posts.specterops.io Open in urlscan Pro
52.5.181.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Effective URL:
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Submission: On June 09 via manual (June 9th 2021, 1:17:30 pm UTC) from US

Summary HTTP 132 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 132 HTTP transactions. The main IP is 52.5.181.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 2nd 2021. Valid for: a year.

This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	52.5.181.79 52.5.181.79	14618 (AMAZON-AES) (AMAZON-AES)
1 89	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:470... 2a02:26f0:4700:187::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.226.156.101 13.226.156.101	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	52.84.174.15 52.84.174.15	16509 (AMAZON-02) (AMAZON-02)
2	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:218... 2600:9000:218d:4600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:303... 2606:4700:3037::6815:3b80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b900:6f4e:6f3d:bfc3:43d2	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:218... 2600:9000:218c:e00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.45.34.218 52.45.34.218	14618 (AMAZON-AES) (AMAZON-AES)
132	12

18 52.5.181.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

posts.specterops.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:4700:187::13b8 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-101.dus51.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.174.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-15.cdg50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:4600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3037::6815:3b80 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:6f4e:6f3d:bfc3:43d2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:218c:e00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.34.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-34-218.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	1 MB
18	specterops.io 1 redirects posts.specterops.io	51 KB
10	medium.systems lightstep.medium.systems	3 KB
5	branch.io cdn.branch.io api2.branch.io	26 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	98 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
2	parsely.com p1.parsely.com	520 B
1	app.link app.link	562 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	19 KB
132	10

	Domain	Requested by
41	cdn-client.medium.com	posts.specterops.io cdn-client.medium.com
38	miro.medium.com	posts.specterops.io
18	posts.specterops.io	1 redirects cdn-client.medium.com
10	lightstep.medium.systems	cdn-client.medium.com
9	glyph.medium.com	posts.specterops.io glyph.medium.com
4	api2.branch.io	cdn-client.medium.com
3	www.google-analytics.com	posts.specterops.io cdn-client.medium.com
2	errors.client.optimizely.com	cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	p1.parsely.com	posts.specterops.io
1	app.link	cdn.branch.io
1	cdn.branch.io	posts.specterops.io
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	cdn.optimizely.com	posts.specterops.io
1	medium.com	1 redirects
132	15

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
www.specterops.io
policy.medium.com
twitter.com
bloodhound.readthedocs.io
github.com
docs.microsoft.com
bloodhoundgang.herokuapp.com
cmaddy.medium.com
cyb3rward0g.medium.com
about.medium.com
help.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
posts.specterops.io Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-05-06` - `2021-08-03`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.parsely.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
appipv4.link Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Frame ID: 687037C3EBD632E858B09940B8906884
Requests: 125 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound... HTTP 302
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

132
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

15
Subdomains

12
IPs

3
Countries

1390 kB
Transfer

3522 kB
Size

8
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_page-----28147dedb73b---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F28147dedb73b&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----28147dedb73b--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_page-----28147dedb73b---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.specterops.io/?source=post_page-----28147dedb73b--------------------------------
Title: specterops.io

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-rules-30e5502c4eb4?source=responses-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=responses-----28147dedb73b---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/@_wald0?source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fb9c2df322eaf&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=post_page-b9c2df322eaf----28147dedb73b---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://twitter.com/_wald0/status/1377713493969805318
Title: United States Department of Homeland Security

Search URL Search Domain Scan URL

URL: https://twitter.com/_wald0/status/1400157591641071616
Title: PricewaterhouseCoopers

Search URL Search Domain Scan URL

URL: https://bloodhound.readthedocs.io/en/latest/#install
Title: installed

Search URL Search Domain Scan URL

URL: https://bloodhound.readthedocs.io/en/latest/#collect-your-first-dataset
Title: data collection

Search URL Search Domain Scan URL

URL: https://github.com/BloodHoundAD
Title: here

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/security/compass/privileged-access-access-model
Title: tiered administration model

Search URL Search Domain Scan URL

URL: https://bloodhound.readthedocs.io/en/latest/
Title: https://bloodhound.readthedocs.io/en/latest/

Search URL Search Domain Scan URL

URL: http://bloodhoundgang.herokuapp.com/
Title: http://bloodhoundgang.herokuapp.com/

Search URL Search Domain Scan URL

URL: https://medium.com/u/43fe4a5cc44?source=post_page-----28147dedb73b--------------------------------
Title: Matt Hand

Search URL Search Domain Scan URL

URL: https://medium.com/u/74ad66811b78?source=post_page-----28147dedb73b--------------------------------
Title: Will

Search URL Search Domain Scan URL

URL: https://medium.com/u/e7dfc7678b59?source=post_page-----28147dedb73b--------------------------------
Title: Justin Kohler

Search URL Search Domain Scan URL

URL: https://medium.com/u/8ae4966ea2d?source=post_page-----28147dedb73b--------------------------------
Title: Duane Michael

Search URL Search Domain Scan URL

URL: https://medium.com/u/9bef3c9a8b49?source=post_page-----28147dedb73b--------------------------------
Title: Andrew Chiles

Search URL Search Domain Scan URL

URL: https://medium.com/u/e8d131c41615?source=post_page-----28147dedb73b--------------------------------
Title: Nick Powers

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&collection=Posts%20By%20SpecterOps%20Team%20Members&collectionId=f05f8696e3cc&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=post_sidebar-----28147dedb73b---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_sidebar-----28147dedb73b---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=post_actions_footer-----28147dedb73b---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@_wald0?source=follow_footer-------------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fb9c2df322eaf%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&user=Andy%20Robbins&userId=b9c2df322eaf&source=follow_footer-b9c2df322eaf-------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fspecter-ops-posts%2F28147dedb73b&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&collection=Posts%20By%20SpecterOps%20Team%20Members&collectionId=f05f8696e3cc&source=follow_footer--------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://cmaddy.medium.com/?source=post_internal_links---------0----------------------------
Title: Christopher Maddalena

Search URL Search Domain Scan URL

URL: https://medium.com/@hausec?source=post_internal_links---------1----------------------------
Title: Ryan Hausknecht

Search URL Search Domain Scan URL

URL: https://cyb3rward0g.medium.com/?source=post_internal_links---------2----------------------------
Title: Roberto Rodriguez

Search URL Search Domain Scan URL

URL: https://medium.com/@enigma0x3?source=post_internal_links---------3----------------------------
Title: Matt Nelson

Search URL Search Domain Scan URL

URL: https://cyb3rward0g.medium.com/?source=post_internal_links---------4----------------------------
Title: Roberto Rodriguez

Search URL Search Domain Scan URL

URL: https://cyb3rward0g.medium.com/?source=post_internal_links---------5----------------------------
Title: Roberto Rodriguez

Search URL Search Domain Scan URL

URL: https://medium.com/@djhohnstein?source=post_internal_links---------6----------------------------
Title: Dwight Hohnstein

Search URL Search Domain Scan URL

URL: https://cmaddy.medium.com/?source=post_internal_links---------7----------------------------
Title: Christopher Maddalena

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----28147dedb73b--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----28147dedb73b--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=post_page-----28147dedb73b--------------------------------
Title: Share your thinking.

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----28147dedb73b--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----28147dedb73b--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----28147dedb73b--------------------------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b HTTP 302
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b Show response
posts.specterops.io/
Redirect Chain

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

208 KB
42 KB

997ms
996ms

Document
text/html

52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

0051487bc2afbf337d6b21c8da4a30d72928a028671f7de87643d5fcaca0c69e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors medium.com

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 09 Jun 2021 13:17:10 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors medium.com
etag: W/"34105-I6A5zAis1XgtOzCSUvZdssyoo90"
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, lite/main-20210609-122752-a86bf69dd2, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
medium-missing-time: 342
set-cookie: uid=lo_1eccdae0deb0; Path=/; Expires=Thu, 09 Jun 2022 13:17:10 GMT; HttpOnly; Secure; SameSite=None sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; Path=/; Expires=Thu, 09 Jun 2022 13:17:10 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_1eccdae0deb0; Path=/; Expires=Thu, 09 Jun 2022 13:17:10 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 891
x-request-received-at: 1623244630087

Redirect headers

date: Wed, 09 Jun 2021 13:17:09 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
cf-ray: 65caa3780b114d84-FRA
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
set-cookie: uid=lo_1eccdae0deb0; Path=/; Domain=medium.com; Expires=Thu, 09 Jun 2022 13:17:09 GMT; HttpOnly; Secure sid=1:CMnhO4Jm1lC9TJvdqcNuek0j5kBEvldpIrAkHwlapr4it79MJkVYRJAeo3L6YUQT; Path=/; Domain=medium.com; Expires=Thu, 09 Jun 2022 13:17:09 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_1eccdae0deb0; Path=/; Domain=medium.com; Expires=Thu, 09 Jun 2022 13:17:09 GMT; Secure; SameSite=None __cfruid=3a4c9018c84e7b6d2f23a10b7d2fd612edc87192-1623244629; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 0a92847f0900004d8485371000000001
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/3, valencia/main-20210609-094911-28d03be7ba
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 53
x-frame-options: sameorigin
x-obvious-info: 20210609-0131-root,45538659
x-obvious-tid: 1623244629889:1c55a576a26a
x-opentracing: {"ot-tracer-spanid":"14a2bc250a32b97d","ot-tracer-traceid":"15f125b9f354b05d","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 unbound.css
glyph.medium.com/css/ 12 KB
1 KB 52ms
44ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3555
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a928483ee00004d8466a92000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 65caa37fe8114d84-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 09 Jun 2021 15:17:11 GMT

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 351 KB
98 KB 29ms
8ms Script
text/javascript 2a02:26f0:4700:187::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:187::13b8 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46b0ecc8a0ecad4ef53c708248aa404d994a6402d93e8c87684ed82183002a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: byVHBN9e6Zxg3TNaQSwjJw_hyEKXjet0
content-encoding: gzip
etag: "7e65365df53aa0831e873e38b4a91c32"
x-amz-request-id: SJ7ZDWCJVWCC5KW8
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 6608
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:4700:187::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 99067
x-amz-id-2: 7OsDFWEMWHne/y4W8CzstTPbgRQdPJafTmduMmK+6iPkX3ThdOi3XI4rZr0iLjtk39Cs69KXkvY=
last-modified: Tue, 08 Jun 2021 15:58:25 GMT
server: AmazonS3
date: Wed, 09 Jun 2021 13:17:11 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/304/ 7 KB
7 KB 125ms
121ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/304/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6883
cf-request-id: 0a928483ee00004d849031a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 65caa37fe80f4d84-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H2 200 2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/96/96/ 14 KB
14 KB 170ms
166ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/2*G-LlqSNRGI8wIrjrYRzWdA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa81e31ec1390eb8abbe1e81f0e31d02647972b161049d6160d88e5fad2b555

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 39
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14131
cf-request-id: 0a928483ee00004d8493298000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa37fe80e4d84-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 88ms
78ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4765538
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284842400004a61f2b47000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa3803edf4a61-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 24 KB
25 KB 95ms
84ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4779915
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284842700004a61bdbbb000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa3803ee44a61-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 0*l7ieaNG6vq0va1Gj
miro.medium.com/max/60/ 915 B
1 KB 126ms
113ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*l7ieaNG6vq0va1Gj?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63b78b9ab30410dda3b9bf91064e911e35693a43157f41b1044c6647fcf65216

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 223
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 915
cf-request-id: 0a928484770000d6d575156000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfbed6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*hQOTUPDJWKCgKkqR
miro.medium.com/max/60/ 1 KB
1 KB 141ms
127ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*hQOTUPDJWKCgKkqR?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd9f3a790a6dd4f8ce63c68a1e4d915f20b225fcac6fb21f3d2ba27c0faaab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 161
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1046
cf-request-id: 0a928484790000d6d5c59d8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfccd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*y5cr36k-vq0ct3c6
miro.medium.com/max/60/ 1 KB
2 KB 134ms
121ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*y5cr36k-vq0ct3c6?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a6990e27b86a035b6ca5dacb9137b852b4a470939697f95eb8a420d0d3e0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 196
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1171
cf-request-id: 0a928484760000d6d598925000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfbcd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*WoT0Kq2HtrirZKDO
miro.medium.com/max/60/ 1 KB
2 KB 127ms
112ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*WoT0Kq2HtrirZKDO?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507a30c31ab0504d0a4b0e823b52ec6ee696f009dd6ee705501777a7133d2a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 260
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1274
cf-request-id: 0a9284847e0000d6d5e61f5000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfe3d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*nXE_q96fLQsU3geK
miro.medium.com/max/60/ 1 KB
2 KB 148ms
134ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*nXE_q96fLQsU3geK?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c8980c52933cd778a3ad336871fcc88440ed7fb33f38cfe0f616e144243ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 278
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1275
cf-request-id: 0a9284847d0000d6d588b62000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfddd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*60cVEBpj_uqQPPhA
miro.medium.com/max/60/ 2 KB
3 KB 170ms
156ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*60cVEBpj_uqQPPhA?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b66358492fc0e1f5ac41b2fdc25c96d1c129615754c88704ad972a7367d32032

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 249
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2303
cf-request-id: 0a9284847f0000d6d5a52b9000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfe7d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*w6N0SV0ewzr6AeJb
miro.medium.com/max/60/ 2 KB
2 KB 135ms
122ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*w6N0SV0ewzr6AeJb?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653a562eba0bb3a78db868c907c969e337a4ee74f13c766e1978d2d8f6d251d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 388
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1959
cf-request-id: 0a9284847a0000d6d5d2a25000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfd0d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*3o2-bd4lW-NouJH2
miro.medium.com/max/60/ 2 KB
2 KB 130ms
117ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*3o2-bd4lW-NouJH2?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41369f4e1f416398d97cce9eb2aed485e130961d0f30dee4d80a91519ecf81a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 186
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1950
cf-request-id: 0a9284847e0000d6d5d51ea000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfe6d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*Rj9ouvdfNdZb0nVm
miro.medium.com/max/60/ 2 KB
2 KB 140ms
128ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*Rj9ouvdfNdZb0nVm?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e340a49d8095fbbd3fd135140fc7090ece24ff63f90a7c30a9b85c06904d609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 179
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2051
cf-request-id: 0a9284847b0000d6d58b09f000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfd7d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*n-qyuvtFN73-rQwj
miro.medium.com/max/60/ 2 KB
3 KB 146ms
134ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*n-qyuvtFN73-rQwj?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae595460c58e158ec4fdaec962e5ab6309aa5356334a1af3afeb8b77d6424df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 327
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2288
cf-request-id: 0a9284847b0000d6d5938aa000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfd5d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*eZ6Vy-8U7BKDjIsR
miro.medium.com/max/60/ 1 KB
2 KB 133ms
121ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*eZ6Vy-8U7BKDjIsR?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b2ba524e89cadd46eefa8f3f653bac8ab3cc47267cb8bf419ef64ad56d31874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 192
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1246
cf-request-id: 0a9284847a0000d6d5acad9000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfd2d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*guXvp-zCoiviZLZD
miro.medium.com/max/60/ 3 KB
3 KB 126ms
115ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*guXvp-zCoiviZLZD?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f26ea681118b91a7c24d4fa45b2cfc97382023713549d6e2eb9da58d4f121c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 210
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2562
cf-request-id: 0a928484790000d6d57c8b8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfc8d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*75cnVtC-WR12gcZR
miro.medium.com/max/60/ 2 KB
3 KB 133ms
123ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*75cnVtC-WR12gcZR?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6736bbcf43d65775f5bcd9126f0e0cbb896edb1081d27e9a370243e8e947814

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 299
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2254
cf-request-id: 0a928484790000d6d5862f2000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfcbd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*nJrHJrTwCOHuo1xr
miro.medium.com/max/60/ 1 KB
2 KB 134ms
124ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*nJrHJrTwCOHuo1xr?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a02d3876264c8b8bbbbb097ad7411acabee81b3287b59fce1565fc1db94e573

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 195
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1353
cf-request-id: 0a928484760000d6d591205000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfb9d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*dYVe2B1dZ3Sh0FbC
miro.medium.com/max/60/ 2 KB
3 KB 145ms
135ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*dYVe2B1dZ3Sh0FbC?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ba1439124da243b102483d0d3b16a41d1481e65595b9eca9ca33e8979079cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 194
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2220
cf-request-id: 0a928484760000d6d58c266000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfbad6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*6vY6SdR6AN0PK2yk
miro.medium.com/max/60/ 2 KB
2 KB 143ms
135ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*6vY6SdR6AN0PK2yk?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd2006dbe3978bf125cb1e0002f09cbcd4ca6801ff701e52e53aa50c0fa190d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 307
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1837
cf-request-id: 0a928484790000d6d59f17b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfb7d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*PZ23onC-Fceylw4h
miro.medium.com/max/60/ 1 KB
2 KB 135ms
124ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*PZ23onC-Fceylw4h?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b6d83778ce23802c3aa319ce965bb679e791209f334605643f8d9b17083e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 212
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1351
cf-request-id: 0a928484800000d6d5e1826000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfe9d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*fUVzGeytpo_DtQH5
miro.medium.com/max/60/ 1 KB
2 KB 126ms
117ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*fUVzGeytpo_DtQH5?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50bd82b1547e2db3bef7b27bed0aa7d436e51ef509c2adf789a66c7db6254dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 277
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1529
cf-request-id: 0a928484770000d6d579381000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfc1d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*WBmWRoh0RedmPoiG
miro.medium.com/max/60/ 2 KB
2 KB 124ms
115ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*WBmWRoh0RedmPoiG?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c4cd3264cdb8f145d364e09586abb4c9b7f36fc6c07729ced48ccbf643c000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 254
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1806
cf-request-id: 0a9284847a0000d6d5cd915000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfced6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*NERR0eV1cOAXBAUX
miro.medium.com/max/60/ 3 KB
4 KB 161ms
153ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*NERR0eV1cOAXBAUX?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c1f1559a072531c1dcc82d9356ac612b1de4eab8110684e2c781632d48bfa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 226
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3331
cf-request-id: 0a928484840000d6d5dd151000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfdfd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/160/160/ 34 KB
35 KB 142ms
134ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/2*G-LlqSNRGI8wIrjrYRzWdA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2735c24ff06af9bb0a0a46bc9b8bcdfa595a4ff72e2f28b7a96992ad41faa688

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34957
cf-request-id: 0a9284847d0000d6d5ca1dc000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa380bfe1d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/160/160/ 6 KB
7 KB 117ms
110ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 55
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6539
cf-request-id: 0a9284847c0000d6d5729ee000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 65caa380bfdbd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 2*G-LlqSNRGI8wIrjrYRzWdA.png
miro.medium.com/fit/c/80/80/ 10 KB
11 KB 145ms
139ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/2*G-LlqSNRGI8wIrjrYRzWdA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e3bf7cb09a27738c8d9e14ed5254d5e415e4fce8355d3bbe51408a34eec8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10278
cf-request-id: 0a9284847b0000d6d5a19c4000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210422-105256-5b410a3e87
accept-ranges: bytes
cf-ray: 65caa380bfd8d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 124ms
118ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2735
cf-request-id: 0a9284847c0000d6d5be3d6000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 65caa380bfdad6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 1*dy7MvBD79mkCTajDbSssBw.jpeg
miro.medium.com/max/60/ 993 B
1 KB 130ms
124ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*dy7MvBD79mkCTajDbSssBw.jpeg?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd42b41715639d00fdd524dae4734968e91e05abb368514929b740af942ddb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 21
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 993
cf-request-id: 0a9284847c0000d6d5c7acf000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210311-232728-83f0b07bc9
accept-ranges: bytes
cf-ray: 65caa380bfdcd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*GHniN9KHMioCdUW5
miro.medium.com/max/60/ 3 KB
3 KB 122ms
118ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*GHniN9KHMioCdUW5?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

172f5b7d6aea73d3fb57d7638c740eeeff4b607a1aa0308d04b9b8f00ab49cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2661
cf-request-id: 0a9284847f0000d6d583b81000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210513-222243-c9213fabbf
accept-ranges: bytes
cf-ray: 65caa380bfead6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 1*ezJx8ZEu1Va14iscq_h5Gg.png
miro.medium.com/max/60/ 1 KB
2 KB 120ms
116ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ezJx8ZEu1Va14iscq_h5Gg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a373fcf6e68420792ae6977c1b7f2fe73082944f237ec333b8f45d28752507de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 108
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1304
cf-request-id: 0a928484800000d6d5cc831000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210505-193941-b3d1e33e7e
accept-ranges: bytes
cf-ray: 65caa380bfedd6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 1*_yKdMthPwVpKYyHZnvrKJQ.png
miro.medium.com/max/60/ 4 KB
4 KB 135ms
132ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*_yKdMthPwVpKYyHZnvrKJQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26fb182c4bdbe614059da22c59fbc361a8bcd754c9a370fdb031d16f0b29019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 3114
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3627
cf-request-id: 0a928484820000d6d5b11ad000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210505-193941-b3d1e33e7e
accept-ranges: bytes
cf-ray: 65caa380bfeed6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*ji6keNd2kNMsDi-Z.png
miro.medium.com/max/60/ 830 B
1 KB 135ms
132ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*ji6keNd2kNMsDi-Z.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3b4f1ce0d89e52e8e1e7e1005bd4ffd61a2124dbd2257a461520986b692a66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 155
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 830
cf-request-id: 0a928484800000d6d59f17c000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=1269095
medium-fulfilled-by: miro/main-20210524-154605-83c1757614
accept-ranges: bytes
cf-ray: 65caa380bfefd6d5-FRA
expires: Thu, 24 Jun 2021 05:48:46 GMT

GET
H3-29 200 1*YDlbuijY1qh1K0WhSIRFKw.png
miro.medium.com/max/60/ 4 KB
4 KB 135ms
132ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*YDlbuijY1qh1K0WhSIRFKw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6656287fa1325f938441be0a1343b7946a17457f95f19770a8981ce392e307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 2894
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3749
cf-request-id: 0a928484800000d6d5721da000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210505-193941-b3d1e33e7e
accept-ranges: bytes
cf-ray: 65caa380bff0d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*8zXAta_r_VbLYM_k
miro.medium.com/max/60/ 2 KB
3 KB 135ms
132ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*8zXAta_r_VbLYM_k?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2cb9576d3fc35ea9c27219303b2319c294f370fa84de3fd1fc45cb3dafb40d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 105
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2482
cf-request-id: 0a928484810000d6d5a7b6d000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210322-154547-3fe07c4c3e
accept-ranges: bytes
cf-ray: 65caa380bff2d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 0*yjzGtsFkfBpscrgE
miro.medium.com/max/60/ 868 B
1 KB 141ms
138ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*yjzGtsFkfBpscrgE?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2f8549af80d61cda0e562b2e750e07fb016c08106744ac871cf546c5695cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 612
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 868
cf-request-id: 0a928484810000d6d590256000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210518-205119-e723ff2451
accept-ranges: bytes
cf-ray: 65caa380bff3d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/270/ 10 KB
10 KB 28ms
26ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2319235
x-envoy-upstream-service-time: 74
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9821
cf-request-id: 0a928484810000d6d5a9a8c000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210505-193941-b3d1e33e7e
accept-ranges: bytes
cf-ray: 65caa380bff4d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/270/ 7 KB
7 KB 27ms
25ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1375588
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6839
cf-request-id: 0a928484810000d6d575157000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210505-193941-b3d1e33e7e
accept-ranges: bytes
cf-ray: 65caa380bff6d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:11 GMT

GET
H3-29 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 24ms
23ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4765537
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284848200004a61b71fc000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa380c8874a61-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 24ms
24ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6796270
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284848200004a61d9196000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa380c8894a61-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 26ms
26ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6796270
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284848900004a61d9197000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa380c88b4a61-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 24ms
22ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6796271
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284848b00004a61d4803000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa380d8ae4a61-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H2 200 manifest.d43d6a07.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 47ms
36ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.d43d6a07.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffeb4f1a583da326bbfc4ba7e05eeac4d4133296ef83b5646bcba74020081c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1683
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BYYMR7BJFRBR4PWG
x-amz-id-2: Db+ZdA+wWhI5zMDdU5L+J/m3ZrnMQSqK9VTF9eRy9MStJJ2U5ShyzA11rI2qF7efhDzYfeg1bSc=
last-modified: Wed, 09 Jun 2021 12:41:20 GMT
server: cloudflare
etag: W/"41b994449ec482cdbb1e9f565402e563"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 38e5O_wEex1wsDoeffN8ZrAcBpb3c8De
cache-control: public, max-age=31536000
cf-request-id: 0a928484e300004d846fa6c000000001
cf-ray: 65caa3816c644d84-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H2 200 2751.2bbf71b8.js Show response
cdn-client.medium.com/lite/static/js/ 701 KB
214 KB 49ms
39ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b64fa6ea91fd60a236e9eb95b2a2512287c508b753521dfca035e19a243adef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 533831
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: FS1X8V7G0RPCBSEG
x-amz-id-2: 8GbIIEs8tezjeNDmLOhnpYarxUxICYJcaAOKvfuminVmvwpDFVC4wU+5DX37q0GqSVtGY+I9ZXc=
last-modified: Wed, 02 Jun 2021 10:01:57 GMT
server: cloudflare
etag: W/"621cb8755cabdf0a378116e802b1ba8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 0tw7.azR7rAJ6qWnLVoliSUm_l818YzR
cache-control: public, max-age=31536000
cf-request-id: 0a928484e400004d84ad004000000001
cf-ray: 65caa3816c6b4d84-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H2 200 main.a660dbc2.js Show response
cdn-client.medium.com/lite/static/js/ 653 KB
173 KB 41ms
31ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10bfbac01d0462116b5e72ef1283acad36e7573f70225e241001a0b95a4d5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1683
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BYYSGYRMRG8F1JYV
x-amz-id-2: axdZfdwLgQ1jswcssDmX9BDR7CZ3ssDlUqk5zrx1npiS41e8BILZZ8KptXm+oVNK58oLo/Zzaxo=
last-modified: Wed, 09 Jun 2021 12:41:14 GMT
server: cloudflare
etag: W/"165f52a268214c2b0c976a2941f98291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: P9jVmlpNfVVLWDLUk2aUZZChAQpNXpv8
cache-control: public, max-age=31536000
cf-request-id: 0a928484e400004d846b846000000001
cf-ray: 65caa3816c674d84-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H2 200 5573.159bf40f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 41ms
32ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 743649
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: W5EH3ZWGCATAJ0JK
x-amz-id-2: uquA+D1mKTUgmaodaYFoBDYRFjBCghvQCPgGBuwnPNqPSgEh4m7aoHPDNWRkrQ4qGn6JNGvqqTU=
last-modified: Mon, 24 May 2021 10:33:47 GMT
server: cloudflare
etag: W/"285e9d718f6e570e00b30e966996ec1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HmLCtdjGYWgk2SnFK4M0oX_6tJ50SNp9
cache-control: public, max-age=31536000
cf-request-id: 0a928484e300004d848c2e3000000001
cf-ray: 65caa3816c634d84-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H2 200 instrumentation.6d84c86c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 49ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.6d84c86c.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a2aa99d94312a19ee778ccc3bb9fbc64c1eb4b67312eb47327d29354d94fbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107492
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: C1CW4TZPT5G8M7S2
x-amz-id-2: iVnYRrMS54cSE2DGPz0sbFq3WSW18VQrD7LycfvbnyhMrFoVCl+Zn/59W9zEbsWbNeeXJ1NlWs8=
last-modified: Thu, 27 May 2021 15:14:12 GMT
server: cloudflare
etag: W/"0a19c7c917eaec85474ceed7423ae252"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: lzcxB25ALM3Vwiv.wMwWT1Bb.f8n1M2Q
cache-control: public, max-age=31536000
cf-request-id: 0a928484e400004d84a0304000000001
cf-ray: 65caa3816c684d84-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H2 200 reporting.65aadb14.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 42ms
33ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.65aadb14.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c2d0f345f48da7eae159fb1c8240d2fbd8970db20383bc14f39af4436e56238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 465293
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: E5WB8RRRFX5EY5KM
x-amz-id-2: uXIxQ9Km+YrLYDDi/VWAYxNcnv0hFQReqhORFFRHc9Ar2LYgLwZfYwLWBZNhow7loUOCWykN4qQ=
last-modified: Fri, 23 Apr 2021 00:37:13 GMT
server: cloudflare
etag: W/"59d5c4eae69521aa54cfa5989461cf71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Fll3fHDBKTy1q1ENcRsFL22fjnzecNis
cache-control: public, max-age=31536000
cf-request-id: 0a928484e300004d8466ab3000000001
cf-ray: 65caa3816c604d84-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
11 KB 43ms
34ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 743649
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: E5W1APGX0KZP07FF
x-amz-id-2: BtTi/oDuygGEBejbPfjWODrJewRpXJL+XeAvQzSH0YGAlcyYCJ9Cnrt+4XPCw4xAUaDm0z4b264=
last-modified: Fri, 23 Apr 2021 00:36:36 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: qTjBvlRxYaTEFxDcJqCNPskg63NMpmfW
cache-control: public, max-age=31536000
cf-request-id: 0a9284850e0000d6d586300000000001
cf-ray: 65caa381a9cad6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 953.19c0a4db.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 50ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/953.19c0a4db.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6e69e570052da49ca6c294f9f7f73d78077c807aea47698290fa094a1ce9d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1101489
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: CWGWMQ0MM4HW2KM2
x-amz-id-2: iQcpHDqiQqlaj54RJTFSh9OWMO9+TruBYRlLfzdafRZzNRwyZNrTN5UYf1BmyKiDhIWPNsaDbyM=
last-modified: Thu, 13 May 2021 19:09:12 GMT
server: cloudflare
etag: W/"4566933d2fafead1b18217b7bab143db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zBZdazrOiIMP0pexvI3DppH4tm6GT_70
cache-control: public, max-age=31536000
cf-request-id: 0a9284850e0000d6d59ab71000000001
cf-ray: 65caa381a9cdd6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 1917.91233ecb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 38ms
29ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1917.91233ecb.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53e8742a0929c0275ca9f8d8181f0ae49497c5db007975e3434b513d1e657973

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74259
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: R098XP3E7C95569M
x-amz-id-2: nS8c8oYe4osnA+MaB1nrQaunL9N+raeJhZAgJCFFmzpF1iUqV3AprP/IB0RtpueuPcEE3AdZ2qk=
last-modified: Tue, 08 Jun 2021 16:31:36 GMT
server: cloudflare
etag: W/"f9e05a5a9baaf07b0892c56e0da4efcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Sfktw2p6cpXqQTfrjMLQQn0j9EBUS6E.
cache-control: public, max-age=31536000
cf-request-id: 0a9284850e0000d6d5a7b78000000001
cf-ray: 65caa381a9d0d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 9692.db974ab8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 87 KB
25 KB 47ms
38ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9692.db974ab8.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5cda9ca113951770f28a63a7467be8f0c673a10d5fd5f87cfa2bab12cb49ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563789
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V818MKGPFRZ9ZT4T
x-amz-id-2: 4gbR50ABX3xvU6t3xb9RQTt8wXXOrgmBb5rkqPLK57lDBPu2D7Fr9KMpp0yNcabyQco9dMhv8gU=
last-modified: Wed, 02 Jun 2021 22:11:20 GMT
server: cloudflare
etag: W/"e5719c8923d20c6065bb46e3d554062c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RFALt4wFwciRIu2jyXhIpieI._lvev9D
cache-control: public, max-age=31536000
cf-request-id: 0a9284850f0000d6d58b0a9000000001
cf-ray: 65caa381a9d4d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 5064.cc30080d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 71ms
62ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5064.cc30080d.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920848ff24029ecabc7b9c18db0afba74287f153f47af88bb40ecd87567f9d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563789
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V81732ZZ8KZF0QKX
x-amz-id-2: dZdrZv2dxrXNAKiUErT3Fjanh2rv03WlelZrYHl8i0DGYgxEzcHFgeOsFHfbPkZZ+tINan4kLVE=
last-modified: Wed, 02 Jun 2021 22:11:17 GMT
server: cloudflare
etag: W/"9e6cf81c876d422f7ee86295a86cf2a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: jMB1nsoVnyibOXpYY3BJXryyVa6OQl8f
cache-control: public, max-age=31536000
cf-request-id: 0a928485120000d6d570942000000001
cf-ray: 65caa381a9d6d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 4586.233a2bba.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 40ms
31ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4586.233a2bba.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb58f5bd979c6aa8d0625993baddd330b6334285cd9bdab49576aa34d276c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563789
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V81EQQSWVTY50YD3
x-amz-id-2: Pt4xvdURkNAlctY1jEc5PBkFEVE1zhsUF4mGORFsqKevjcEMrS1nNgOZ/OoJnhKfRDgr2rFOOfI=
last-modified: Wed, 02 Jun 2021 22:11:17 GMT
server: cloudflare
etag: W/"388912a77a7730a1bb874ab9f0f96a8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: s0leuLoPoL6ZVVbDI0xjxrPjv4EeMEwW
cache-control: public, max-age=31536000
cf-request-id: 0a9284850f0000d6d5deac1000000001
cf-ray: 65caa381a9d7d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 9046.5331af76.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
9 KB 43ms
34ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9046.5331af76.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ad9fdfa15c211df82f69f19b5b1925e1147181ae67b2679b8dffc2c2dc06a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 483805
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 5Q7WA2Y3B9GWM98G
x-amz-id-2: zr+IU0zA0WmpjpsgpMssYMrDW1JDX7mb7fByepOnYR2rwv4qsJ3EV5NucxaL3be9IkzPMY6oS/M=
last-modified: Thu, 03 Jun 2021 20:56:17 GMT
server: cloudflare
etag: W/"c1e8e57666c6ecc04bc30ef3d15fba6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HRXg7TC.NU_8g4hZTkjhPjUmmTi1HayN
cache-control: public, max-age=31536000
cf-request-id: 0a928485100000d6d5bbb22000000001
cf-ray: 65caa381a9d8d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 2846.7fcc0bee.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 48ms
38ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2846.7fcc0bee.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab65923fc0535464f1004cf2033d93a46160c8c9f7078a695c9ce4c3978f7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563789
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V816T82CF2KCK1T1
x-amz-id-2: VUZIHhX8cAjPZ0ycRkE5FmdyJG3gNguPlY5ozz5A/F8zfrXp1rKFtxMvmlujVYSM11nGebTd4No=
last-modified: Wed, 02 Jun 2021 22:11:16 GMT
server: cloudflare
etag: W/"bf4dc549ba23236ec874c411fec58823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: UcNoSUkqK8RaYj60ln3GggayBKreruFt
cache-control: public, max-age=31536000
cf-request-id: 0a928485120000d6d5e3a2d000000001
cf-ray: 65caa381a9d9d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 4579.287d8985.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
7 KB 50ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4579.287d8985.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdecbd311384a7b4fb7ce398a74690c60610bf18fbd8b4a34e7ff4c11d087bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58667
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: SBMQ0D9E4RSA8187
x-amz-id-2: zKHGM8YDUksSRNHMRQQZcTIAxO3H/dwd15KtH3UOgZ2xmmzrUASFWEWuAACGPV7rC1QIuBKVBF4=
last-modified: Tue, 08 Jun 2021 19:30:15 GMT
server: cloudflare
etag: W/"60947abd90c5d3fb49ccb3433a326f03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: nt.qkpWkFek.4lpmE_PNSvqexWMiMShC
cache-control: public, max-age=31536000
cf-request-id: 0a928485100000d6d5be3e1000000001
cf-ray: 65caa381a9dcd6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 2712.084be9ef.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 61 KB
17 KB 45ms
35ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2712.084be9ef.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43155db76ef8159ee2fe9b4f9c945e6c931a5913a09e5cbcc81428a2be0a7c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 156309
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XD5ASWKQMJZC4PZH
x-amz-id-2: WsIYsq4Ts3JAnubOV4cecD5RPosM5GNvBDi1uvhrG7Ov9eHGxXmiTA1hVATouoahyxNcCT3KEzg=
last-modified: Fri, 04 Jun 2021 14:23:11 GMT
server: cloudflare
etag: W/"873d08d2c892ab33146f731061767c2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 4nbzzXhZ_qig.puELU1sCZ_O9T9Gl39K
cache-control: public, max-age=31536000
cf-request-id: 0a928485110000d6d5ca1ea000000001
cf-ray: 65caa381a9e0d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 5828.7bdb755e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 37ms
27ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5828.7bdb755e.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48a0b457ed1e89309f7c4b2cfdd60e38c93a79e4d7e643a72d8266ad9cbdca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563788
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V810THTHSTDEP6M4
x-amz-id-2: XTGEfg4DfKg3PqYfynG149bn8yUg3Rz3DqHqtnfDMRxaevXVWt61QOWVEpM+F0df0DnGHq2krZo=
last-modified: Wed, 02 Jun 2021 22:11:18 GMT
server: cloudflare
etag: W/"9abceb06f4a94c125d0cb4196cfb39f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: TPRfz37guVlAEe3tGFAXvpEi0vUpWRhm
cache-control: public, max-age=31536000
cf-request-id: 0a928485110000d6d5cc83d000000001
cf-ray: 65caa381a9e5d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 9972.7935eee0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 38ms
29ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9972.7935eee0.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce19b8cf5dc965ec46b5051e5b2c3b6c09827bf1d22e7aa65e50661908b6691f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563788
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V812MSZMV9QXHXEB
x-amz-id-2: JCBJUBn1TthzZXADaeZO0tDxgGR2wQtJYHU0MPLLABcTwBI8r0gzjwQtIBJ8kLZ0/dQZU0oUN14=
last-modified: Wed, 02 Jun 2021 22:11:20 GMT
server: cloudflare
etag: W/"3c9cf651230298041152fea51ea421e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: mHF0TPihHQtrj9tzW9_uDbSMed1KIO5v
cache-control: public, max-age=31536000
cf-request-id: 0a928485110000d6d57a10e000000001
cf-ray: 65caa381a9e7d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 9570.130dd855.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 50ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9570.130dd855.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99eaca1766ff6c119169ada736c10996e496c801ace7ad6248755bdccee47b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84645
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: T3ZJV9B31E6MBGMT
x-amz-id-2: vPgND1gzIS1RiU5IZuO5aUw66T9ZFlLHcLv/TLZGEPh4hQrLzo0SE/1ngh3coRjECgVpc8fYVWU=
last-modified: Fri, 04 Jun 2021 16:07:52 GMT
server: cloudflare
etag: W/"9c36ed0f57f4fb78c8cbd6a5272f8593"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: pToJvGpLrRE.5oFkqTlWoIihOduk0_Gj
cache-control: public, max-age=31536000
cf-request-id: 0a928485120000d6d5b915a000000001
cf-ray: 65caa381a9e8d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 664.fea9a853.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
6 KB 71ms
62ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/664.fea9a853.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49ddcbaf49e0d10e867abc392b1a8f6dcb6180d160ee057024d8d688294dabd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563788
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V8140N411R5TB2HM
x-amz-id-2: Wi2Ob3fsr/ZwKnnQSBv6ZuUi52neMcU5wp1sTxWStnNZS6bOmBDgl1WjRw1HaAseyIe+bf6U1lo=
last-modified: Wed, 02 Jun 2021 22:11:18 GMT
server: cloudflare
etag: W/"cbb35a59ef46c6f84b18e61f71416aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 3E4l.ZvLK8Z8BXBkSwPiONJnJ0qQCNy_
cache-control: public, max-age=31536000
cf-request-id: 0a928485120000d6d5b6108000000001
cf-ray: 65caa381a9e9d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 7526.4c79dd9f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 51ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7526.4c79dd9f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e09d93010b633a8bb2598e34c60aff8efa8d50a88656309e3f05c9c17bd684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84645
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: T3ZTHDZSZ0GQYPQV
x-amz-id-2: oTsIBeYniqwIyLV4x3ibIOvDzoSwJO5zWChKwlR9MtV/BTEkz6H+UPVSGhEnNXIwz8xp8PuRCNo=
last-modified: Fri, 04 Jun 2021 16:07:50 GMT
server: cloudflare
etag: W/"cd2a2b7f1cfd2870186262908165a126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: aYjfz11R0yytVRSbl_IDZJ6pdeFRyyVA
cache-control: public, max-age=31536000
cf-request-id: 0a928485130000d6d575166000000001
cf-ray: 65caa381a9ead6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 2955.7f658c59.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 52 KB
16 KB 67ms
57ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2955.7f658c59.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1035505b348df8d0765373e106a9552ea5e87e04fc48e66a2ba51022d6be269

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 42276
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1M04FYJ0FYQ3MY63
x-amz-id-2: v5+0HN6+3sDJYZE71k/UwKeLcYIb2d6zps6Ovv9lAosd6BeLdmr49W/wc2l4gujWNemikqid9to=
last-modified: Wed, 09 Jun 2021 01:08:21 GMT
server: cloudflare
etag: W/"ca8e6a9e5b713fd712b13cb5bf862b2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zyd2.tq7HS7aE0IRcLe63sri0U09WrFJ
cache-control: public, max-age=31536000
cf-request-id: 0a928485150000d6d5bbb23000000001
cf-ray: 65caa381a9ecd6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 1429.f815aadb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 38ms
28ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1429.f815aadb.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44ba77cc18f87ef4b95eab6ec176a749cea20445443588c0faf2f3253ee4b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563788
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V81E9ZNFWH174ZSY
x-amz-id-2: 2Pnci+cORd2Y8DnUbE4FF6xT2VTY6+BrhAIMFfFcUN68d/dXlKf1JVYFjBSrsTSZdKKsRFEN3cc=
last-modified: Wed, 02 Jun 2021 22:11:15 GMT
server: cloudflare
etag: W/"6c170f0015e53a461e0dd93bae419118"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: TsEinhCFWqHO1bexp.AFycY.t4ibviCb
cache-control: public, max-age=31536000
cf-request-id: 0a928485130000d6d5c59e5000000001
cf-ray: 65caa381a9eed6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 7883.b2a533a5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
6 KB 51ms
41ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7883.b2a533a5.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7308fd7fb9085dd357dfacfc99b96c6943e2e52af050a4a235da150ffa043a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58652
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: SBMXH7FV5HD4V01C
x-amz-id-2: 5kpPh3E27bHVJcl5hkpS7Oz6hhYxdzobO1WAVJGpab/kfVgC2kDc/DAYTO2gDYwIK3w8nafeEFs=
last-modified: Tue, 08 Jun 2021 19:30:17 GMT
server: cloudflare
etag: W/"9560cc88e2ada66d5547b6bf34a3a0c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: T3JF6jz.plAfJe3gvjokbg3BT2dRt7XN
cache-control: public, max-age=31536000
cf-request-id: 0a928485160000d6d5e1835000000001
cf-ray: 65caa381a9f0d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 4697.5c748802.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 52ms
41ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4697.5c748802.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997a67a3701457dc75889bcdd07797eb0484c934e7acb7969d7e7f3340817b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563788
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V814DC7D3E3W192F
x-amz-id-2: lmkWyIYpdXd1D7I/lx7uivOlK75nrseYcjHwkA4JrNSahSO1ge5dMMw86AGx/lFG4AywZH6QVsA=
last-modified: Wed, 02 Jun 2021 22:11:17 GMT
server: cloudflare
etag: W/"82ed7b826a345590d5ce7a4b648626e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 84cEHashLmaHxVmH7lmiBApwsTLf66MM
cache-control: public, max-age=31536000
cf-request-id: 0a928485140000d6d59f18b000000001
cf-ray: 65caa381a9f1d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 2298.43084416.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
9 KB 61ms
50ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2298.43084416.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1505acb06d7ac0ea237a47020caff34ff9c1066c19f43ca474d581106d8a002c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58652
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: SBMTXHQDAMQ2FHCG
x-amz-id-2: yR3EzYpznqB7mB1diU+M3xkznlJ6DjuaOZ9FWTkrDge+jAfg5ehGJzlAbBsIbUK4UHWfYtdmgH4=
last-modified: Tue, 08 Jun 2021 19:30:13 GMT
server: cloudflare
etag: W/"24438c21f636d6ade9cd04df31998b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dxgyfdnjmzDyTvUJd3HPFDL8xUf_fln9
cache-control: public, max-age=31536000
cf-request-id: 0a928485140000d6d5dca37000000001
cf-ray: 65caa381a9f2d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 8127.f1f6c975.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 41ms
30ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8127.f1f6c975.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e599771c538593c6fd1c7760204ed65e81eead76fe771201679e2b3b32ebf724

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563788
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V81DEJGVN37WJWA3
x-amz-id-2: FBrKksa+WXCOVboIGQ57DdUWowC2XK3rQfMSu31jeHNpreka+AGFhpGQMK8tPey3NUBlQkAfl1k=
last-modified: Wed, 02 Jun 2021 22:11:19 GMT
server: cloudflare
etag: W/"a0993df0ce43f439fb036d97a651636f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: YCGYWPX2W96GX8s_3b9cLInJYt9QTmGU
cache-control: public, max-age=31536000
cf-request-id: 0a928485150000d6d5acae8000000001
cf-ray: 65caa381a9f6d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 3507.829b239f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 62ms
51ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3507.829b239f.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d9be0a936d488bb376189b24b54bc8f9ba5f98e2f17be6e7fd13e9fa2062d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563788
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V81EB2AT6A65QPAT
x-amz-id-2: IM7eRzKABWs2YJCDrw6Ax2V83hD1VpVg2JK+xuthjmii0WwsLDnXoLW7JmG/ezNWqMTNL6cNYZs=
last-modified: Wed, 02 Jun 2021 22:11:16 GMT
server: cloudflare
etag: W/"065548a096a01d5cc6c0e4b57b4d5466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zM6uBlDhqh1a4UXFoGs79jQipi8EBUwv
cache-control: public, max-age=31536000
cf-request-id: 0a928485150000d6d5a9a9a000000001
cf-ray: 65caa381a9f8d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 PostSidebar.c2af3f1c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 45ms
35ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostSidebar.c2af3f1c.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acd9b7cb0093decbc3c1ea695d2e9d708b3e5eac543a3c4144ca5e76f840229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 501035
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: VECZZYRZT986GMY4
x-amz-id-2: tfgZfTcyEKgSZCFBNTV6KyiNuYT5vxh1G2a3zCQickpn6Z1x72AnR9nlD9MyOqkzVvxpmHoQspM=
last-modified: Thu, 03 Jun 2021 05:47:04 GMT
server: cloudflare
etag: W/"85f29e82dc2dc9fe6e0cc8eee28c2933"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2wZefy5zjMm4piN_kUMX5k0Q50HEFW_u
cache-control: public, max-age=31536000
cf-request-id: 0a928485150000d6d5c0933000000001
cf-ray: 65caa381a9fcd6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 6371.4cc12a6e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 53ms
42ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6371.4cc12a6e.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca134e34fbaa458d1d943aedc393f3beabf037062890e43b0a71566ad46cf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58652
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: SBMZHXHSEKED2ZWX
x-amz-id-2: mUlVUEbLNpg0OqyiyP6ViKnibH7sIP+cO663SW8qsYpaINOynXEsaX960BOBU6+aY31jxSMZhQU=
last-modified: Tue, 08 Jun 2021 19:30:16 GMT
server: cloudflare
etag: W/"f8c98ab872d5c769780cef9f674e1b99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: VijwjIEd.1Ls4HckInqSL.sIkWpKoT..
cache-control: public, max-age=31536000
cf-request-id: 0a928485190000d6d5a28ea000000001
cf-ray: 65caa381aa00d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 1938.187e9f26.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 53ms
43ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1938.187e9f26.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee0d3732b8665a70248979d37187133f22d86034a614ca6e47ee2442747a00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74259
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: R090JC24EK00NHWW
x-amz-id-2: W3B6AJJS+bn2VfbTOYd1vFLy7G8MBlY39K7GxFADv8X/Uiz6HUzt0O2qWc71YVsU35Jxr/ftNIk=
last-modified: Mon, 07 Jun 2021 19:10:09 GMT
server: cloudflare
etag: W/"ecbcc1d24ad756d9e0b926d2b8c1562e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _QRc6ODEgPaf2FUgSRl2TN20t3bmDr6q
cache-control: public, max-age=31536000
cf-request-id: 0a928485160000d6d5938ba000000001
cf-ray: 65caa381aa05d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 4806.1b72b920.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 63 KB
18 KB 65ms
55ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4806.1b72b920.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f159f5a938039cdd61f9f382fe63c912ceb62697a8e2cd5f5e54c1f90e2d68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58652
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: SBMPTHGM57BGCTM8
x-amz-id-2: RSlKepVbuOehVehGKpFjx6hB1ZSq2D+jUIdW+sbIZjwZuE7ORuQ2MJ3iAGiIYCexBbRs+aH/r6o=
last-modified: Tue, 08 Jun 2021 19:30:15 GMT
server: cloudflare
etag: W/"e5e6eae02ac255a33cb4a0f0c3898b4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: xl85..2I30D0fhdhcGpJLiJ9XFBewHQZ
cache-control: public, max-age=31536000
cf-request-id: 0a928485180000d6d5d2a32000000001
cf-ray: 65caa381aa07d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 3874.390b0795.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 62ms
51ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3874.390b0795.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

768082d70360209250cd33918ef5d4c884ddc103fc0746054604a94800178c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563787
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V816WX3MDA08CQH9
x-amz-id-2: /u3Q+S/RcCn5ehn/13y064c53OoGWjRm3BXuEivp306S4oR1RgfGKFiLkT7VkNcAjBVbCsz7EIY=
last-modified: Wed, 02 Jun 2021 22:11:17 GMT
server: cloudflare
etag: W/"9b68de28d747e1b332e69ca8c4bd20eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: SIGBU7.lHJyJUDfcGQLIvG8r16b5dgkV
cache-control: public, max-age=31536000
cf-request-id: 0a928485170000d6d5729fd000000001
cf-ray: 65caa381aa0ad6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 1794.574e0f73.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 63ms
52ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1794.574e0f73.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b4a6ee70f280e752cfeea9d8ebd4d75b338ce88ff12f20e198a444250bf52a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 633449
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 46B84JT2WQW3Z9V9
x-amz-id-2: 6mTdyjLOubLweTLBA17cEBcvddALjjhDYoyg8pRap0FBXzK8xIm9YVOfjcFFSoJvRhtP5I+ZNfw=
last-modified: Tue, 25 May 2021 13:50:11 GMT
server: cloudflare
etag: W/"b6ff92a61940639c91b8e429faef17ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: j5Zw0Kpxjpc_87ggnqJD9vPPl09ZMmui
cache-control: public, max-age=31536000
cf-request-id: 0a928485180000d6d5b11ba000000001
cf-ray: 65caa381aa0cd6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 6179.b904e596.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 40 KB
14 KB 64ms
53ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6179.b904e596.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c08805c1d2ec25dbb163d2904ca750afcdaed7c5667d129a7200f6f1133d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58485
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: SBMKM1QK7PC0YF3X
x-amz-id-2: Wz/TWHqpYSuajzZ580L72ZB2YGbTx16imrgYSx4cEiumIJiQ57EtyD1Z3M6OsDrrDBolpotyMmw=
last-modified: Tue, 08 Jun 2021 19:30:16 GMT
server: cloudflare
etag: W/"8ce25b94c864601ecdf5fdf2514c9753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 4VxyPiLHMbi62TJCOHgcP1K.owy9XQk3
cache-control: public, max-age=31536000
cf-request-id: 0a9284851a0000d6d581373000000001
cf-ray: 65caa381aa10d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 Post.a2b200d2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 53ms
42ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.a2b200d2.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cdf5aa71c32a006adcd03f39288523badbb266a8b60aefdbee45b2dbdb5860a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74259
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: R098Z393JRSPXE9J
x-amz-id-2: ClsCql5ZuzQ67HeUnrntpy9u9Ujb0NucTulVTMZ8Nnvf2aY1iIjfZDH0PXYDgFtt7TQl2FwdaWU=
last-modified: Tue, 08 Jun 2021 16:31:51 GMT
server: cloudflare
etag: W/"e9a57bc0a265304ccad18580fd989835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yipUN_SJmO5ye_Rcx8mAwnMieIovtEWE
cache-control: public, max-age=31536000
cf-request-id: 0a9284851c0000d6d586303000000001
cf-ray: 65caa381aa11d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:11 GMT

GET
H3-29 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 27 KB
28 KB 45ms
41ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61df1c691c169e5eee23e389d4746fd846ffc7746356cba2e924d83445181a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4765537
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a928484f400004a611ebf4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa3818aa44a61-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:11 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 141 B
440 B 458ms
457ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d271e009c3376092ab82002a5b7b8d70e5cd36fac5f25679a28587eededc296

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 195
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"8d-rKX6IoNQEzqAOeO3TuIvUMPTqDY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd
x-envoy-upstream-service-time: 351
medium-missing-time: 0
content-length: 141
x-request-received-at: 1623244631877

POST
H2 200 graphql Show response
posts.specterops.io/_/ 543 B
867 B 195ms
194ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: f4b1e97f6e8139c5fc12fb42d492b2a6eecbceff57b131d976047ac71a71a31e

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 1505
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"21f-o9BxqDaIlMf4ivswmw69RtnIeh0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210609-013023-45538659be
x-envoy-upstream-service-time: 87
medium-missing-time: 2
content-length: 543
x-request-received-at: 1623244632380

POST
H2 200 graphql Show response
posts.specterops.io/_/ 567 B
892 B 239ms
238ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 802961ca190f868a9dd1595676bc4db11ce21e17d32e0658d2748238b7c8ea16

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"237-m4BwWeiD0fowtyLvYqn/vzkwxAw"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-234052-eeb669bd15
x-envoy-upstream-service-time: 135
medium-missing-time: 2
content-length: 567
x-request-received-at: 1623244632378

POST
H2 200 graphql Show response
posts.specterops.io/_/ 550 B
874 B 248ms
248ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: edfa47c0840871eace133d376040487c63fa6f9d3557834c9cf526c8cc6f2c7b

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"226-7dcwr5BCNGxhvf33U8Wg2K9E7c4"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
x-envoy-upstream-service-time: 140
medium-missing-time: 9
content-length: 550
x-request-received-at: 1623244632385

POST
H2 200 graphql Show response
posts.specterops.io/_/ 567 B
892 B 199ms
199ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: ea0b300c7ad73921680359ba67e6db7fad314c94ca87e845a931097fd75ec74c

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 1505
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"237-5QjLGKQaphJ9vxuS9fAhSO69uB4"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210609-013023-45538659be
x-envoy-upstream-service-time: 89
medium-missing-time: 2
content-length: 567
x-request-received-at: 1623244632390

POST
H2 200 graphql Show response
posts.specterops.io/_/ 438 B
762 B 188ms
188ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 57b214d93b6bc859336f60b4fe759a1809e14228305fccd3a41889e213db7d91

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"1b6-n7YVoVAvKD2oz05BcHGzaG6USxs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
x-envoy-upstream-service-time: 81
medium-missing-time: 2
content-length: 438
x-request-received-at: 1623244632390

POST
H2 200 graphql Show response
posts.specterops.io/_/ 417 B
742 B 254ms
253ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d8c517b371599e8d435eb45b38496c719078120280254ee338aa8d7e9855469

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 1506
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: UserMentionTooltipQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"1a1-QPassuEQEL7CwIeKKq6zujWD5ec"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
x-envoy-upstream-service-time: 144
medium-missing-time: 2
content-length: 417
x-request-received-at: 1623244632395

POST
H2 200 graphql Show response
posts.specterops.io/_/ 395 B
720 B 183ms
183ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 8041bb202a0e56dbb3fa55c15d93ff29fecff81b2e993e566e4873826add9fc5

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 548
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: CollectionViewerEdge
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"18b-s7uIWK+Gvt0+WRWQ1PL292aF8n8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210609-013023-45538659be
x-envoy-upstream-service-time: 74
medium-missing-time: 0
content-length: 395
x-request-received-at: 1623244632400

POST
H2 200 graphql Show response
posts.specterops.io/_/ 281 B
604 B 234ms
234ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: c712e40d2ad5b69ab95a7920ccaaed9318c9105cb48e692a0623e397d4566157

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 388
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: PostViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: PostViewerEdge
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"119-o8lXroGuLGETdTUSmQympIWDYAM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
x-envoy-upstream-service-time: 131
medium-missing-time: 5
content-length: 281
x-request-received-at: 1623244632402

POST
H2 200 graphql Show response
posts.specterops.io/_/ 443 B
769 B 210ms
210ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b754c6153d198ba01b9f72572b05dcf9cfad019beba7c1974a8ef36620c1f3ec

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 594
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
graphql-operation: UserViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Graphql-Operation: UserViewerEdge
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
sepia-upstream: medium
server: nginx
etag: W/"1bb-vEjZyEUkROVJoS33rNCJ8+ksGlM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
x-envoy-upstream-service-time: 105
medium-missing-time: 3
content-length: 443
x-request-received-at: 1623244632416

GET
H3-29 200 8342.aeed0cb3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
34 KB 38ms
37ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8342.aeed0cb3.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.d43d6a07.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98fb5a46eb7e071b2e78f0b6425bb445dad8fbee25cb18a70c9710f19ea5114

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563785
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: E1PGRKK0ZQP3W222
x-amz-id-2: d7ZwwnmXL3El1XUEdArcjbMo472Bo0EPXFog40x6is/S2p1PLdFrRiayGFdyKORvSGXK+29mYAs=
last-modified: Wed, 02 Jun 2021 22:11:19 GMT
server: cloudflare
etag: W/"dc64def2f25bcd813652a07109a515fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: mI5zQ6jb0ZFAqHFiTw0rkUtm_pQqKh3y
cache-control: public, max-age=31536000
cf-request-id: 0a928489c60000d6d5dd1ab000000001
cf-ray: 65caa38939add6d5-FRA
expires: Thu, 09 Jun 2022 13:17:12 GMT

GET
H3-29 200 8698.5972a15b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 29 KB
10 KB 43ms
42ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8698.5972a15b.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.d43d6a07.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4c607b08799097802d49c484c773cbcd6a145874cd2ff0277b5a6459e3d990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 150657
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 5G7F5ZM1VKRHKA7T
x-amz-id-2: k0KwYKw6Ezaueo1yi2rrH66/cignrq2MBtiap8Xn3Et+sjsnXz7d3sRNWs+ivpeytFmYeMDfm3U=
last-modified: Mon, 07 Jun 2021 19:04:50 GMT
server: cloudflare
etag: W/"433d603ccffae418145c62f224b19d86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ke3skDxdU2SC2lE69G..9xREfMOpD5Vm
cache-control: public, max-age=31536000
cf-request-id: 0a928489c60000d6d59391d000000001
cf-ray: 65caa38939aed6d5-FRA
expires: Thu, 09 Jun 2022 13:17:12 GMT

GET
H3-29 200 8873.036d1d3b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
11 KB 42ms
41ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8873.036d1d3b.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.d43d6a07.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39f31b2fc76218338f64427874f97800461da0de7c6849a84f49840705de060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563785
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: E1PJC0SX0FTPJ0CW
x-amz-id-2: mUcQQ4qem1ZiCJxmpPWvHSzjObMdnaBaOKuUHJwGGZEUW/uHuhV41jg9iJJ7B8AeBYiCzgycZ7A=
last-modified: Wed, 02 Jun 2021 22:11:20 GMT
server: cloudflare
etag: W/"f9d46f94014f445aa4431017b70a92ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ILZQFovBXvAFh4JDWiQWMI9HtWZsV9tC
cache-control: public, max-age=31536000
cf-request-id: 0a928489c70000d6d57224f000000001
cf-ray: 65caa38939b0d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:12 GMT

GET
H3-29 200 ThreadedResponsesSidebar.ac00fcf1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 54 KB
18 KB 34ms
34ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.ac00fcf1.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.d43d6a07.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caf0983b0ba8e0a9b08d61f32ace19dcd7969fa9aa0475f067f592c1784ec04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563785
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: E1PTSNG4N5K3BNDX
x-amz-id-2: Nc4Yxu4XUYZ9hjESbt5c8YNycS4VD+imSVmBxGJEOdbnJ+YeOaxq9FdodXCP3zpRcz40wfrnTaw=
last-modified: Wed, 02 Jun 2021 22:11:36 GMT
server: cloudflare
etag: W/"6be48111c4e0eff0b332338d7dfffcc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HPjOTn_eV.MbkLvSRq4mnq3G_H_7Dg1U
cache-control: public, max-age=31536000
cf-request-id: 0a928489c90000d6d58636d000000001
cf-ray: 65caa38939b2d6d5-FRA
expires: Thu, 09 Jun 2022 13:17:12 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 50 KB
19 KB 61ms
20ms Script
application/x-javascript 13.226.156.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-101.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 96876c40ac46caa83507ee4533dbbe643f438c9784e71c0fbf9086eb63dfa831

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 22:54:48 GMT
Content-Encoding: gzip
Age: 51744
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Wed, 10 Mar 2021 16:22:10 GMT
Server: nginx
ETag: W/"6048f232-c8b4"
Content-Type: application/x-javascript
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 6xcb2FqN4rU_Ot0pCbZnRdOtEBr0prgdOMB3RwEBLqtFXLY1ET8bNg==
Expires: Wed, 09 Jun 2021 22:54:48 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 94 B
417 B 269ms
269ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 0019a1fc91016d681e66c2bfc619ada899412714080b3df589fd847f77f26dc4

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0; dd_cookie_test_67605690-2957-469f-9e2d-ed651674c971=test; _dd_s=rum=0&expire=1623245532549; dd_cookie_test_4068ee98-f531-4ccf-8dc1-f44f32a7f4a4=test; dd_cookie_test_1cbe86fc-0fcd-4a88-b6d1-71dd9cac3c0c=test
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 5763
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:13 GMT
sepia-upstream: medium
server: nginx
etag: W/"5e-kVSKSU69nbF4I0o+bxzn1H7FIQ8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
x-envoy-upstream-service-time: 152
medium-missing-time: 5
content-length: 94
x-request-received-at: 1623244632953

GET
H3-29 200 0*l7ieaNG6vq0va1Gj
miro.medium.com/max/1600/ 95 KB
96 KB 106ms
106ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1600/0*l7ieaNG6vq0va1Gj

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80160dbe0f4d50e4884cbc2de72df7a79227b977a3fb63da00d5d16032e09769

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 55
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 97677
cf-request-id: 0a92848ba10000d6d58b13a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa38c3fb8d6d5-FRA
expires: Fri, 09 Jul 2021 13:17:13 GMT

POST
H2 200 /
posts.specterops.io/_/clientele/reports/performance/ 0
0 108ms
107ms Fetch
application/octet-stream 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0; _dd_s=rum=0&expire=1623245532549; lightstep_guid/lite-web=33cf6c012be7624b; lightstep_session_id=1ab775fa78febc94; dd_cookie_test_ded4da1d-5d4f-487f-8fc4-df2dd9d62d63=test
content-length: 194
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:13 GMT
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, clientele/main-20210511-170208-4068f81594
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
posts.specterops.io/_/clientele/reports/performance/ 0
0 110ms
110ms Fetch
application/octet-stream 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_1eccdae0deb0; sid=1:C2oF+r1oGGD6XDP1kAo+Tg5dh37vZfPadUDx84uzZCB1uoa+jlSqBQr6gbNrdrmb; optimizelyEndUserId=lo_1eccdae0deb0; _dd_s=rum=0&expire=1623245532549; lightstep_guid/lite-web=33cf6c012be7624b; lightstep_session_id=1ab775fa78febc94; dd_cookie_test_ded4da1d-5d4f-487f-8fc4-df2dd9d62d63=test; dd_cookie_test_ef103e1a-0ef1-4a5f-a687-5a3c69c65a23=test
content-length: 210
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:13 GMT
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, clientele/main-20210511-170208-4068f81594
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5901
date: Wed, 09 Jun 2021 11:38:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 09 Jun 2021 13:38:52 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 57ms
18ms Script
text/javascript 52.84.174.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b?gi=70a3cf4e5dad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-15.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00ea178cbba5d3f907ab88426a2380ee06fc6267ea1e7e9815e4063fcdd8d8ac

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qarmcwXsLN.jA_Lr9PtDBnGJTnfPptaQ
content-encoding: gzip
last-modified: Mon, 24 May 2021 20:22:06 GMT
server: AmazonS3
age: 269
etag: "611960e84a5f2287a232699af98b27d9"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3d9c0fa5b3b5d4d0036d1179c645f1c4.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 09 Jun 2021 13:12:45 GMT
x-amz-cf-pop: CDG50-P1
content-length: 23842
x-amz-cf-id: sFiBwUko0FidfrYLDVhD11eKTawsNU1L4V1PbSft0SiyyGVvFGecCw==

GET
H2 200 responses.editor.bb960e2b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 41ms
40ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.bb960e2b.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.d43d6a07.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52382878a7b8ed3cda7f8650ec9b2cc3951d2904e8db611dd51c4112e39a95bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 563781
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HKN0GVY8Q1X5SCAS
x-amz-id-2: MC7AmAGFH+fv/jTg2CQmql17tWPzPIxI2a9KUfEYWctcDB6LApZjrrdplUo6inyCOt/kk7139Fs=
last-modified: Wed, 02 Jun 2021 22:11:50 GMT
server: cloudflare
etag: W/"c55521e79786c2900a6145b127a4f615"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: aGTy6OAJHuul44ZlgzMFdpAnxiPFicni
cache-control: public, max-age=31536000
cf-request-id: 0a92848e2c00004d847e0f2000000001
cf-ray: 65caa3904d534d84-FRA
expires: Thu, 09 Jun 2022 13:17:13 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 462 B
858 B 219ms
219ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 15e6e428024ecfb2554a22fb9928cb8291d4fef98666849a98b3cd19a2e6c167

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ot-tracer-spanid: 1492bba87a080396
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210609-122752-a86bf69dd2
content-length: 7136
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
medium-frontend-path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
graphql-operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
apollographql-client-version: main-20210609-122752-a86bf69dd2
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2a441d6baecfd050
Medium-Frontend-Path: /bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Graphql-Operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Medium-Frontend-App: lite/main-20210609-122752-a86bf69dd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
apollographql-client-version: main-20210609-122752-a86bf69dd2
ot-tracer-spanid: 1492bba87a080396

Response headers

date: Wed, 09 Jun 2021 13:17:13 GMT
sepia-upstream: medium
server: nginx
etag: W/"1ce-JFCPbK5Hrtti+5/2t1eCWieaG50"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, rito/main-20210609-115918-77a3ad87cd, tutu/main-20210608-151423-105ba2515f
x-envoy-upstream-service-time: 100
set-cookie: uid=lo_a1b26ef7e3fe; Path=/; Expires=Thu, 09 Jun 2022 13:17:13 GMT; HttpOnly; Secure
medium-missing-time: 3
content-length: 462
x-request-received-at: 1623244633724

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 531ms
99ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1623244633667&plid=19306658&idsite=medium.com&url=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&sref=&sts=1623244633664&slts=0&title=BloodHound+versus+Ransomware%3A+A+Defender%E2%80%99s+Guide+%7C+by+Andy+Robbins+%7C+Jun%2C+2021+%7C+Posts+By+SpecterOps+Team+Members&date=Wed+Jun+09+2021+15%3A17%3A13+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=65701792&u=pid%3D16170620a9495229fe7fd8e05bf2d2d2
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 13:17:14 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 09-Jun-2021 13:17:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 550ms
106ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1623244633670&plid=19306658&idsite=medium.com&url=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&sref=&sts=1623244633664&slts=0&title=BloodHound+versus+Ransomware%3A+A+Defender%E2%80%99s+Guide+%7C+by+Andy+Robbins+%7C+Jun%2C+2021+%7C+Posts+By+SpecterOps+Team+Members&date=Wed+Jun+09+2021+15%3A17%3A13+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=97041285&u=pid%3D16170620a9495229fe7fd8e05bf2d2d2
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 13:17:14 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 09-Jun-2021 13:17:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1405010597&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&ul=en-us&de=UTF-8&dt=BloodHound%20versus%20Ransomware%3A%20A%20Defender%E2%80%99s%20Guide%20%7C%20by%20Andy%20Robbins%20%7C%20Jun%2C%202021%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1625045610&gjid=480373181&cid=156995087.1623244634&tid=UA-24232453-2&_gid=137724960.1623244634&_r=1&_slc=1&z=493877712

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 13:17:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posts.specterops.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 22ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1405010597&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Fbloodhound-versus-ransomware-a-defenders-guide-28147dedb73b&ul=en-us&de=UTF-8&dt=BloodHound%20versus%20Ransomware%3A%20A%20Defender%E2%80%99s%20Guide%20%7C%20by%20Andy%20Robbins%20%7C%20Jun%2C%202021%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1410901374&gjid=1182545326&cid=156995087.1623244634&tid=UA-102239211-2&_gid=137724960.1623244634&_r=1&_slc=1&z=1524197861

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 13:17:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posts.specterops.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 90 B
562 B 393ms
167ms Script
text/javascript 2600:9000:218d:4600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.2&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218d:4600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

175eca163385d849b46ca9a05193b36bdb854db35454e79cc6235f89cf22e280

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
via: 1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: CDG50-P2
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-O/aJ5gOvnlVhdXNoxmXVWjXl018"
x-amz-cf-id: fl75Y06MJAb-CkcJUfprxCpKAOn5R84AOJfjYkv0SoR5ucYqy-1hSA==

GET
H2 200 0*l7ieaNG6vq0va1Gj
miro.medium.com/max/700/ 30 KB
30 KB 127ms
126ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/0*l7ieaNG6vq0va1Gj

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd3507489c8228b3c86c476938a77a7984f87ae1eaa1054501321cc085a0d22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 481
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30228
cf-request-id: 0a92848eb400004d849a2db000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 65caa3911f954d84-FRA
expires: Fri, 09 Jul 2021 13:17:13 GMT

GET
H2 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 147ms
36ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://posts.specterops.io
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4089811
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a92848f9600004aa93011e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 65caa3928c7e4aa9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 09 Jun 2022 13:17:14 GMT

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
720 B 187ms
171ms XHR
application/json 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115681beca8565a10e34c5cc090ae565d44223c05de990d96222f93ef10cdd0c

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 9
access-control-allow-methods: POST
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284904400004abd3a379000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BX8yQS6%2BYqSTFtOkpFZiwRwuBuR7EFekUEZOUU3wOkoSOg06MHHPklMIaucCqx6sE18Sa8elExQGHbbFXuQqkjhNLuXFAix%2FzE0qFE2qjnC%2BMiBmsESoatYgsfp650EMONAeQoGiivkQ2ESHPYx6EwFK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 65caa39388d54abd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 174ms
145ms Preflight 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0a92848f96000032487a14b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2%2FIo44eHS0An6uHE3OnimEf%2BmCqgZpnUymQZS6wpH8VRUTy5gCNYNH4P1oQROutgzC0ST3OrOXEaRn39bS53WOJACJeREAXWB6T1xrfLNnwXHOc4%2B8eYPfMEgRNEHDMYNCdV%2FVL3bV9T12OZSbMTay0l"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65caa3928cce3248-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 179ms
179ms Fetch
application/json 2600:1f18:24e6:b900:6f4e:6f3d:bfc3:43d2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6f4e:6f3d:bfc3:43d2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 09 Jun 2021 13:17:14 GMT
content-length: 2
content-type: application/json

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0 299ms
97ms Preflight 2600:1f18:24e6:b900:6f4e:6f3d:bfc3:43d2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b900:6f4e:6f3d:bfc3:43d2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
626 B 270ms
219ms XHR
application/json 2600:9000:218c:e00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:e00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 72cb6bd2aabbccc5b824de69792c12620b642a94393c276c7dc54aaf86158e46

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
via: 1.1 16de6e3636993b2d3f832b9ae653bd69.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: f27b6771d34347edac10622cad96ef2c-2021060913
content-length: 312
x-amz-cf-id: SQgcXPWqK5R4ufnA6Ru9Hxb8fqRrod8lHpSwhc6WgrABfn1ZbkbKRQ==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 0
0 423ms
103ms Preflight
text/plain 52.45.34.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.45.34.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-34-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://posts.specterops.io
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Wed, 09 Jun 2021 13:17:14 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
245 B 104ms
103ms XHR
text/plain 52.45.34.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.34.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-34-218.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://posts.specterops.io
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Wed, 09 Jun 2021 13:17:14 GMT
Content-Type: text/plain

POST
H2 200 /
posts.specterops.io/_/clientele/reports/performance/ 0
0 114ms
114ms Fetch
application/octet-stream 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b%22%2C%22sref%22:%22%22%2C%22sts%22:1623244633664%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=16170620a9495229fe7fd8e05bf2d2d2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1623244633664}; _ga=GA1.2.156995087.1623244634; _gid=GA1.2.137724960.1623244634; _gat=1; _gat_tracker0=1; uid=lo_a1b26ef7e3fe
content-length: 1409
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba, clientele/main-20210511-170208-4068f81594
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
565 B 380ms
380ms XHR
application/json 2600:9000:218c:e00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:e00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

f3dae63e0b642c98c46774db204945de362932da96b23679c6c07746b4ee8705

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
via: 1.1 16de6e3636993b2d3f832b9ae653bd69.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG50-P1
x-powered-by: Express
etag: W/"b4-evZ2wCBcnzRpHeguEnwTdfYkvpM"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 45fecd1d7091465ea88b1f22a5370aa3-2021060913
content-length: 180
x-amz-cf-id: 2OR1ySZzUWJLVqAe3EEujw9kDBVqWC27ubC3J95yzsCpwy5PvW1qzQ==

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
684 B 134ms
134ms XHR
application/json 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774f6fed33adce86caac8bd30f89c86d7eb8b7d75d31ff1150649f235251f66a

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
access-control-allow-methods: POST
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284931400004abd57be9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pF0hqRJE%2BsQKcsNLdtoaYCibhQGgf0YC67brA7yNqEMcm66KvOLHnzMV%2F4T7OFojJkBYN3ibZxuj7mpIrqq6ELg094kiDlicgv4IXcd6GU0fxm%2BS9cuVdnVzkCnOx%2Fb2rVqRNarDufR08%2BMVuqmR9kKa"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 65caa3982df24abd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
389 B 421ms
421ms XHR
application/json 2600:9000:218c:e00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:e00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Jun 2021 13:17:15 GMT
via: 1.1 16de6e3636993b2d3f832b9ae653bd69.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 19f93220d9324d95b38838fba71b7567-2021060913
content-length: 28
x-amz-cf-id: LSyKJ8YaPVyzIb_T1t7J2Ls5MZ-Lj14RljxBayIiobRtoZ59PRw3dw==

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 126ms
126ms Preflight 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Jun 2021 13:17:14 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0a9284929700004abd49220000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FeiptzkCcXQJR99Rq5HKxADaPY0uMcrUw68c0VYO40S0yXbEMpUKC9d1N4XKVANH6tXotMFM5ZbassUO%2FVyYZ1tM7%2FSdweaOV%2BBC8CqQP2XzZUaJel4imLveJhslO1owiEILH947eukLcBdoUduv%2BsSP"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65caa3975b954abd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
389 B 204ms
202ms XHR
application/json 2600:9000:218c:e00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:e00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Jun 2021 13:17:15 GMT
via: 1.1 16de6e3636993b2d3f832b9ae653bd69.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: a4314f33bf6a4e06983ae56438690de3-2021060913
content-length: 28
x-amz-cf-id: chodMSX_UWt8TkUJ6ojIyGnL5L324IKxVOvIbcpWQuaKb_Ai10VGmg==

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 134ms
134ms Preflight 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Jun 2021 13:17:15 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0a928494ac00004abd71a13000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4UtfsrJOIH3Reb7%2F7NBf2KItKi0im2gH%2BEohNDZnjHCqGPUy7oLVK43OcfSTGAX3ajXVrkXkvNwjzsIgvvg4f3wB15ruF7fYk7HexVarxRFd0PulVgFJEFn6yh950u0kdur%2F%2Fg9zse3i%2Ff69xFNuCiZ6"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65caa39aacb94abd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
686 B 128ms
127ms XHR
application/json 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb90074aa00636d0aa08afcc3b3b10a3ad6754b1763f97786a98531dc74f63e

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
access-control-allow-methods: POST
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284953500004abd5782e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c%2F7UH%2BSCpvk0QQ2X56MhC%2BRqHqvH8ezkhTRS9Iun60jKUADOiMV4TLvHQcIrvWY5rLudKCtGIFAZrC0Yguy5JH29NOG6AlcY%2BYqD6NVWyA04OZBp7Y8rNM6ChOtUMlEDdjMhepvKzhrEnM0eQNO5hqUP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 65caa39b8efd4abd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 124ms
124ms Preflight 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Jun 2021 13:17:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 0a9284976a00004abd8735c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZUrGhT3Eo%2BZY4%2FYIysZYk%2BBSx0fcb6Vzu4oONZ%2B98UsDb5VTHrN0kYloe0XLpmmySokD%2BCyb%2FxtedPVhfy1vcBddDo01pANaTxXmUMJzrysz3jRR62WJEcGjAR9X2Q%2F9mgyG010X78yn50MTGOYa4cIE"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65caa39f08404abd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
680 B 152ms
152ms XHR
application/json 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5db620feb6e3c686a949e0bbbf5f5f32ec21922081032f267cb02bbc09bab55

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 3
access-control-allow-methods: POST
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a928497e700004abd8e8c2000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mE5zSKL0KanWoMFkteO%2BFgIh90b%2Fr1zntPSb3Oci6inZB95vDPN59Djo%2FTmuY5AjYlpPxzUqlnh0AFjzABzhxxbmw49GyjKun2VVP4FoZa2Q5SKeYKSWsDU2ZvhDcuQZ4OJ3oFp7olncZjfxUOpVUo2b"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 65caa39fda814abd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

POST
H2 200 batch Show response
posts.specterops.io/_/ 17 B
173 B 248ms
248ms Fetch
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

sec-fetch-mode: cors
origin: https://posts.specterops.io
x-xsrf-token: 1
accept-language: en-US
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b%22%2C%22sref%22:%22%22%2C%22sts%22:1623244633664%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=16170620a9495229fe7fd8e05bf2d2d2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1623244633664}; _ga=GA1.2.156995087.1623244634; _gid=GA1.2.137724960.1623244634; _gat=1; _gat_tracker0=1; uid=lo_a1b26ef7e3fe
content-length: 4949
:path: /_/batch
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: posts.specterops.io
referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:17 GMT
medium-fulfilled-by: valencia/main-20210609-094911-28d03be7ba
x-envoy-upstream-service-time: 139
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 161ms
161ms Preflight 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://posts.specterops.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Jun 2021 13:17:19 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 33
cf-cache-status: DYNAMIC
cf-request-id: 0a9284a2930000324864877000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rqfpgCAuGOqj%2FazWPyBgT1v58%2BeiNuhGf0QzFWByywx9YJysej0FYztHJfMr2eIP4463eSsWERAIngRie17T84T2UQBRj1QVGZZxhc%2BSqHB7Dp83QR2gRyk83mIj9DCd9sfGktbwb4vTyQEnU8T2M0Gs"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65caa3b0e9403248-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
687 B 132ms
132ms XHR
application/json 2606:4700:3037::6815:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2751.2bbf71b8.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e550ace4eb608cdd95c3f826f982ef8aefbc23b1a4141b1bf8406d4f0bef07d

Request headers

Referer: https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Jun 2021 13:17:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 1
access-control-allow-methods: POST
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9284a33200004abd659b1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GYNa6%2Fpe2BCSqRulWz7gpXWz0vyNTTpxQziX3cILg6CPTniuq9wm%2F2JgzFTstjn40Pp2xpx0%2FUWNOzfmHikz0REgdxaxAjkLye%2F45kV5faD3BsOXNfh14l8%2BY8oNMInk3Z6lsO%2BMAZjFVXJrul8U8jas"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 65caa3b1edf64abd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.specterops.io/	1970-01-19 18:54:04	Name: _gat_tracker0 Value: 1
posts.specterops.io/	1970-01-20 03:39:40	Name: uid Value: lo_a1b26ef7e3fe
.specterops.io/	1970-01-19 18:54:04	Name: _gat Value: 1
.specterops.io/	1970-01-20 04:23:28	Name: _parsely_visitor Value: {%22id%22:%22pid=16170620a9495229fe7fd8e05bf2d2d2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1623244633664}
.specterops.io/	1970-01-19 18:55:31	Name: _gid Value: GA1.2.137724960.1623244634
.specterops.io/	1970-01-19 18:54:06	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b%22%2C%22sref%22:%22%22%2C%22sts%22:1623244633664%2C%22slts%22:0}
.specterops.io/	1970-01-20 12:25:16	Name: _ga Value: GA1.2.156995087.1623244634
posts.specterops.io/	1969-12-31 23:59:59	Name: Value: test

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.a660dbc2.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
d1z2jf7jlzjs58.cloudfront.net
errors.client.optimizely.com
glyph.medium.com
lightstep.medium.systems
medium.com
miro.medium.com
p1.parsely.com
posts.specterops.io
www.google-analytics.com
13.226.156.101
2600:1f18:24e6:b900:6f4e:6f3d:bfc3:43d2
2600:9000:218c:e00:11:f728:3040:93a1
2600:9000:218d:4600:19:9934:6a80:93a1
2606:4700:3037::6815:3b80
2606:4700:7::a29f:9804
2a00:1450:4001:831::200e
2a02:26f0:4700:187::13b8
34.194.161.83
52.45.34.218
52.5.181.79
52.84.174.15
0019a1fc91016d681e66c2bfc619ada899412714080b3df589fd847f77f26dc4
0051487bc2afbf337d6b21c8da4a30d72928a028671f7de87643d5fcaca0c69e
00ea178cbba5d3f907ab88426a2380ee06fc6267ea1e7e9815e4063fcdd8d8ac
03e3bf7cb09a27738c8d9e14ed5254d5e415e4fce8355d3bbe51408a34eec8e7
04b6d83778ce23802c3aa319ce965bb679e791209f334605643f8d9b17083e79
0b4a6ee70f280e752cfeea9d8ebd4d75b338ce88ff12f20e198a444250bf52a9
0cdf5aa71c32a006adcd03f39288523badbb266a8b60aefdbee45b2dbdb5860a
0d271e009c3376092ab82002a5b7b8d70e5cd36fac5f25679a28587eededc296
0dd2006dbe3978bf125cb1e0002f09cbcd4ca6801ff701e52e53aa50c0fa190d
115681beca8565a10e34c5cc090ae565d44223c05de990d96222f93ef10cdd0c
1505acb06d7ac0ea237a47020caff34ff9c1066c19f43ca474d581106d8a002c
15e6e428024ecfb2554a22fb9928cb8291d4fef98666849a98b3cd19a2e6c167
172f5b7d6aea73d3fb57d7638c740eeeff4b607a1aa0308d04b9b8f00ab49cc6
175eca163385d849b46ca9a05193b36bdb854db35454e79cc6235f89cf22e280
1bb58f5bd979c6aa8d0625993baddd330b6334285cd9bdab49576aa34d276c10
1dd42b41715639d00fdd524dae4734968e91e05abb368514929b740af942ddb5
23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7
2735c24ff06af9bb0a0a46bc9b8bcdfa595a4ff72e2f28b7a96992ad41faa688
2ab65923fc0535464f1004cf2033d93a46160c8c9f7078a695c9ce4c3978f7fb
2ae595460c58e158ec4fdaec962e5ab6309aa5356334a1af3afeb8b77d6424df
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d6656287fa1325f938441be0a1343b7946a17457f95f19770a8981ce392e307
2f5cda9ca113951770f28a63a7467be8f0c673a10d5fd5f87cfa2bab12cb49ae
2fd9f3a790a6dd4f8ce63c68a1e4d915f20b225fcac6fb21f3d2ba27c0faaab5
3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0
37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55
386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572
3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51
3c1f1559a072531c1dcc82d9356ac612b1de4eab8110684e2c781632d48bfa4e
3e550ace4eb608cdd95c3f826f982ef8aefbc23b1a4141b1bf8406d4f0bef07d
41369f4e1f416398d97cce9eb2aed485e130961d0f30dee4d80a91519ecf81a9
43155db76ef8159ee2fe9b4f9c945e6c931a5913a09e5cbcc81428a2be0a7c6d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ba77cc18f87ef4b95eab6ec176a749cea20445443588c0faf2f3253ee4b7c0
46b0ecc8a0ecad4ef53c708248aa404d994a6402d93e8c87684ed82183002a3a
49ddcbaf49e0d10e867abc392b1a8f6dcb6180d160ee057024d8d688294dabd6
507a30c31ab0504d0a4b0e823b52ec6ee696f009dd6ee705501777a7133d2a10
50bd82b1547e2db3bef7b27bed0aa7d436e51ef509c2adf789a66c7db6254dc6
52382878a7b8ed3cda7f8650ec9b2cc3951d2904e8db611dd51c4112e39a95bf
53e8742a0929c0275ca9f8d8181f0ae49497c5db007975e3434b513d1e657973
54ad9fdfa15c211df82f69f19b5b1925e1147181ae67b2679b8dffc2c2dc06a9
57b214d93b6bc859336f60b4fe759a1809e14228305fccd3a41889e213db7d91
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
5a2aa99d94312a19ee778ccc3bb9fbc64c1eb4b67312eb47327d29354d94fbde
5f159f5a938039cdd61f9f382fe63c912ceb62697a8e2cd5f5e54c1f90e2d68c
61df1c691c169e5eee23e389d4746fd846ffc7746356cba2e924d83445181a15
63b78b9ab30410dda3b9bf91064e911e35693a43157f41b1044c6647fcf65216
653a562eba0bb3a78db868c907c969e337a4ee74f13c766e1978d2d8f6d251d6
67c4cd3264cdb8f145d364e09586abb4c9b7f36fc6c07729ced48ccbf643c000
6aa81e31ec1390eb8abbe1e81f0e31d02647972b161049d6160d88e5fad2b555
72cb6bd2aabbccc5b824de69792c12620b642a94393c276c7dc54aaf86158e46
7308fd7fb9085dd357dfacfc99b96c6943e2e52af050a4a235da150ffa043a68
768082d70360209250cd33918ef5d4c884ddc103fc0746054604a94800178c19
774f6fed33adce86caac8bd30f89c86d7eb8b7d75d31ff1150649f235251f66a
78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee
7a02d3876264c8b8bbbbb097ad7411acabee81b3287b59fce1565fc1db94e573
7b64fa6ea91fd60a236e9eb95b2a2512287c508b753521dfca035e19a243adef
80160dbe0f4d50e4884cbc2de72df7a79227b977a3fb63da00d5d16032e09769
802961ca190f868a9dd1595676bc4db11ce21e17d32e0658d2748238b7c8ea16
8041bb202a0e56dbb3fa55c15d93ff29fecff81b2e993e566e4873826add9fc5
8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b
8ca134e34fbaa458d1d943aedc393f3beabf037062890e43b0a71566ad46cf28
8e2f8549af80d61cda0e562b2e750e07fb016c08106744ac871cf546c5695cfb
920848ff24029ecabc7b9c18db0afba74287f153f47af88bb40ecd87567f9d48
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
96876c40ac46caa83507ee4533dbbe643f438c9784e71c0fbf9086eb63dfa831
97d9be0a936d488bb376189b24b54bc8f9ba5f98e2f17be6e7fd13e9fa2062d0
997a67a3701457dc75889bcdd07797eb0484c934e7acb7969d7e7f3340817b83
99eaca1766ff6c119169ada736c10996e496c801ace7ad6248755bdccee47b83
9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16
9b2ba524e89cadd46eefa8f3f653bac8ab3cc47267cb8bf419ef64ad56d31874
9c2d0f345f48da7eae159fb1c8240d2fbd8970db20383bc14f39af4436e56238
9d8c517b371599e8d435eb45b38496c719078120280254ee338aa8d7e9855469
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a26fb182c4bdbe614059da22c59fbc361a8bcd754c9a370fdb031d16f0b29019
a373fcf6e68420792ae6977c1b7f2fe73082944f237ec333b8f45d28752507de
a3ba1439124da243b102483d0d3b16a41d1481e65595b9eca9ca33e8979079cb
a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d
a5db620feb6e3c686a949e0bbbf5f5f32ec21922081032f267cb02bbc09bab55
a6736bbcf43d65775f5bcd9126f0e0cbb896edb1081d27e9a370243e8e947814
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
acd9b7cb0093decbc3c1ea695d2e9d708b3e5eac543a3c4144ca5e76f840229f
b1035505b348df8d0765373e106a9552ea5e87e04fc48e66a2ba51022d6be269
b39f31b2fc76218338f64427874f97800461da0de7c6849a84f49840705de060
b3a6990e27b86a035b6ca5dacb9137b852b4a470939697f95eb8a420d0d3e0d3
b3b4f1ce0d89e52e8e1e7e1005bd4ffd61a2124dbd2257a461520986b692a66d
b66358492fc0e1f5ac41b2fdc25c96d1c129615754c88704ad972a7367d32032
b754c6153d198ba01b9f72572b05dcf9cfad019beba7c1974a8ef36620c1f3ec
bee0d3732b8665a70248979d37187133f22d86034a614ca6e47ee2442747a00c
c0f26ea681118b91a7c24d4fa45b2cfc97382023713549d6e2eb9da58d4f121c
c4e09d93010b633a8bb2598e34c60aff8efa8d50a88656309e3f05c9c17bd684
c712e40d2ad5b69ab95a7920ccaaed9318c9105cb48e692a0623e397d4566157
c98fb5a46eb7e071b2e78f0b6425bb445dad8fbee25cb18a70c9710f19ea5114
caf0983b0ba8e0a9b08d61f32ace19dcd7969fa9aa0475f067f592c1784ec04f
ce19b8cf5dc965ec46b5051e5b2c3b6c09827bf1d22e7aa65e50661908b6691f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4c607b08799097802d49c484c773cbcd6a145874cd2ff0277b5a6459e3d990
d10bfbac01d0462116b5e72ef1283acad36e7573f70225e241001a0b95a4d5c5
d6e69e570052da49ca6c294f9f7f73d78077c807aea47698290fa094a1ce9d39
dd3507489c8228b3c86c476938a77a7984f87ae1eaa1054501321cc085a0d22e
df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f
e340a49d8095fbbd3fd135140fc7090ece24ff63f90a7c30a9b85c06904d609b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e599771c538593c6fd1c7760204ed65e81eead76fe771201679e2b3b32ebf724
e8c08805c1d2ec25dbb163d2904ca750afcdaed7c5667d129a7200f6f1133d64
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8
ea0b300c7ad73921680359ba67e6db7fad314c94ca87e845a931097fd75ec74c
edfa47c0840871eace133d376040487c63fa6f9d3557834c9cf526c8cc6f2c7b
eeb90074aa00636d0aa08afcc3b3b10a3ad6754b1763f97786a98531dc74f63e
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f3dae63e0b642c98c46774db204945de362932da96b23679c6c07746b4ee8705
f48a0b457ed1e89309f7c4b2cfdd60e38c93a79e4d7e643a72d8266ad9cbdca5
f4b1e97f6e8139c5fc12fb42d492b2a6eecbceff57b131d976047ac71a71a31e
f8c8980c52933cd778a3ad336871fcc88440ed7fb33f38cfe0f616e144243ad5
fa2cb9576d3fc35ea9c27219303b2319c294f370fa84de3fd1fc45cb3dafb40d
fdecbd311384a7b4fb7ce398a74690c60610bf18fbd8b4a34e7ff4c11d087bde
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1
ffeb4f1a583da326bbfc4ba7e05eeac4d4133296ef83b5646bcba74020081c4d

posts.specterops.io Open in urlscan Pro 52.5.181.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

58 %IPv6

10 Domains

15 Subdomains

12 IPs

3 Countries

1390 kBTransfer

3522 kBSize

8 Cookies

48 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

posts.specterops.io Open in urlscan Pro
52.5.181.79 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

15
Subdomains

12
IPs

3
Countries

1390 kB
Transfer

3522 kB
Size

8
Cookies

132 HTTP transactions
0 data transactions