
H2 200 unbound.css
glyph.medium.com/css/ 18 KB
1 KB 112ms
95ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3525
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc43641bef9136-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Dec 2023 21:38:22 GMT

GET
H2 200 0*GNxePZVppBO2lQ85
miro.medium.com/v2/resize:fit:720/format:webp/ 12 KB
12 KB 179ms
160ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/0*GNxePZVppBO2lQ85

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee90f22ec5aa67deea4e6ae1310c03d4dc8ce56a74b853bf1e9ffa7cf2ced2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 273
content-disposition: inline; filename="0*GNxePZVppBO2lQ85.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12280
x-request-id: 573b8637-d55f-4d48-a4f3-0cef952f0a9e
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RImM1ZmY1MDhlNjdmMjE2YzhiNzg4ZWZmMmU0OWZjMGMzIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc43643c2a9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 manifest.a13f771f.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 99ms
91ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.a13f771f.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25c1b36214d83b9a649ee538d8c916ca3d4ba46af837a20220c5bb6afb1a6288

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: HlErZWlu_.aaViseaucTgG7bkmiM6yBM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3R30Y6SAY02ZHSW4
age: 796743
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qDSGbvIuWxrx9cblnd1RXerZiN1hGgKqNs6oPX8v7vJFc2zPEGEwY28/W4L4kImTVsWkPMqOQug=
last-modified: Tue, 19 Dec 2023 14:09:03 GMT
server: cloudflare
etag: W/"0c846b96bd8a130c2804e6e99d3e0c70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc43642c0a9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 3057.5e22bbb0.js Show response
cdn-client.medium.com/lite/static/js/ 659 KB
207 KB 137ms
132ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d4cacc612c452bdcc10a085e37f00f77d8863cb1e8fe669ca02c1156f2cb712

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 8U1kFgMJlUNmH8qkZNp1xniyDYQNS3lm
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S9TRK1AHXC8W7BG5
age: 323119
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hkWPbHHvK1/y1PgOnLBoXr4//WBOChBIQMYHo6ZKSSXDsAgljJm06sWniTaVissh9BXx5UvePfpqj01kEJSFdQ==
last-modified: Thu, 19 Oct 2023 20:38:07 GMT
server: cloudflare
etag: W/"5cf73b47b8f9468e48683b2d39073bf2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc43642c169136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 main.d25eb205.js Show response
cdn-client.medium.com/lite/static/js/ 759 KB
181 KB 96ms
91ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.d25eb205.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f09e7c4d12ebcda9fcc9c23c225f34b403b0d2a93aa45b3dd69e48530eb2cd3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: PM2zRA0SXlZ3zX95ukYUZxOPJCNZBXnQ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PVV0JYPJSBFJ3DQF
age: 762489
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CTXJSN7k0JPi2x4kc0NHcIRtrUdBivePP5f/0vZsRqEa89e4cCsVsgjYyECCm8xOUuhpb1mnH4I=
last-modified: Tue, 19 Dec 2023 21:19:22 GMT
server: cloudflare
etag: W/"d44dac7aa8a2dbcb29c04c12475507c3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc43642c0e9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 instrumentation.d6d5fe73.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 94ms
89ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.d6d5fe73.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3f7e27c4bb5a99d6e4d13108c496731dc6449349e7a5f047532a3c28dc7a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: PR8_UBjzcoJlgN2A.8oG1hIe5RQtEjXi
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: M293RFR9X9HBSASM
age: 663494
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kDNdOFPU3ZlC9IOzLY/tgKM6VSF09peZs6Dae8i7AGLPkj85EEHCu8GNq7skeg4ZkXcxrpwv4+M=
last-modified: Thu, 19 Oct 2023 20:38:41 GMT
server: cloudflare
etag: W/"861d773929a7453a8d14dce2c15d220d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc43642c109136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 reporting.2021fe63.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
923 B 94ms
90ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.2021fe63.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: EAFtMMjOBNpoIMOAp_mjLfH0fLlmjqvd
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y7RX5VAF4TF7222R
age: 139628
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JHgAZ7AHuFEoIDjuQ2DCUaiJhC8YIyDuEYQCLPaaJPNcjN8BwJh313a9RG+Xlj+hBft7icQRYuQ=
last-modified: Fri, 23 Jun 2023 16:13:42 GMT
server: cloudflare
etag: W/"4f45b39c86a2eb9ca7068099b34d3af6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc43642c149136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 120.a1050cd4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 93ms
89ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/120.a1050cd4.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a63874daccb3ac3ed721179b9daf59fc73ac9699fcd1b1af58e3e1dc0b694797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: UTxkv1woQlLYT1TWoumXyjk.mSIYuXtz
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VPT1TZGK6T6T5G50
age: 138214
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: L9m6itdENWzlLxhG4bZ8HYiZ1tkDENsVJNmbq8rGnBaNRZ5oHOlMh7oiP4h/HeF4YH6p90p22BU=
last-modified: Thu, 19 Oct 2023 20:38:04 GMT
server: cloudflare
etag: W/"a2b81fa0451c4e8e71f81ebc5e3d199c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc43642c159136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 1752.0a0e21e3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
10 KB 76ms
70ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.0a0e21e3.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be1ef395d225719d66914259410ea9cc8f5e486bc4aefc93b377fca48c5739e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: vBGXkvj2eltbI7OdJS6ssgn6BnIpNuCq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FY4RXY546FNNBNPZ
age: 130075
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uXJ15pIxuGKg1XkbbB+RJyUsLnWDGbMRz9kQ2bpI8Mvno0dadH9qaF5GGRg9Z1iklnbwJCUtS08TWvoxRaVjMQ==
last-modified: Thu, 19 Oct 2023 20:38:04 GMT
server: cloudflare
etag: W/"5a77924f78b5cf0358c26576485e5300"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd269136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 6733.1d85727b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 76ms
71ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6733.1d85727b.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d3e598ba737be043c5d785d54f858660c4dd4d22805b22a550876b017830f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 2fJFQUTf2u12vcW9GWlwyqCzuRzGu243
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: C677NQY5WTQZ3MXW
age: 149322
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tsp6ibadELIHxIyTa7q5r/Q2EQo8hNXZR1PcY4M9YfqGfV70oRNFM9mkT0f+0gLUoE8mwUn3qk0=
last-modified: Thu, 19 Oct 2023 20:38:12 GMT
server: cloudflare
etag: W/"637f2748bb252f63c1746748e78f94ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd279136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 4711.043615ac.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 76ms
71ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4711.043615ac.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36958875136eaa028381ba1b7c0169a46c0a3a80b12a2be773ec5e30479e3e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: qnKQzk0b9urC.8imJsDQEceRC7r1d.6v
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y655NVB5K3X3P1YK
age: 491069
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: F1t29tu3g+li0+qXwvm4ESj13hbcvo6gqEdVAxqB1VNGNZ7DDZkz2MmYNiMQ3yuf/c57UsTr5BA=
last-modified: Thu, 19 Oct 2023 20:38:09 GMT
server: cloudflare
etag: W/"fa8866965099e179b25da758eb62a2da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd2c9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 8695.09acff9e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 78ms
73ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8695.09acff9e.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82a2d5c3934b1cdc633bdc0eed2c3470c223e94f264d90e0361bbd712f10215c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: Q9.eb.3j9bi_F4R9aYemxyRBPTphB3g4
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6TD8AE4T38A5FKJG
age: 46590
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GXslgFZG+EQJ4X9RjvfGd+1XU829BRPVq/MYKuzZSFznAmuOUt3j32WTgjNJBTzWaoX7bvxeVSM=
last-modified: Thu, 19 Oct 2023 20:38:14 GMT
server: cloudflare
etag: W/"d07494896a2cf9ea70fd4038c2de7413"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd2d9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 4341.09a484a0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 40 KB
10 KB 78ms
74ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4341.09a484a0.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c07430ac1075c62498346fe13ef2ebc6c1981eec9947dd244e5a16bff4133cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 47iSWdqrvcoFM5KAcxTk0R9O5afyldIA
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FDK2BJRJC88PV1F2
age: 228403
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ghpOcGZLYY7PHVvwVUqdBi4TbTqoa2l4jf1gWtJ3ioRqqSwW9JQjcsIKZ7k26DqYa4Iu5kjoxSM=
last-modified: Thu, 19 Oct 2023 20:38:09 GMT
server: cloudflare
etag: W/"d5f9495d725166e8fda884d64d8d21dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd309136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 2522.c9ccdc98.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
5 KB 77ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2522.c9ccdc98.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046c5911ce94f822a071f7d2f21cb43c926da851bb3b5ddb95fcd705e1dffe27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 8vPytHMHyrw8Wa8juDg.m25N5K3agwVp
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Q53EK4EDT14QC4ZZ
age: 797036
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PRS6S0m2MGAU8zrmtimdjMRK1jGQBbn4zrowU48pdyvOSI6AplWcG9fRqJHBboyCTeSsENiCCsg=
last-modified: Mon, 18 Dec 2023 18:37:54 GMT
server: cloudflare
etag: W/"89752e1f97a7b4c99c8911b337d84c3c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd339136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 5203.e7a22052.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
4 KB 77ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5203.e7a22052.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e758010f351793913ddca875cd4d6b107e4fe8b263b352c1da5b2f3d151021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: sYZi_T_vovpyjHR0HCCODg8UWAAlZCKC
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S9TR4KN0R2QZVBA9
age: 230728
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: siW+Ok9J6ur2U+0R9zbA6CU1G3bxy52k9e5EA0Y5MPMfp3uofU5VbLthbwavSxh/xqTr2wm4DVRKzU+dQqifug==
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"4b2a2b012f01bcd5a7880043af3823bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd369136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 1957.fe63a49e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 75ms
71ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1957.fe63a49e.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df605e20fe7a05e0513c248e17c5a98c7cbc43fc7017e09f74ebdffae434386f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: yV0AEjZMehDA_RIyfXUT1SkECUTzy1qb
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S9TWBY2MGHD7N9CR
age: 46564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: S9r6TCR1rcofKONyJm1vyVv+HvVNKnRBUo6LhYm8w8IgblBc5ve989+UpTyG9hfOGisNpdZoxpqn6bwIeBGrgtAMh0ZVvTkY
last-modified: Thu, 19 Oct 2023 20:38:05 GMT
server: cloudflare
etag: W/"8b714aa6eb83b010c609afc3824ff245"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd379136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 9599.498ff6f1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
6 KB 76ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9599.498ff6f1.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e75b4a5cf951fb8847040cd14525c2cfbcf4447bf3fe36a769bda9ffa03ca2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 29JksJ_lENWlk4F1Gxt28SHmlfi74RGq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4RWX4ZYAKVYX0VND
age: 612140
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GAzpemJV3IonkvQUpvsB3/HtXXhyJsVRd/oXe3FsF+N+8TOVM50FD5zNKpWubcNmZGdcijVmdGU=
last-modified: Thu, 07 Dec 2023 16:25:28 GMT
server: cloudflare
etag: W/"87949732ad2b2412469072e2655234d2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd389136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 1711.b70f1a35.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
7 KB 75ms
71ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1711.b70f1a35.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93efcb5760c80b2b05a06369f841dec8894aec84f393f473d4a98c97d753637c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: an7lZshTbeizT4YvZ.H_UfpGSLFLVp6K
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J178EJGERS581XHJ
age: 166729
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1I0RZFqis3VUg39l18/zzES9x70K/pwfl3YWM9quPJZkzqvAzZXymSFOZhptZBXkE89qOgs7zSg=
last-modified: Tue, 12 Dec 2023 20:16:53 GMT
server: cloudflare
etag: W/"be9a7f1d16e66912ad5aca0b77f43879"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd3a9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 5268.a995d78b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
6 KB 76ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5268.a995d78b.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a73928425ff2b349ec8c4d112464714b897db4f905ac8456fd043f6910533f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: AO_o04hRimLWDIBERhm0MvKtA9l9J8dj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 9YQVKTHD23JWBQQ2
age: 16487
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8pBob1CcUmuvRYOfkmxRtvyofVRrYo3YRVRxzd3KBlDs4t+TR8zTe6QnyUYM2qqxFW6ZYLlNwUBbJpPiroMXErlBHju0FpgudxwEhkbSzG8=
last-modified: Wed, 13 Dec 2023 21:42:14 GMT
server: cloudflare
etag: W/"ac98dcbc561582ff0d0fa2c5ae9a5a89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd3c9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 9114.49b6b911.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
4 KB 77ms
73ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9114.49b6b911.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24183a1040266651c9220130eeb24ae69eaf1aea2f6cdf2928c47c1d28ec616f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 5HP3EOnC9v2XvBoz8LhP.2aoPkreALV7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3N219REVC9ZYPNYQ
age: 132162
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pMocFrYuTvZNcT+E5EWJl91OyGLMXAw6jBtIWQbO3ZI5fxKtuj3sgvOVN/RdHdqMoNtZ4/8ChKE=
last-modified: Thu, 19 Oct 2023 20:38:15 GMT
server: cloudflare
etag: W/"8b63f526f073a7a5c4fc7961b42c1594"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd3e9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 5459.80a6ee18.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
9 KB 78ms
73ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5459.80a6ee18.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dfdb6f5b4806f1c38df4fe8759a9de97db51013d581eab964f30e0168c63824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: Xo5Pr3Ij5Cgw5oTeyQue1xJQ0yv8JEXg
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5SCWCF2BFJVAEDN2
age: 1178573
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wEG42IkuOdW/JSBhPM6qNeTr3sRi8FqmOp1gCTVCseEB3gto97maHH708Ll1Ttvl0w6WO6sQOIM=
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"6e1344575b07708a7b94c40d88f89dce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd419136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 6804.53e6dec4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 80ms
76ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6804.53e6dec4.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d2aa006bf27911a62f151436d7b3d12e24397c9c2befb9821f14808327adbd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: todTaNHxor7z6DkxEEYKUxGO_1.8UYX_
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1Q7GVDZ2W0QN2D9J
age: 527977
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: W8VtQZLKkjyepOC1FwuEeKrE5eijybuzX8udgFMYTWu2U6Y6/iU4TGmC3QRRoBLvsiQaaya8a7GuOwWEWUXRtw==
last-modified: Fri, 08 Dec 2023 16:20:20 GMT
server: cloudflare
etag: W/"6e15efdedf85602439d99f6da2760537"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd449136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 9174.7b097d16.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 107 KB
27 KB 80ms
76ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9174.7b097d16.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541c035ef923be8f54083230d5c5886534702abd3284322b203a6de9e17e7271

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: ek2WYxCF1WbG0_EcgJEFdf7RKKdJzdSY
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 3QBK5MY9SE3GGJ2V
age: 693932
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WZGdREGEvM1/4xoUvACO2MD9keMPqCfIhUVp2jKm6FAS376Xax9sZoHLNjf98uvoB1vyHHIhOZvhhU4P903rsw==
last-modified: Wed, 22 Nov 2023 17:31:06 GMT
server: cloudflare
etag: W/"6c48b6bf57275f61ff6bac972e221a5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd469136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 4129.ee8ae2c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 76ms
72ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4129.ee8ae2c8.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a92f6f729051d8f507d8e2102fb6ff65523e1cac9a02c5cf73f1503b446dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: GKCEAjCz9C3rq4gDy5D41ahGcAUvJYws
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MT269DYJ93D7FQ65
age: 145465
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cusI7iSSJCBsd666xA9WgOKQaUZuVRaxOg4MroP7ROiIDH9vQ6XHZEamcKo+qjjznfVGfpv8iSnks0g4r9Pjzjac+/VZOAWVo4ewSrht4zc=
last-modified: Tue, 31 Oct 2023 13:31:10 GMT
server: cloudflare
etag: W/"c63ba7334aaaa7c433116323b85dddd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd489136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 8580.feeb2549.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
2 KB 76ms
73ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8580.feeb2549.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: zzAbVdzU1EHaoBWemZXYawSAaPKOliQq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y65FVQ7NTEJBXQ6Y
age: 221927
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cZohDeNRwUgaONTLit+xJE3dfHFvPeoV85c+KqhEP6x9pyiEj9eN5SLHPyGrwvD8EB0RQ7cMwU0=
last-modified: Thu, 19 Oct 2023 20:38:14 GMT
server: cloudflare
etag: W/"807d78fe3a15361dfb7d56b056c4ff12"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364bd4a9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 1802.ae7e323a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 116ms
112ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1802.ae7e323a.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb43c820ffcdf5d652e819dc71d25f6622e2343801b1f735afb9009a7450fecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: bOGdG_Dm5QiKWPw_IWskQqi3lBgbt4Va
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4RWGS0VFM4FNWVP5
age: 612140
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bLLlgnz15GdO3Hk/umNUyq7FpiS1Kt0ddJgI0gPdiCwzMnaRAk7ZnWTLk95uZRTq4kmnRai7z2M=
last-modified: Wed, 06 Dec 2023 19:17:03 GMT
server: cloudflare
etag: W/"d81c26289fcfadda97b7d717e3231f11"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd909136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 2295.fc4d4022.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
4 KB 116ms
112ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2295.fc4d4022.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0600ce05b2a4074728f771e0d80181ae3083c2ecfac70ce6d2c922673a353c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 2NwUdLtAzMdae9WdtESLR9bi4taNLBN9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: RN1SC7PSR11DVHHF
age: 47663
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Nk8C24PuV8REw+FpQmN+DRyJuvIdST32RYZhzlkD8UQ2rhGN7INiPWpMMwoiKrObDs9rpnlc1Z0=
last-modified: Thu, 19 Oct 2023 20:38:05 GMT
server: cloudflare
etag: W/"918104db6e0ba0217d96d70c6d3e2628"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd929136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 4078.da7800a7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 115ms
112ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4078.da7800a7.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e365238b8f3b49688bb6f1344496c0e25a3ebe4302c859856e937f18f403d6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: rrQLGST4J4fLi10qQKaFEEGE2uCdLnIB
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: JMNQXG241Z1AKDD1
age: 569744
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JDKUgr7bDQkYSNudSbjosT0Z1kpjd/6dqJ9h/Q01nBtvHq0GSGozpWYQ6m+4T3kDRlrrajvLq4A=
last-modified: Thu, 19 Oct 2023 20:38:08 GMT
server: cloudflare
etag: W/"6fe9bb13da7ba28df60248af83559170"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd939136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 8883.c8b03d13.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
10 KB 114ms
111ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8883.c8b03d13.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6371dbf8600466f6a05a06c3372f54b5df5ea4ce7e2145571a7f72886d61d879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: rqCBYLKOv.8NNDtk1ZWJs0i2M.e6fYOU
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A5KCZS907K5DFF0J
age: 1173671
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RJVkotYaB2FyGbXmgxrtRavmwdovW3HtDFYuf8SuY2B9bmi1SXDVFFKcTWrxzS7KCiXxKz6mLCs=
last-modified: Wed, 01 Nov 2023 19:54:54 GMT
server: cloudflare
etag: W/"db9f4f034f186af2c5d3eb5b06d84be1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd949136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 2550.1e47c72a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 120ms
117ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2550.1e47c72a.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e39db086caca58223de3df524aa07b239b7ed1f22389bad9152f49856ea423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: IKF33wadMy8HHgXQHHN2KaaYBfGUl0zV
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1XYR14MDVZQWDSD0
age: 855152
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GIRSLDaPZNj3szQCr8c4E83cn9KMnTY0gIqLm2vo6y0mzd5MAdX9PlnLnRPQmH7+dM2F6BuCTTM=
last-modified: Mon, 20 Nov 2023 19:28:29 GMT
server: cloudflare
etag: W/"f551d42670a62c36dd63dbfbbb69dde5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd969136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 9408.1c6d46ac.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 120ms
117ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9408.1c6d46ac.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf41c0f745c69819ec5b4be13b73116190e101893f9ecd134f934d76a28ce41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: 9a0Vl8lLKKEkTlipGC4nyQjlYhBe1bhG
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8BJ5QE0AXCPSRDZK
age: 244328
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dczVEUzqsTOhL8GIrOjCJyW6oCWX0x8b7hd2b/bRo/T8ValCGyAPAbOiZfCi6LICuanhXxYjlAo=
last-modified: Sat, 09 Dec 2023 01:10:53 GMT
server: cloudflare
etag: W/"a3c7d15ccc33a8cd97c10896abbd6d3b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd979136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 397.3f3848dd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
6 KB 115ms
111ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/397.3f3848dd.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

713c768820fa93aa134c827728ecdf03409eb00649a4415b8357b3ad9ed3e08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: vt5lwnVBknGNTmBBFfcQ02lOSOBVk1gx
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MTAMN615DCNQKPRX
age: 190813
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6/zuRBVp1eu3OCLwA7KUB5XD7zxZWSK3cUMp1MogxcVVHWlxZ34UUtqVWU4QGhAshoqbTWSV0NE=
last-modified: Mon, 11 Dec 2023 21:31:31 GMT
server: cloudflare
etag: W/"0d31237510b62489dba1c0cdd5a5f192"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd999136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 9150.42fafb2e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
2 KB 115ms
112ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9150.42fafb2e.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df22782693c9af50722c8e68c3bd5f0f2248d53b79cd278c2f0953d7b9d4571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: Juh7s6eqIR5VpuEFNUcPQ7B8LwsnUpKw
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: RN7HXARNCBXX8B4K
age: 492415
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JdEWkQYV5f8lXbdQuVjf4Ny8CryboZNimKTWaKr5gu64oXoUcCZKfYTDEEee4o0MurDa9dtzit4=
last-modified: Thu, 19 Oct 2023 20:38:15 GMT
server: cloudflare
etag: W/"78132c40ece3187924f4251503c0fe2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd9a9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 5005.b5d4a37c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 31 KB
3 KB 114ms
111ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5005.b5d4a37c.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed871cdd5c0d8def9f024a161b7b8e8cef778a47955c05a27fbdcf023b9fa4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: RisC25ILXQZI5zUiv0YF80pfrgqVmer.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NEESR8DSNFTRDXX8
age: 132141
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gDwQxxkhjYaqXGZpDeHuM/5206TkQdKZjAI80x8uyXp+PySrrr7QAvKdE31wzprOOt+qteOAvKnB/kENdCZAkw==
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"a72dda426ce4412cf5cdf2bd365c57c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fd9e9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 2393.db2f664e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 46 KB
16 KB 113ms
110ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2393.db2f664e.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99735ad6021c6806cd2b7ebaca42a5a04b9a9e4c98d9f45c886f4b8be5a71dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: fO0xoG4nBr3PZUWe3f_g2Eo0N1Ocqw0k
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MTAH1CP1K8099TNM
age: 190813
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vOTxl9PZh8RNLR4/903mgzzEvzgOVzoaP4CAbXHMMMxlqULNCBzvEOXmdSSx6g1y9uFQ5Q9ok3q7XPByWmgMDn5KzhoxcRx/
last-modified: Tue, 12 Dec 2023 14:28:23 GMT
server: cloudflare
etag: W/"43f7ad927a662a352a388ed76a105299"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fda19136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 5404.d8739341.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 134ms
131ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5404.d8739341.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dfac81a0410ed02d8be292a5f187f96305bf57e17a668090d2ce69aee1ce9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: ZrXSrAX.RwyyDZXU3FagsJnjKNyR6Cim
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 9K57EDWADRGJRER7
age: 411562
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zn2sbe5nF7/W7U6/JqIoqR5S42b99lcrGUvjeSlHXcpRSqXwmS99ctJ7kxjYxmXZaVXCioZffQdC2A/8f+k9vhrXbl0zMKe8
last-modified: Thu, 02 Nov 2023 18:44:08 GMT
server: cloudflare
etag: W/"243e34e22fc0c7f8fd1960513d508ba8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fda59136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 PostPage.MainContent.813f6ac1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 182 KB
45 KB 114ms
111ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.813f6ac1.chunk.js

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

202fd8e4d53101231f21781b96c76d540272d68291f6e0a38f8cb2a5df6e161f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
x-amz-version-id: R8IoCvyxM.bjlOoR7IshIv4Mg_BA4vSG
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 75B4RWBC04CHSST3
age: 96970
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gf0WBu8Gcf/qTzGdAz9cI8i80FqS4gByz17Nzx7L5olQoS9ovG2rx4aOaBWhELy/IS6WxZ5EFmI=
last-modified: Wed, 13 Dec 2023 14:58:16 GMT
server: cloudflare
etag: W/"0832c5667c3167445eb1b7a07338e70b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc4364fda79136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 182ms
83ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83cc4364ba67049f-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 224ms
179ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2385774
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc43651b165c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 105ms
61ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5069395
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc43651af75c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 184ms
140ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2471742
x-envoy-upstream-service-time: 101
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc43651b035c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 184ms
141ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2385046
x-envoy-upstream-service-time: 71
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc43651b085c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H3 200 source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 222ms
179ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2649078
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc43651b0b5c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 144ms
101ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2654761
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc43651afe5c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ 1 KB
2 KB 82ms
78ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 411522
x-envoy-upstream-service-time: 36
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc: h3=":443"; ma=86400
content-length: 1310
x-request-id: 5b2d1bbe-38d2-4e8e-8dc1-08a7efb64469
sepia-upstream: medium
server: cloudflare
etag: "qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231012-152649-b8092c91fb
accept-ranges: bytes
cf-ray: 83cc43650dab9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 1*HLuuWGg-3qHX2GXjVLyJ1w.jpeg
miro.medium.com/v2/resize:fill:88:88/ 2 KB
2 KB 165ms
161ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:88:88/1*HLuuWGg-3qHX2GXjVLyJ1w.jpeg

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127e511620650c5dbb621505397bbf957f96197faaa40201ca8e9395ae5ae35f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
x-envoy-upstream-service-time: 94
content-disposition: inline; filename="1*HLuuWGg-3qHX2GXjVLyJ1w.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 2030
x-request-id: dba880b7-12d5-4f2d-9115-3e5af9799c9a
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "9ivaNyhTKaKecaYmZr68Fn9V98S0df7YQu7TMR33mwc/RIjFjYmJhZTU4NjgzZWRlYTFkN2Q4NjVlMzU0YmM4OWQ3Ig"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc43650dad9136-FRA
expires: Fri, 27 Dec 2024 19:38:22 GMT

GET
H2 200 0*y-Tu7BaCQPAT6r8W
miro.medium.com/v2/resize:fit:720/format:webp/ 21 KB
22 KB 498ms
494ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/0*y-Tu7BaCQPAT6r8W

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61bf3f62206ef33020e9d870d8537d2dbf5d290dbe31c98af8edc52c43760eb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:23 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 408
content-disposition: inline; filename="0*y-Tu7BaCQPAT6r8W.webp"
alt-svc: h3=":443"; ma=86400
content-length: 21862
x-request-id: 7193a224-8819-4df6-8fa7-12915ada61ea
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RImI4ZGU2OWY4ZmUxNGMyOGIwNDM3MjkyNjNjOTkzODQxIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc43650daf9136-FRA
expires: Fri, 27 Dec 2024 19:38:23 GMT

GET
H2 200 0*IXwrjgGpNxQRaHDi
miro.medium.com/v2/resize:fit:720/format:webp/ 21 KB
21 KB 170ms
167ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/0*IXwrjgGpNxQRaHDi

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ae691b434a999f35bcf86d79d9bbb8af5d470fe40013f6becb75c114c7ec418

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:23 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 408
content-disposition: inline; filename="0*IXwrjgGpNxQRaHDi.webp"
alt-svc: h3=":443"; ma=86400
content-length: 21460
x-request-id: ce19e9a2-3eeb-490f-90d7-26686dcdd16e
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjYxZjUyM2Y1NDZlYjA3ODU5ZmNhNjI3OGEwOTMwOTM3Ig"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc43650db29136-FRA
expires: Fri, 27 Dec 2024 19:38:23 GMT

GET
H2 200 0*Aov1_YZC5j7H3dZo
miro.medium.com/v2/resize:fit:720/format:webp/ 35 KB
35 KB 193ms
190ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/0*Aov1_YZC5j7H3dZo

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4295c9a45c981c29db8b9fdff332c81a9761cbebaf34bc5ce6cff29b9ec056b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:23 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 304
content-disposition: inline; filename="0*Aov1_YZC5j7H3dZo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 35938
x-request-id: 40db0947-3494-4d31-afc5-68a697a43f02
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjFjZGNhMTYyZTZkMmFkOTNmZTFiOGJlNTI1ODkzZTU0Ig"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc43650dba9136-FRA
expires: Fri, 27 Dec 2024 19:38:23 GMT

GET
H3 200 0*m5fG0iQ4C-dXq-Eg
miro.medium.com/v2/resize:fit:720/format:webp/ 18 KB
19 KB 171ms
170ms Image
image/webp 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/0*m5fG0iQ4C-dXq-Eg

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80228ce450c1e90076bc40e1b931f9c5af56a49fa9ee472e88980b1565f8c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:23 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 489
content-disposition: inline; filename="0*m5fG0iQ4C-dXq-Eg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18920
x-request-id: afbce8c3-2352-4821-a7e3-c46f48b7bb8e
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjk2NmNlZjYzOTE5ZjRlZWQ1MzMyZGU2OWNjYTYwMDgxIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc43653c8f6977-FRA
expires: Fri, 27 Dec 2024 19:38:23 GMT

GET
H3 200 0*F8KZCdD0fq943n_f
miro.medium.com/v2/resize:fit:720/format:webp/ 4 KB
5 KB 159ms
158ms Image
image/webp 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/0*F8KZCdD0fq943n_f

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b33d19d685d2abbc593f090c99711a41f4d9443fb377120cf334a9a9b07a5ec5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:23 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 214
content-disposition: inline; filename="0*F8KZCdD0fq943n_f.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4174
x-request-id: 1db5d8df-77aa-46cd-ba4a-e749505c8fa4
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjkzNjQ1NWQ2YzNmYzI1ZjQ1YWM3MmVjMTZlY2Q1NmFiIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc43653c916977-FRA
expires: Fri, 27 Dec 2024 19:38:23 GMT

GET
H3 200 2230.c546f16c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 3256ms
3256ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2230.c546f16c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.a13f771f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:23 GMT
x-amz-version-id: xWJf__tEGtfK6SYsYt3.b.Ctl1FYrL2e
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NWQA4V69B6R8CXEC
age: 651478
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YpocriCW8Y4fQGU/OIaMp0zZkBtCqHFtQKKf20MwZhFDFCTGB8/FCcpPV8nbpA1C7mqspJLXPUUThBby4hZxPtjI2TRsg3xy
last-modified: Thu, 19 Oct 2023 20:38:05 GMT
server: cloudflare
etag: W/"5b5ebdea4bda0086b419f1dc8ca91a75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc436a29dc6977-FRA
expires: Fri, 27 Dec 2024 19:38:23 GMT

POST
H3 200 /
garykongcybersecurity.medium.com/_/clientele/reports/performance/ 0
0 3402ms
3401ms Fetch
text/plain 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d25eb205.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, clientele/main-20231219-145619-fa9dd934c1
x-envoy-upstream-service-time: 15
cf-ray: 83cc437e587c6977-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 3190ms
3189ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/gt-super-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3762676
x-envoy-upstream-service-time: 114
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc437e5e995c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:26 GMT

GET
H3 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:32:32/ 654 B
1 KB 3191ms
3190ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:32:32/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f80202a0810222c440db2cc0e6e72c1d506ffffb2787b645f25015365c730f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:26 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 234818
x-envoy-upstream-service-time: 75
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc: h3=":443"; ma=86400
content-length: 654
x-request-id: f2ae0a0e-35d2-477f-a54f-d5219da8d6ad
sepia-upstream: medium
server: cloudflare
etag: "VTmW7ah-o-FUAvHL4e3x8h_5hymB7pNjuuPgkvYQ7_o/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231012-152649-b8092c91fb
accept-ranges: bytes
cf-ray: 83cc437e587e6977-FRA
expires: Fri, 27 Dec 2024 19:38:26 GMT

GET
H3 200 1*HLuuWGg-3qHX2GXjVLyJ1w.jpeg
miro.medium.com/v2/resize:fill:44:44/ 1 KB
1 KB 3280ms
3280ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:44:44/1*HLuuWGg-3qHX2GXjVLyJ1w.jpeg

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8555a45cb6f6a1b0c1b2a37ebdbc8371ad50d4eef3cc0f4043bc946b22ad95f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
x-envoy-upstream-service-time: 103
content-disposition: inline; filename="1*HLuuWGg-3qHX2GXjVLyJ1w.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 1070
x-request-id: 9d47cf7a-1f44-432e-b382-5fc8c3445135
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "VFtDBYghopYX6OCmJOe93DhtJ6cQniVvC40f8GKBXcI/RIjFjYmJhZTU4NjgzZWRlYTFkN2Q4NjVlMzU0YmM4OWQ3Ig"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231207-145203-3b70adbedf
accept-ranges: bytes
cf-ray: 83cc437e58806977-FRA
expires: Fri, 27 Dec 2024 19:38:27 GMT

GET
H3 200 5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/da:true/resize:fit:0/ 300 KB
300 KB 3176ms
3176ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/da:true/resize:fit:0/5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74

Requested by

Host: garykongcybersecurity.medium.com
URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:26 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 43858
x-envoy-upstream-service-time: 206
content-disposition: inline; filename="5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74.png"
alt-svc: h3=":443"; ma=86400
content-length: 306868
x-request-id: 055333f1-90c3-40cd-a8ed-a375113a7b0a
sepia-upstream: medium
server: cloudflare
etag: "_89iZTbMWFrDAXoszgLV1LA1pq4J7sBwEDXleeW4l1U/RIjIwZDEwN2Y4NjUyZGRjYWYzMDBkNGYxNjllNjMwODQ5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231127-173346-ccfb11c0ce
accept-ranges: bytes
cf-ray: 83cc437e58826977-FRA
expires: Fri, 27 Dec 2024 19:38:26 GMT

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 129 B
720 B 3292ms
3292ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e33275cf0e9a21c2d6c66fd55f0862ff65aa194f34836790ed99ba67ead874b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"81-GNo/gsqZy1bOktSIgv+LbIzcV2M"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3
cf-ray: 83cc437e58846977-FRA
x-request-received-at: 1703792307120

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 19 KB
2 KB 3234ms
3234ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddf6c7cc72017566d55585e05f51c5d20200d289e4b0d94dcf59a0f9f79d6502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: VariantFlagsQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 21
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"4b40-7KVF1O9swulClBTHAw3GIgGtILU"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3
cf-ray: 83cc437e58876977-FRA
x-request-received-at: 1703792307031

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 80 B
700 B 3234ms
3234ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: AvatarMenuQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"50-uwdNQiS1cauYvMsRotgPVGuGSSE"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3
cf-ray: 83cc437e58886977-FRA
x-request-received-at: 1703792307032

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 806 B
1014 B 3273ms
3273ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f3f8460a173897cb44e25f4c02063d4e6ad594144dff9ecde79ae01dadd47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 88
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"326-c3JYC5aLJrRCwR5TnGjzB6I/kJ4"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3, tutu/main-20231219-223821-369a420078
cf-ray: 83cc437e588a6977-FRA
x-request-received-at: 1703792307034

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 33 B
658 B 3235ms
3235ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400
content-length: 33
x-xss-protection: 0
server: cloudflare
etag: W/"21-wYWzkSPGnZEMaisoTvxqzNqNGzY"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3, tutu/main-20231219-223821-369a420078
cf-ray: 83cc437e588b6977-FRA
x-request-received-at: 1703792307049

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 16 KB
4 KB 3382ms
3374ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

594f201e4b4918732abea50cba724af874490979a7a60fd8e9931cae4947a213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: MoreFromMediumRecircQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 207
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"3ff7-KGUZ2kGYFloIzCficXByOFKmJWg"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3, tutu/main-20231219-223821-369a420078
cf-ray: 83cc437e588c6977-FRA
x-request-received-at: 1703792307027

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 27 B
622 B 3230ms
3220ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: ViewerQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400
content-length: 27
x-xss-protection: 0
server: cloudflare
etag: W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3
cf-ray: 83cc437e588e6977-FRA
x-request-received-at: 1703792307032

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 78 B
724 B 3234ms
3223ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeab504dfdfa03d0c8823de969c69a76cb71cba411db3d6440f08da2a18bda89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"4e-/5Mz9Bph2htva2dBi1yEx6p+xCw"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3, tutu/main-20231219-223821-369a420078
cf-ray: 83cc437e588f6977-FRA
x-request-received-at: 1703792307033

POST
H3 204 rum Show response
garykongcybersecurity.medium.com/cdn-cgi/ 0
153 B 53ms
40ms XHR
text/plain 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://garykongcybersecurity.medium.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83cc437fd9fa6977-FRA

GET
H3 200 GiveTipButton.7844a2d2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 60ms
60ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/GiveTipButton.7844a2d2.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.a13f771f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
x-amz-version-id: 5wxFaPBbZuXVEH4zg8t9Fz46CDAnJYq7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CJ62WD4Q898WG2EE
age: 1175140
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IVrWCYWvwXUgDj1tmKZOMMZcJjtCthP1H7NnYiTCimppg9Qh9Ql3gbG9sRFoViGi7SUAprzsTug=
last-modified: Thu, 19 Oct 2023 20:38:24 GMT
server: cloudflare
etag: W/"c9d3c6b5a486ea6dcc919c927917cf19"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83cc43816bbe6977-FRA
expires: Fri, 27 Dec 2024 19:38:27 GMT

POST
H3 200 /
garykongcybersecurity.medium.com/_/clientele/reports/performance/ 0
0 187ms
187ms Fetch
text/plain 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d25eb205.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, clientele/main-20231219-145619-fa9dd934c1
x-envoy-upstream-service-time: 21
cf-ray: 83cc43817be56977-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 /
garykongcybersecurity.medium.com/_/clientele/reports/performance/ 0
0 197ms
194ms Fetch
text/plain 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d25eb205.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, clientele/main-20231219-145619-fa9dd934c1
x-envoy-upstream-service-time: 15
cf-ray: 83cc43817bea6977-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 140ms
50ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfdd789ca06e1f450a216d30fa767a5dfb56b27ed96a82f1434e0d56a1f6df5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 19:38:27 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 71 KB
22 KB 185ms
63ms Script
text/javascript 18.161.111.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: t.co
URL: https://t.co/fhrZZuhcX3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-73.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b3106a5a411804e9ee3be2158fb491408aa4dc923e03a0c74376f30bc323333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: UkfElG6yIzo.BOEWL6zP4sMZe23_jxRr
content-encoding: gzip
via: 1.1 ced538a87283abb388c3d6022c27f752.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 19:33:38 GMT
last-modified: Thu, 14 Sep 2023 19:53:04 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P4
age: 290
etag: "17a75c4dd4a7b15a4695cb6822521c62"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22162
x-amz-cf-id: WLaIK5S8b5tIezOgKewWePnTNGqoNCQCSNFXUov-z0YQtxzbXFbJwg==

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 59ms
59ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://garykongcybersecurity.medium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2396940
x-envoy-upstream-service-time: 75
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 83cc4383bc205c38-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Dec 2024 19:38:27 GMT

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 3 KB
819 B 277ms
277ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4232f53692e687c32a9c8ea41994276eabca9f5719749b6299b303586c4ebce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 111
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"c34-WdHhux/CLpnVsD+g2felK82egBo"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3, tutu/main-20231219-223821-369a420078
cf-ray: 83cc4385f91d6977-FRA
x-request-received-at: 1703792308234

GET
H2 200 _r Show response
app.link/ 91 B
634 B 320ms
195ms Script
text/javascript 2600:9000:2057:e200:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.80.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

ce5b62af8931ac28bde8ed23497acfc71754f7660a813b0d335c96b69bf5bd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:38:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: FRA6-C1
etag: W/"5b-vn7a+Kj5JaFFq7fluAViSXy5Dcs"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: fJdYMofcWn7v4yU22rB3m0wT8YK5tRIaVSLHLPMFjkf8S-qo4hgkUA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
266 B 155ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JY7T788PK&gtm=45je3bt0v9123887712&_p=1703792307426&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=923335152.1703792308&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703792308&sct=1&seg=0&dl=https%3A%2F%2Fgarykongcybersecurity.medium.com%2Ftechnical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1&dr=https%3A%2F%2Ft.co%2F&dt=Technical%20Analysis%20of%20ProfileVisitor%20Malware%20on%20Facebook%20%7C%20by%20Gary%20Kong%20%7C%20Medium&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5809
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 19:38:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://garykongcybersecurity.medium.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 graphql Show response
garykongcybersecurity.medium.com/_/ 81 B
477 B 188ms
188ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6c8730fd605ecca0a20d732288179fa0d3b80b5fb53e87befe6ca8326d5e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 57a0b6aa24247f20
medium-frontend-path: /technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
medium-frontend-app: lite/main-20231219-233042-49fba430e3
apollographql-client-version: main-20231219-233042-49fba430e3
ot-tracer-spanid: 24c75d3e07c92535

Response headers

date: Thu, 28 Dec 2023 19:38:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"51-h+ZWgz+3ysU8m0/tGETdy0XFlS4"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7, rito/main-20231219-233042-49fba430e3
cf-ray: 83cc4386495f6977-FRA
x-request-received-at: 1703792308285

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
689 B 298ms
194ms XHR
application/json 2600:9000:206f:600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

feb41160f4dd90030a52370a2e80881d99ca686c119af4ad1035f377d5c1e042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Dec 2023 19:38:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 1c11f870-e3a2-4330-85c9-ad353bf6b35d-2023122819
content-length: 316
x-amz-cf-id: 1Q-WrofQqnN9K89TF6Lj5aJlAH2agivbB-AKEun0--l2FWruwnXq6g==

POST
H3 200 oh-noes
garykongcybersecurity.medium.com/_/ 102 B
0 216ms
215ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/oh-noes

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d25eb205.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://garykongcybersecurity.medium.com https://.garykongcybersecurity.medium.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Thu, 28 Dec 2023 19:38:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://garykongcybersecurity.medium.com https://*.garykongcybersecurity.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-powered-by: Medium
x-obvious-info: 20231219-2239-root,369a4200
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1703792308801:14aaee388b8c
server: cloudflare
worker-missing-cookies: 0
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7
cf-ray: 83cc43896c736977-FRA
link: <https://medium.com/humans.txt>; rel="humans"
x-opentracing: {"ot-tracer-spanid":"3d2822f14a42b350","ot-tracer-traceid":"43963f685a7e77a4","ot-tracer-sampled":"true"}
expires: Thu, 09 Sep 1999 09:09:09 GMT

POST
H3 200 batch Show response
garykongcybersecurity.medium.com/_/ 17 B
277 B 322ms
321ms Fetch
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garykongcybersecurity.medium.com/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.d25eb205.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Thu, 28 Dec 2023 19:38:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json
medium-fulfilled-by: edgy/8.7.0, valencia/main-20231215-182944-3ed0d63de7
x-envoy-upstream-service-time: 157
cf-ray: 83cc43896c7b6977-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
432 B 213ms
213ms XHR
application/json 2600:9000:206f:600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Dec 2023 19:38:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 43862b32e24c4c37a25ed1993e5b534d-2023122819
content-length: 28
x-amz-cf-id: DLKUlfi34On2BiLn2FzOCZEIse8mX28aAt0_pf0lekXVzCr-wqAuEw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
431 B 210ms
209ms XHR
application/json 2600:9000:206f:600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Dec 2023 19:38:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f985405e77c541368ac1e60c88fd62b6-2023122819
content-length: 28
x-amz-cf-id: 7-cYR7uPtVY2ci53hEfwBSb0Am54des7FTIshn1b3CJ4x5unflalBQ==

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 02:46:46	Name: muc Value: b66e8910-312c-4bd2-b845-0bf09999665f
.medium.com/	1970-01-21 02:52:32	Name: uid Value: lo_6ee2e52f2d24
garykongcybersecurity.medium.com/	1970-01-20 17:16:33	Name: _dd_s Value: rum=0&expire=1703793203704
.medium.com/	1970-01-21 02:52:32	Name: sid Value: 1:Dn49G3srfTzBQatCxKhij2DZoSxXt+me3rzSVd9GOjSKwpbOQFpXkjBXK6+COLxG
.medium.com/	1970-01-21 02:52:32	Name: _ga_7JY7T788PK Value: GS1.1.1703792308.1.0.1703792308.0.0.0
.medium.com/	1970-01-21 02:52:32	Name: _ga Value: GA1.1.923335152.1703792308
.app.link/	1970-01-21 02:02:08	Name: _s Value: phfhVNQGtADO2uyOOpBMzSEjxUd%2FpYQU0VPaZWLbcJv59kwNrAC4BSZ0vvAdcg7N

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://garykongcybersecurity.medium.com/technical-analysis-of-profilevisitor-malware-on-facebook-9c274d576df1(Line 41) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
garykongcybersecurity.medium.com
glyph.medium.com
miro.medium.com
region1.google-analytics.com
static.cloudflareinsights.com
t.co
www.googletagmanager.com
104.244.42.5
18.161.111.73
2001:4860:4802:34::36
2600:9000:2057:e200:19:9934:6a80:93a1
2600:9000:206f:600:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6810:3865
2a00:1450:4001:802::2008
046c5911ce94f822a071f7d2f21cb43c926da851bb3b5ddb95fcd705e1dffe27
0600ce05b2a4074728f771e0d80181ae3083c2ecfac70ce6d2c922673a353c14
0ae691b434a999f35bcf86d79d9bbb8af5d470fe40013f6becb75c114c7ec418
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0e33275cf0e9a21c2d6c66fd55f0862ff65aa194f34836790ed99ba67ead874b
127e511620650c5dbb621505397bbf957f96197faaa40201ca8e9395ae5ae35f
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1f3f7e27c4bb5a99d6e4d13108c496731dc6449349e7a5f047532a3c28dc7a37
202fd8e4d53101231f21781b96c76d540272d68291f6e0a38f8cb2a5df6e161f
24183a1040266651c9220130eeb24ae69eaf1aea2f6cdf2928c47c1d28ec616f
25c1b36214d83b9a649ee538d8c916ca3d4ba46af837a20220c5bb6afb1a6288
2f80202a0810222c440db2cc0e6e72c1d506ffffb2787b645f25015365c730f0
36958875136eaa028381ba1b7c0169a46c0a3a80b12a2be773ec5e30479e3e87
37a92f6f729051d8f507d8e2102fb6ff65523e1cac9a02c5cf73f1503b446dfc
3df22782693c9af50722c8e68c3bd5f0f2248d53b79cd278c2f0953d7b9d4571
3dfdb6f5b4806f1c38df4fe8759a9de97db51013d581eab964f30e0168c63824
3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
45e39db086caca58223de3df524aa07b239b7ed1f22389bad9152f49856ea423
46e758010f351793913ddca875cd4d6b107e4fe8b263b352c1da5b2f3d151021
4dfac81a0410ed02d8be292a5f187f96305bf57e17a668090d2ce69aee1ce9bf
4e6c8730fd605ecca0a20d732288179fa0d3b80b5fb53e87befe6ca8326d5e0a
541c035ef923be8f54083230d5c5886534702abd3284322b203a6de9e17e7271
594f201e4b4918732abea50cba724af874490979a7a60fd8e9931cae4947a213
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61bf3f62206ef33020e9d870d8537d2dbf5d290dbe31c98af8edc52c43760eb2
6371dbf8600466f6a05a06c3372f54b5df5ea4ce7e2145571a7f72886d61d879
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
6a73928425ff2b349ec8c4d112464714b897db4f905ac8456fd043f6910533f9
6b3106a5a411804e9ee3be2158fb491408aa4dc923e03a0c74376f30bc323333
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
713c768820fa93aa134c827728ecdf03409eb00649a4415b8357b3ad9ed3e08e
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
7d2aa006bf27911a62f151436d7b3d12e24397c9c2befb9821f14808327adbd0
82a2d5c3934b1cdc633bdc0eed2c3470c223e94f264d90e0361bbd712f10215c
8555a45cb6f6a1b0c1b2a37ebdbc8371ad50d4eef3cc0f4043bc946b22ad95f8
8cf41c0f745c69819ec5b4be13b73116190e101893f9ecd134f934d76a28ce41
8d3e598ba737be043c5d785d54f858660c4dd4d22805b22a550876b017830f6b
93efcb5760c80b2b05a06369f841dec8894aec84f393f473d4a98c97d753637c
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
99735ad6021c6806cd2b7ebaca42a5a04b9a9e4c98d9f45c886f4b8be5a71dd1
9be1ef395d225719d66914259410ea9cc8f5e486bc4aefc93b377fca48c5739e
9d4cacc612c452bdcc10a085e37f00f77d8863cb1e8fe669ca02c1156f2cb712
a4232f53692e687c32a9c8ea41994276eabca9f5719749b6299b303586c4ebce
a4295c9a45c981c29db8b9fdff332c81a9761cbebaf34bc5ce6cff29b9ec056b
a63874daccb3ac3ed721179b9daf59fc73ac9699fcd1b1af58e3e1dc0b694797
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d
aeab504dfdfa03d0c8823de969c69a76cb71cba411db3d6440f08da2a18bda89
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b33d19d685d2abbc593f090c99711a41f4d9443fb377120cf334a9a9b07a5ec5
b8f3f8460a173897cb44e25f4c02063d4e6ad594144dff9ecde79ae01dadd47e
bb43c820ffcdf5d652e819dc71d25f6622e2343801b1f735afb9009a7450fecd
bd2dcb0368169699d98c9d06f7e81ddd178bc84e5981d3d5be75edb847b44358
c07430ac1075c62498346fe13ef2ebc6c1981eec9947dd244e5a16bff4133cee
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
ce5b62af8931ac28bde8ed23497acfc71754f7660a813b0d335c96b69bf5bd76
cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182
cfdd789ca06e1f450a216d30fa767a5dfb56b27ed96a82f1434e0d56a1f6df5b
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0
ddf6c7cc72017566d55585e05f51c5d20200d289e4b0d94dcf59a0f9f79d6502
df605e20fe7a05e0513c248e17c5a98c7cbc43fc7017e09f74ebdffae434386f
e365238b8f3b49688bb6f1344496c0e25a3ebe4302c859856e937f18f403d6a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75b4a5cf951fb8847040cd14525c2cfbcf4447bf3fe36a769bda9ffa03ca2f5
ed80228ce450c1e90076bc40e1b931f9c5af56a49fa9ee472e88980b1565f8c2
ed871cdd5c0d8def9f024a161b7b8e8cef778a47955c05a27fbdcf023b9fa4b1
f09e7c4d12ebcda9fcc9c23c225f34b403b0d2a93aa45b3dd69e48530eb2cd3d
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
feb41160f4dd90030a52370a2e80881d99ca686c119af4ad1035f377d5c1e042
fee90f22ec5aa67deea4e6ae1310c03d4dc8ce56a74b853bf1e9ffa7cf2ced2c

garykongcybersecurity.medium.com Open in urlscan Pro 2606:4700:7::a29f:9904 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

78 %IPv6

7 Domains

11 Subdomains

9 IPs

2 Countries

1358 kBTransfer

3441 kBSize

7 Cookies

97 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

garykongcybersecurity.medium.com Open in urlscan Pro
2606:4700:7::a29f:9904 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

1358 kB
Transfer

3441 kB
Size

7
Cookies

83 HTTP transactions
0 data transactions