doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilitie...
Effective URL:
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilitie...
Submission: On August 27 via api (August 27th 2021, 2:39:59 pm UTC) from US

Summary HTTP 132 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 132 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is doublepulsar.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 21st 2021. Valid for: a year.

This is the only time doublepulsar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	52.1.119.170 52.1.119.170	14618 (AMAZON-AES) (AMAZON-AES)
1 94	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.96.57 13.224.96.57	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:24e... 2600:1f18:24e6:b902:3560:f86b:b647:d2d7	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:219... 2600:9000:2190:7a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:6600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.225.10.210 3.225.10.210	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700:303... 2606:4700:3032::6815:5081	13335 (CLOUDFLAR...) (CLOUDFLARENET)
132	10

17 52.1.119.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-119-170.compute-1.amazonaws.com

doublepulsar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-57.zrh50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:3560:f86b:b647:d2d7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:7a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:6600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.10.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-10-210.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3032::6815:5081 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	1 MB
17	doublepulsar.com 1 redirects doublepulsar.com	62 KB
10	medium.systems lightstep.medium.systems	3 KB
5	branch.io cdn.branch.io api2.branch.io	26 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	97 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
2	google-analytics.com www.google-analytics.com	19 KB
1	app.link app.link	564 B
132	8

	Domain	Requested by
43	cdn-client.medium.com	doublepulsar.com cdn-client.medium.com
38	miro.medium.com	doublepulsar.com
17	doublepulsar.com	1 redirects cdn-client.medium.com
12	glyph.medium.com	doublepulsar.com glyph.medium.com
10	lightstep.medium.systems	cdn-client.medium.com
4	api2.branch.io	cdn-client.medium.com
2	errors.client.optimizely.com	cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	www.google-analytics.com	doublepulsar.com cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	doublepulsar.com
1	cdn.optimizely.com	doublepulsar.com
1	medium.com	1 redirects
132	13

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
policy.medium.com
twitter.com
symantec-enterprise-blogs.security.com
www.zerodayinitiative.com
msrc.microsoft.com
www.bleepingcomputer.com
www.reddit.com
github.com
searchsecurity.techtarget.com
www.microsoft.com
us-cert.cisa.gov
gerritcomfix.medium.com
bromiley.medium.com
javascript.plainenglish.io
gotoflorian-pro.medium.com
shice1910.medium.com
vzmediaplatform.medium.com
help.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
doublepulsar.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-21` - `2022-01-21`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2021-10-01`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
errors.client.optimizely.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Frame ID: 20175A4BF06819CD485FBD73E588BE55
Requests: 125 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Multiple threat actors, including a ransomware gang, exploiting Exchange ProxyShell vulnerabilities | by Kevin Beaumont | Aug, 2021 | DoublePulsar

Page URL History Show full URLs

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxy... HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-thre... HTTP 302
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxy... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

132
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

13
Subdomains

10
IPs

2
Countries

1520 kB
Transfer

3854 kB
Size

4
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_page-----c457b1655e9c---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2Fc457b1655e9c&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----c457b1655e9c--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_page-----c457b1655e9c---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/doublepulsar/newsletters/doublepulsar-cybersecurity-threat-intelligence?source=post_page-----c457b1655e9c--------------------------------
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-rules-30e5502c4eb4?source=responses-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=responses-----c457b1655e9c---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=-----c457b1655e9c---------------------smart_meter-----------
Title: Sign up for Medium and get an extra one

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=post_page-7db6d2df42a6----c457b1655e9c---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://twitter.com/orange_8361
Title: Orange Tsai

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1426114648609337344
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*u9RwN0668pjS1BTgAenrNQ.png" width="700" height="463" srcSet="https://miro.medium.com/max/552/1*u9RwN0668pjS1BTgAenrNQ.png 276w, https://miro.medium.com/max/1104/1*u9RwN0668pjS1BTgAenrNQ.png 552w, https://miro.medium.com/max/1280/1*u9RwN0668pjS1BTgAenrNQ.png 640w, https://miro.medium.com/max/1400/1*u9RwN0668pjS1BTgAenrNQ.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lockfile-ransomware-new-petitpotam-windows
Title: LockFile: Ransomware Uses PetitPotam Exploit to Compromise Windows Domain Controllers | Symantec Blogs (security.com)

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1427225282713427968
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*62rghLij4Vr4jtvWcKmWow.png" width="700" height="697" srcSet="https://miro.medium.com/max/552/1*62rghLij4Vr4jtvWcKmWow.png 276w, https://miro.medium.com/max/1104/1*62rghLij4Vr4jtvWcKmWow.png 552w, https://miro.medium.com/max/1280/1*62rghLij4Vr4jtvWcKmWow.png 640w, https://miro.medium.com/max/1400/1*62rghLij4Vr4jtvWcKmWow.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/buffaloverflow/status/1429050360212119555?s=20
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*sdwri3ewG0QVcwMgBM2ixw.png" width="700" height="644" srcSet="https://miro.medium.com/max/552/1*sdwri3ewG0QVcwMgBM2ixw.png 276w, https://miro.medium.com/max/1104/1*sdwri3ewG0QVcwMgBM2ixw.png 552w, https://miro.medium.com/max/1280/1*sdwri3ewG0QVcwMgBM2ixw.png 640w, https://miro.medium.com/max/1400/1*sdwri3ewG0QVcwMgBM2ixw.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
Title: Zero Day Initiative — From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange — ProxyShell!

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473
Title: CVE-2021–34473

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523
Title: CVE-2021–34523

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31207
Title: CVE-2021–31207

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-are-getting-hacked-via-proxyshell-exploits/
Title: Microsoft Exchange servers are getting hacked via ProxyShell exploits (bleepingcomputer.com)

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/msp/comments/p8ik84/polite_warning_please_patch_the_newest_exchange/h9qqq83/
Title: Polite Warning: Please Patch the Newest Exchange Vuln : msp (reddit.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/scanning/blob/main/http-vuln-exchange-proxyshell.nse
Title: scanning/http-vuln-exchange-proxyshell.nse at main · GossiTheDog/scanningContribute to GossiTheDog/scanning development by creating an account on GitHub.github.com

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1423974672383856642
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*IjYYNH-Hdk2OS1r2Bpli_Q.png" width="700" height="1121" srcSet="https://miro.medium.com/max/552/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 276w, https://miro.medium.com/max/1104/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 552w, https://miro.medium.com/max/1280/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 640w, https://miro.medium.com/max/1400/1*IjYYNH-Hdk2OS1r2Bpli_Q.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/news/252505450/Many-Exchange-servers-still-vulnerable-to-ProxyLogon-ProxyShell?utm_campaign=ssec_security&utm_content=1629300558&utm_medium=social&utm_source=twitter
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*RlD-7L_z5RnXAPaonz3LfA.png" width="700" height="715" srcSet="https://miro.medium.com/max/552/1*RlD-7L_z5RnXAPaonz3LfA.png 276w, https://miro.medium.com/max/1104/1*RlD-7L_z5RnXAPaonz3LfA.png 552w, https://miro.medium.com/max/1280/1*RlD-7L_z5RnXAPaonz3LfA.png 640w, https://miro.medium.com/max/1400/1*RlD-7L_z5RnXAPaonz3LfA.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1423609007063851015
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*fTD2aXnSkh1IjwhVvOhOwg.png" width="700" height="447" srcSet="https://miro.medium.com/max/552/1*fTD2aXnSkh1IjwhVvOhOwg.png 276w, https://miro.medium.com/max/1104/1*fTD2aXnSkh1IjwhVvOhOwg.png 552w, https://miro.medium.com/max/1280/1*fTD2aXnSkh1IjwhVvOhOwg.png 640w, https://miro.medium.com/max/1400/1*fTD2aXnSkh1IjwhVvOhOwg.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-Powershell-via-SSRF
Title: ThreatHunting/Exchange-Powershell-via-SSRF at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-ProxyShell-RBAC
Title: ThreatHunting/Exchange-ProxyShell-RBAC at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-CVE-2021-34473-SSRF
Title: ThreatHunting/Exchange-CVE-2021–34473-SSRF at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/ThreatHunting/blob/master/AzureSentinel/Exchange-ProxyShell-SSRF
Title: ThreatHunting/Exchange-ProxyShell-SSRF at master · GossiTheDog/ThreatHunting (github.com)

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/06/30/microsoft-finds-new-netgear-firmware-vulnerabilities-that-could-lead-to-identity-theft-and-full-system-compromise/
Title: example

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/current-activity/2021/08/21/urgent-protect-against-active-exploitation-proxyshell
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*rCHyIaUk8a7PX-olIw1NnA.png" width="700" height="253" srcSet="https://miro.medium.com/max/552/1*rCHyIaUk8a7PX-olIw1NnA.png 276w, https://miro.medium.com/max/1104/1*rCHyIaUk8a7PX-olIw1NnA.png 552w, https://miro.medium.com/max/1280/1*rCHyIaUk8a7PX-olIw1NnA.png 640w, https://miro.medium.com/max/1400/1*rCHyIaUk8a7PX-olIw1NnA.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/NSACyber/status/1429073988957970441?s=20
Title: <img alt="" class="t u v jb aj" src="https://miro.medium.com/max/1400/1*CvDtyvsgtYHqr5hn0IDEVA.png" width="700" height="331" srcSet="https://miro.medium.com/max/552/1*CvDtyvsgtYHqr5hn0IDEVA.png 276w, https://miro.medium.com/max/1104/1*CvDtyvsgtYHqr5hn0IDEVA.png 552w, https://miro.medium.com/max/1280/1*CvDtyvsgtYHqr5hn0IDEVA.png 640w, https://miro.medium.com/max/1400/1*CvDtyvsgtYHqr5hn0IDEVA.png 700w" sizes="700px" role="presentation"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/VirITeXplorer/status/1428750497872232459
Title: link

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&collection=DoublePulsar&collectionId=8343faddf0ec&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=post_sidebar-----c457b1655e9c---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_sidebar-----c457b1655e9c---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/doublepulsar/newsletters/doublepulsar-cybersecurity-threat-intelligence?source=newsletter_v3_promo--------------------------newsletter_v3_promo-----------
Title: Take a look.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fbf3adc545c1c&operation=register&redirect=https%3A%2F%2Fmedium.com%2Fdoublepulsar%2Fnewsletters%2Fdoublepulsar-cybersecurity-threat-intelligence&collection=DoublePulsar&collectionId=8343faddf0ec&newsletterV3=DoublePulsar%20Cybersecurity%20Threat%20Intelligence&newsletterV3Id=bf3adc545c1c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=newsletter_v3_promo--------------------------newsletter_v3_promo-----------
Title: Get this newsletter

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=post_actions_footer-----c457b1655e9c---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@networksecurity?source=follow_footer-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F7db6d2df42a6%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=follow_footer-7db6d2df42a6----c457b1655e9c---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Fb4bad6c46577&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&newsletterV3=7db6d2df42a6&newsletterV3Id=b4bad6c46577&user=Kevin%20Beaumont&userId=7db6d2df42a6&source=follow_footer-----c457b1655e9c---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fdoublepulsar%2Fc457b1655e9c&operation=register&redirect=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&collection=DoublePulsar&collectionId=8343faddf0ec&source=follow_footer-----c457b1655e9c---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/pragmatic-programmers/other-security-resources-c4539fff6d4b?source=post_internal_links---------0----------------------------
Title: Other Security Resources

Search URL Search Domain Scan URL

URL: https://medium.com/@pragprog?source=post_internal_links---------0----------------------------
Title: The Pragmatic Programmers

Search URL Search Domain Scan URL

URL: https://medium.com/pragmatic-programmers?source=post_internal_links---------0----------------------------
Title: The Pragmatic Programmers

Search URL Search Domain Scan URL

URL: https://medium.com/@MikeBacina/dick-smith-scam-advertising-garners-lawsuit-against-the-guardian-c45fab3460a?source=post_internal_links---------1----------------------------
Title: Dick Smith scam advertising garners lawsuit against The Guardian

Search URL Search Domain Scan URL

URL: https://medium.com/@MikeBacina?source=post_internal_links---------1----------------------------
Title: Michael Bacina

Search URL Search Domain Scan URL

URL: https://gerritcomfix.medium.com/useful-resources-for-evaluating-subgraphs-c45f322a2dcd?source=post_internal_links---------2----------------------------
Title: Useful resources for evaluating Subgraphs

Search URL Search Domain Scan URL

URL: https://gerritcomfix.medium.com/?source=post_internal_links---------2----------------------------
Title: Gerrit

Search URL Search Domain Scan URL

URL: https://bromiley.medium.com/full-packet-fridays-c4597cfcb18f?source=post_internal_links---------3----------------------------
Title: Full Packet Fridays: Malware Traffic Analysis

Search URL Search Domain Scan URL

URL: https://bromiley.medium.com/?source=post_internal_links---------3----------------------------
Title: Matt B

Search URL Search Domain Scan URL

URL: https://javascript.plainenglish.io/transport-layer-protection-cheat-sheet-for-javascript-developers-c45d5970bdf3?source=post_internal_links---------4----------------------------
Title: Transport Layer Protection Cheat Sheet For JavaScript Developers

Search URL Search Domain Scan URL

URL: https://gotoflorian-pro.medium.com/?source=post_internal_links---------4----------------------------
Title: Florian GOTO

Search URL Search Domain Scan URL

URL: https://javascript.plainenglish.io/?source=post_internal_links---------4----------------------------
Title: JavaScript in Plain English

Search URL Search Domain Scan URL

URL: https://shice1910.medium.com/update-eat-game-hack-free-resources-generator-c45ba4d03e75?source=post_internal_links---------5----------------------------
Title: {UPDATE} Eat Game Hack Free Resources Generator

Search URL Search Domain Scan URL

URL: https://shice1910.medium.com/?source=post_internal_links---------5----------------------------
Title: Jojo Artemas

Search URL Search Domain Scan URL

URL: https://vzmediaplatform.medium.com/dont-let-your-web-security-solution-affect-performance-e30b536b76fe?source=post_internal_links---------6----------------------------
Title: Don’t let your web security solution affect performance.

Search URL Search Domain Scan URL

URL: https://vzmediaplatform.medium.com/?source=post_internal_links---------6----------------------------
Title: Verizon Media Platform

Search URL Search Domain Scan URL

URL: https://medium.com/@julia.sommer/gdpr-demystified-2-17eeb3bce18?source=post_internal_links---------7----------------------------
Title: GDPR demystified #2

Search URL Search Domain Scan URL

URL: https://medium.com/@julia.sommer?source=post_internal_links---------7----------------------------
Title: Julia Sommer

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----c457b1655e9c--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----c457b1655e9c--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://medium.com/creator-tools?source=post_page-----c457b1655e9c--------------------------------
Title: Write a story on Medium.

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page-----c457b1655e9c--------------------------------
Title: Write

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----c457b1655e9c--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----c457b1655e9c--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----c457b1655e9c--------------------------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c%3Fsource%3Drss-7db6d2df42a6------2 HTTP 302
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c Show response
doublepulsar.com/
Redirect Chain

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c%3Fso...
https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910

228 KB
45 KB

1852ms
1852ms

Document
text/html

52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6c05b8e83e0fcbb9a024cd9f2b13345167f61cd318684b92ed268df7ab5d6d6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Request headers

:method: GET
:authority: doublepulsar.com
:scheme: https
:path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Fri, 27 Aug 2021 14:39:37 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
etag: W/"38f25-bSRP7tiW8K82gK/HExvcuR6aO+Y"
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, lite/main-20210826-210656-6b979099c1, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
medium-missing-time: 649
set-cookie: uid=lo_f587adeaa0e0; Path=/; Expires=Sat, 27 Aug 2022 14:39:36 GMT; HttpOnly; Secure; SameSite=None sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; Path=/; Expires=Sat, 27 Aug 2022 14:39:36 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_f587adeaa0e0; Path=/; Expires=Sat, 27 Aug 2022 14:39:36 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 1734
x-request-received-at: 1630075176079

Redirect headers

date: Fri, 27 Aug 2021 14:39:35 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
cf-ray: 68560cd87fd1dfa9-FRA
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
set-cookie: uid=lo_f587adeaa0e0; Path=/; Domain=medium.com; Expires=Sat, 27 Aug 2022 14:39:35 GMT; HttpOnly; Secure sid=1:6VvoetmpOaRpYRYMqq+5eAbkALeLRU+Zdy99arem5fP9XuBpGIHdL2YPBurpPan5; Path=/; Domain=medium.com; Expires=Sat, 27 Aug 2022 14:39:35 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_f587adeaa0e0; Path=/; Domain=medium.com; Expires=Sat, 27 Aug 2022 14:39:35 GMT; Secure; SameSite=None __cfruid=363889d1b1127f23c699657c29e9eb6c6ef26c1e-1630075175; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/4, valencia/main-20210826-123830-4cdf4f0dd3
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 71
x-frame-options: sameorigin
x-obvious-info: 20210827-0800-root,0742fb32
x-obvious-tid: 1630075175846:43b41acfa5ea
x-opentracing: {"ot-tracer-spanid":"03db5982099531c6","ot-tracer-traceid":"612d2606a203133d","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 unbound.css
glyph.medium.com/css/ 12 KB
1 KB 48ms
38ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 303
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 68560ce5787ddfa9-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 27 Aug 2021 16:39:37 GMT

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 338 KB
97 KB 26ms
7ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3dd90bc7589e2dfce2ebb76fbbdeb3edb151dda0fc05cb3ce013b4058be34a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: vwWN0kmfZ1m3qb2jpcTs5aMPzkV18.Op
content-encoding: gzip
etag: "267771ff0ce9ec0abb02d4e8ef49b2b6"
x-amz-request-id: C00XGR1A6ZPS8C6F
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 7159
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 97961
x-amz-id-2: wwE5t5ZIbgrbsagy1yNMvxYkmM/coaeznQBejD2cAbiFA067GV4Yn0EnP1Kg/WuKp3K7Y9RMYwc=
last-modified: Fri, 27 Aug 2021 14:21:12 GMT
server: AmazonS3
date: Fri, 27 Aug 2021 14:39:37 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1*bry5HIDtIpONm_IDzSVYWA.jpeg
miro.medium.com/max/164/ 6 KB
6 KB 116ms
115ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/164/1*bry5HIDtIpONm_IDzSVYWA.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e544bd8d73fe98d8ba7a775515ae3f80b1dc3d63f6aaded903352e5bfd0dbf5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5682
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210610-161437-d086756654
accept-ranges: bytes
cf-ray: 68560ce57876dfa9-FRA
expires: Sun, 26 Sep 2021 14:39:37 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 36ms
27ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4480505
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce5d8f4535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:37 GMT

GET
H2 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 123ms
120ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 35
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4168
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210625-142430-abd62260a9
accept-ranges: bytes
cf-ray: 68560ce6095cdfa9-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H2 200 1*u9RwN0668pjS1BTgAenrNQ.png
miro.medium.com/max/60/ 2 KB
2 KB 160ms
157ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*u9RwN0668pjS1BTgAenrNQ.png?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51041a29d93ea155720fb49ddd960a39b1a081d7d43a3d051c08bb620a3cb2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2347
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce6095edfa9-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H2 200 0*eN7KaUa3262blFJP
miro.medium.com/max/60/ 685 B
796 B 124ms
121ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*eN7KaUa3262blFJP?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78370f1c60ca7a80d7bc4052eedbb87ad1425f418730b2cf7b3922719001d752

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 239
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 685
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce60960dfa9-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H2 200 1*dWXd46iLkzgxdHyPYehR3Q.png
miro.medium.com/max/60/ 1 KB
1 KB 131ms
128ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*dWXd46iLkzgxdHyPYehR3Q.png?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e798695365aaabfbd6209396d2f2e565e367bd2d29a805358798bde076c9a4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 168
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1229
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce60962dfa9-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H2 200 1*62rghLij4Vr4jtvWcKmWow.png
miro.medium.com/max/60/ 4 KB
4 KB 130ms
128ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*62rghLij4Vr4jtvWcKmWow.png?q=20

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

023e4896942ae770c88c045d89d253862d0bb4ecb47adfc19be2d2702412af42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 160
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3705
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce60964dfa9-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*V5nZgUu_PYCxtdhyiidLaw.png
miro.medium.com/max/60/ 2 KB
2 KB 136ms
124ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*V5nZgUu_PYCxtdhyiidLaw.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f2abdf9e9752867b58046f22000379a3c4da9c0f4a0536635972bc124a7854d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 443
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1537
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8105c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*g285h2BnD--L0oJs_cdqcQ.png
miro.medium.com/max/60/ 2 KB
2 KB 149ms
136ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*g285h2BnD--L0oJs_cdqcQ.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8816dc8228d4e702aac7c2832e7617ffbdf7aecc865587b696d063f3ea93b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 149
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2002
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9a05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 0*dflPtZeZt2OPlrjE.jpg
miro.medium.com/max/60/ 798 B
1 KB 135ms
123ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*dflPtZeZt2OPlrjE.jpg?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ffbef1177aa861458bf509b1995d08c855a289b1dceb2928773815b1c7c27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 159
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 798
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8a05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*sdwri3ewG0QVcwMgBM2ixw.png
miro.medium.com/max/60/ 5 KB
5 KB 176ms
165ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*sdwri3ewG0QVcwMgBM2ixw.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c56db5c125272d6c1961aec103670e022d01534cfbd4baa7ff3b595f9825ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 112
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4946
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e7505c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*cTV8ShHGUNSZSjeXlobd6g.png
miro.medium.com/max/60/ 2 KB
3 KB 134ms
121ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*cTV8ShHGUNSZSjeXlobd6g.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a903333a957f9311e1d51fb0064c219e1e0f578e36fa993d750a99d0f7fe697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2192
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9f05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 0*QEIvjO9EsGcZEAQs
miro.medium.com/max/60/ 645 B
1 KB 160ms
149ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*QEIvjO9EsGcZEAQs?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ea4c5606f00ece39073ca2c52012151e25038242447053b13ac4f2021f0c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 97
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 645
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8305c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 0*C9MLlA3nfWeN5kOg
miro.medium.com/max/40/ 3 KB
3 KB 143ms
130ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/40/0*C9MLlA3nfWeN5kOg?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02a209d50a545e4955d40866065477107a19b3ba0f74f449ce3e3f4fac6b08aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 113
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2690
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9205c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*IjYYNH-Hdk2OS1r2Bpli_Q.png
miro.medium.com/max/38/ 2 KB
3 KB 130ms
118ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/38/1*IjYYNH-Hdk2OS1r2Bpli_Q.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7df3af12e866788eb580b7542e9e29e8bffe1c046eaccea8b019fb5c9d88097b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 166
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2305
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8705c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*61QJJfD0qkcuWbIAo7y0PA.png
miro.medium.com/max/60/ 4 KB
4 KB 137ms
126ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*61QJJfD0qkcuWbIAo7y0PA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d5fdf94cc9bcce6d26f71f0d82b4e925e0ca901df59c1d24d7d911eddb0cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 138
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3677
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e7205c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*RlD-7L_z5RnXAPaonz3LfA.png
miro.medium.com/max/58/ 5 KB
6 KB 161ms
149ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/58/1*RlD-7L_z5RnXAPaonz3LfA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6d130d8f196bb2c14843b9bd09ca0f6eb9c826133a4451082927aba4f40f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 145
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5548
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8005c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*fTD2aXnSkh1IjwhVvOhOwg.png
miro.medium.com/max/60/ 2 KB
3 KB 143ms
130ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*fTD2aXnSkh1IjwhVvOhOwg.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9426d07320e3f576a16016df14965aa352eea15b901f44f72187ae8c4d597c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 89
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2520
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9c05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*ODRelg7s5_qtrHoHLkTSkg.png
miro.medium.com/max/60/ 3 KB
3 KB 134ms
121ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ODRelg7s5_qtrHoHLkTSkg.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042e4e303b7ad0b97a172aa37962c7f649c1afad771dd31f8e7161744d84cdff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 141
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2939
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9e05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*rCHyIaUk8a7PX-olIw1NnA.png
miro.medium.com/max/60/ 2 KB
2 KB 164ms
152ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*rCHyIaUk8a7PX-olIw1NnA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edac038fa41b6998706870940e3dcb6a50bf6ff175cfd7e274dc1f096f9e1c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 80
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1663
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9105c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*CvDtyvsgtYHqr5hn0IDEVA.png
miro.medium.com/max/60/ 1 KB
2 KB 127ms
116ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*CvDtyvsgtYHqr5hn0IDEVA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afed961ddb57f36277dfd3c4746651600913c0bfff3b3a498971e1d40d027351

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 100
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1510
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8505c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*B3TkZ12vbMbvy53nsfM0hQ.png
miro.medium.com/max/60/ 2 KB
2 KB 130ms
118ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*B3TkZ12vbMbvy53nsfM0hQ.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

525519582b1bd4a7a793e91b793c4c727c4cec22ce14884f6ba4d3aaf6ded90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 130
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1565
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e7c05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*LBYvNwHoUyGoVxj4S_hgQA.png
miro.medium.com/max/24/ 2 KB
3 KB 160ms
147ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/24/1*LBYvNwHoUyGoVxj4S_hgQA.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72fdaeca4c65e6655aeeb37b8b9787e1cef79a4e8b10cee34f64f6315cef91e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 108
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2253
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8e05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/160/160/ 8 KB
8 KB 145ms
134ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d60f382ab7dcba7579cd2088e8f9ef61e63acbcf269626a9b081c54d9624cdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 49
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8074
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e7b05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/160/160/ 10 KB
10 KB 141ms
128ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ae1072afc293ec30101e3f8d4eee96b04952b8f21ac49df261e70ae69cafbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 93
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10240
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210610-161437-d086756654
accept-ranges: bytes
cf-ray: 68560ce63e9505c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
4 KB 142ms
130ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*TPJ3sVZRlcq-rj72g82bAg@2x.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae1c273ad638e70d8bf5fd973b10ca3396efd4296ed46d5f4f9fc0c89ce19a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3143
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210610-161437-d086756654
accept-ranges: bytes
cf-ray: 68560ce63e9905c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*euFkwA7zJWm-l7aDoNtJrw.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
4 KB 128ms
117ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*euFkwA7zJWm-l7aDoNtJrw.jpeg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d49f9d5f6cf0fe5e246dae163447d21a876c54cdf3da502fca7d95f2441a51a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3499
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210709-175524-eebd6c4731
accept-ranges: bytes
cf-ray: 68560ce63e7905c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*BUHZGPHsQM7JMD9O-_FomQ.jpeg
miro.medium.com/max/60/ 989 B
1 KB 128ms
116ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*BUHZGPHsQM7JMD9O-_FomQ.jpeg?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f858ae42dc95fa7d296a95b414952a71bc640985593fc83a5ecdbbafb9a9525

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 989
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9005c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 0*K_bitThKJP5I7YN9.png
miro.medium.com/max/60/ 5 KB
6 KB 160ms
149ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*K_bitThKJP5I7YN9.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4cd63175903f7de1128348f087273d1d0b50dec0d84b6d96d9595aacaab923

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-envoy-upstream-service-time: 43
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5238
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e7a05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*2ifo7XGB-34qx2bksib9Ow.png
miro.medium.com/max/60/ 2 KB
2 KB 188ms
176ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*2ifo7XGB-34qx2bksib9Ow.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4a10cbffdbce76d8de099fabe5eaf5fe08c12fa86e846e34013f7597c716e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-envoy-upstream-service-time: 57
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1978
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9405c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*yd67v8LbzHZQCC6poSeLfw.png
miro.medium.com/max/60/ 6 KB
6 KB 142ms
129ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*yd67v8LbzHZQCC6poSeLfw.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ced593854bb82c95cf35f22c421e3ada59d60b4c9292b58da914d4340139d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 26
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6076
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e9805c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 0*dE2uuj6qT87bIaDp
miro.medium.com/max/60/ 741 B
1 KB 163ms
152ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*dE2uuj6qT87bIaDp?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

074120e0ce9c1b6b278f30fbc208a1312ad9c87639665a2abfb86bdacb6bdbbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-envoy-upstream-service-time: 59
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 741
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8805c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 1*hn4v1tCaJy7cWMyb0bpNpQ.png
miro.medium.com/max/60/ 3 KB
3 KB 33ms
22ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*hn4v1tCaJy7cWMyb0bpNpQ.png?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68078ec955d9fe1ecbba1656e1f4469e2585307cfc1b5b993df6e56e5de3d359

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49
x-envoy-upstream-service-time: 26
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3059
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210625-142430-abd62260a9
accept-ranges: bytes
cf-ray: 68560ce63e7605c4-FRA
expires: Sun, 26 Sep 2021 14:39:37 GMT

GET
H3-29 200 0*PXiUyDtNl1U932J7
miro.medium.com/max/60/ 6 KB
7 KB 148ms
137ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*PXiUyDtNl1U932J7?q=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ff695f5b36586ec7fb3acc54730f33d4167cc2b797897bdec8a1654ee7d87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-envoy-upstream-service-time: 80
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6460
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8c05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 0*ThHM7bKiVVExIo71
miro.medium.com/max/320/ 15 KB
16 KB 136ms
124ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*ThHM7bKiVVExIo71

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d3263919f036071371394d7d4bdfa9715658cebab2cb453ec39383e5c902958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 196
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15590
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560ce63e8b05c4-FRA
expires: Sun, 26 Sep 2021 14:39:38 GMT

GET
H3-29 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 16ms
15ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11596083
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce629b5535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:37 GMT

GET
H3-29 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 24 KB
25 KB 22ms
21ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11610461
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce629b6535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:37 GMT

GET
H3-29 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 17ms
16ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626817
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce629b7535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:37 GMT

GET
H3-29 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 35ms
34ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626816
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce629b9535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:37 GMT

GET
H3-29 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 35ms
34ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626816
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce629bb535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:37 GMT

GET
H3-29 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 16 KB
17 KB 35ms
35ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5653275fd2234822f5aab4c7fb5bc5325e4991570295998f1ab5a83287c7f285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13626816
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce629bc535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:37 GMT

GET
H3-29 200 charter-400-normal.woff
glyph.medium.com/font/be78681/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 31 KB
31 KB 17ms
17ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fefca2e39b0c80d4d1c9b40a41787df0f738a85ff142e5295f17b2e96711ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12040895
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce69a7f535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 31 KB
32 KB 18ms
18ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88a6fd9c0f927b6c6eb6a0333d8df738064c2f09458bb23064d319ae34f344f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10996789
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560ce6baac535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H2 200 manifest.7ef8f5b3.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 41ms
22ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d62c45fc2fb98a30f520480ed1060f0000ec78a37bfa80103e7d7ff3930b084

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61623
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XMWGDHQ4K7G62N
x-amz-id-2: Pm2+/HAp0/3TEVFXrQqSdK0YvIvEaBwPZowt4IvnEJ1coZHN0mdL2at1s+7gI/eaxZAnU0Ejseo=
last-modified: Thu, 26 Aug 2021 21:21:11 GMT
server: cloudflare
etag: W/"4a6bc00549431fbb0b6b9980a0ea71e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: LU4bwwcpkYPNbYJf2P9ph8Q5sFXwjYgs
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce73b4adfa9-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H2 200 9115.1a9358c4.js Show response
cdn-client.medium.com/lite/static/js/ 732 KB
228 KB 56ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

038262231160fee976d84fa8d1db80567769112008a892e0edeb76f6c1121165

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62319
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 9WCQMJXXDY7V1E5T
x-amz-id-2: yenI6fCJLrENlkqO2VHecbdeXoIeqtf9kfQS8Gz8dMYywh2HBIP47vsCHroQtTsLhkdCQ/i4JKM=
last-modified: Thu, 15 Jul 2021 18:50:35 GMT
server: cloudflare
etag: W/"3b5c778737b6d559ce5f7a8c478f6203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QAH5KPPE7VyycTXphMPwmxvbaI8QEy7U
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce73b46dfa9-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H2 200 main.994b41d4.js Show response
cdn-client.medium.com/lite/static/js/ 826 KB
216 KB 57ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.994b41d4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d67ee8bdede3d1235705cc312c9c039d5e1dc94e77ca56a3ba07a944657b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61623
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XJQM3TKT2ZK5WW
x-amz-id-2: T4+pA3JCIifDCbLw4c5+Eu5uxKhtYZvbOKEMl2DqKgHWvdv76qvW3mm/iC3J/GAwYgMJtpRlEWY=
last-modified: Thu, 26 Aug 2021 20:49:50 GMT
server: cloudflare
etag: W/"719be975df51b62899dfb1005395f3fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Xb5L_YVIPDR4MJqO72QLWwBNcJmMxrqQ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce73b51dfa9-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H2 200 5573.159bf40f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 59ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 316586
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: W5EH3ZWGCATAJ0JK
x-amz-id-2: uquA+D1mKTUgmaodaYFoBDYRFjBCghvQCPgGBuwnPNqPSgEh4m7aoHPDNWRkrQ4qGn6JNGvqqTU=
last-modified: Mon, 24 May 2021 10:33:47 GMT
server: cloudflare
etag: W/"285e9d718f6e570e00b30e966996ec1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: HmLCtdjGYWgk2SnFK4M0oX_6tJ50SNp9
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce73b4fdfa9-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H2 200 instrumentation.79ae5839.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 70ms
53ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.79ae5839.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d2ff27d2b587da629e4ff4aaae0eb0541e5dc2412152dd075034da1fda8c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 247240
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: J2X50Q7HDNZ71F3F
x-amz-id-2: g3zCkktcJ9ReeI1AFMqOpK9rRXz8/VPyIjAoes+rfGLsktOCaQ4+5Ia5zaq4djtv+mFDgoNGdEU=
last-modified: Tue, 10 Aug 2021 17:28:37 GMT
server: cloudflare
etag: W/"931f39d524b255713d926cc2783fa3b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: IhHmxYfBmiCWq8oF20hR2kM1bdZ6KcGr
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce73b4ddfa9-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H2 200 reporting.6471519f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 41ms
23ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.6471519f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bbacda37b119c290c184c6975dc0f9e7892a22c56bb572d70457e437484864d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 932298
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: Q0F7MQAAJVH2M7V8
x-amz-id-2: UGXQIw7HsYZm/FvYo7E+nq3jKishQRAFtyQb69eEX/C8myd/Yv4QrwPT9xzsKJnaEtF0J6LNuB8=
last-modified: Wed, 16 Jun 2021 18:41:31 GMT
server: cloudflare
etag: W/"69e0bbdc0c37d2f46b6be19732366a3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8sxb2msbxkYmtYsAbhhIRpG6q5cNmD6C
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce73b48dfa9-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 8743.7d03a40a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
3 KB 27ms
23ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8743.7d03a40a.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af53bb392cf949de35ca399079add6d28e09d25b1b2072624fc78c804dfd607e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1206889
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4NZMDC7ZBPWAV190
x-amz-id-2: ZUBXr7aW3orcBv9ptMxd06/cdA70rnswZyRHz5tLoqeATx1Nzn0g6Z58R7d6IYzS28w8SrTe3Y8=
last-modified: Thu, 12 Aug 2021 22:48:49 GMT
server: cloudflare
etag: W/"936def59884aa62578af763d38ada48b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8K2WGzSspFykD7aJolN8XskVj5wges.6
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758ac05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 192.bd4f3aac.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 52 KB
16 KB 73ms
69ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/192.bd4f3aac.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ef36cd81a32a63c14214d2d7c45e0809be147e68869ea1a5c34feab6d207fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256157
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HE2JX0D3N0HFJWPV
x-amz-id-2: xT6Vc2y/IKRw13Y6mFty3zhTAW3P2KJtPdONsE2ViVDmlog8s5HQS1BU04REgDOv57Zc2bimVW4=
last-modified: Tue, 24 Aug 2021 09:09:56 GMT
server: cloudflare
etag: W/"4f1fc9f3b20e7abf2d4dbc3787d5b3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jX6yBDaCpbGvooQJEN_NBjoQ6c8IUs.m
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758af05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 2018.cda2d533.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 32ms
28ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2018.cda2d533.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80822fa48ad371fcf8ee70251a00651a367ba539273ff7e5b2ca639dd33bcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770827
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: TWMY5CZYZ83GGSGS
x-amz-id-2: lYozncTulc/BHm66dCpvSwEQnzNedrRJe34fIsfr+cC90MpkHdlsy3Gu3qZxT21rakq6XDUn1GQ=
last-modified: Tue, 17 Aug 2021 22:56:28 GMT
server: cloudflare
etag: W/"3621e750a188b1d8d3551f5e4f14ca5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 9Qg5w2LycnY2p2.IpNlQkjayiNAiJLCG
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758b505c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 1645.857c77e3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 36ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1645.857c77e3.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3207bd24557fefc2773c0bb9d388545f3666a14bf86abe03f10f95272ca24b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306343
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: X6J2114PBMSE058Z
x-amz-id-2: g93jYna38ZY4eXNioFYqZ9NwWZhAGAVg3srn0B6l+39WUry39VYgNWVrKhZ0hl33hq7JygrL7rg=
last-modified: Fri, 30 Jul 2021 08:59:41 GMT
server: cloudflare
etag: W/"f2fa2a66ec7e88ed7e1a395be45b7761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hfMcSOG0aubeZCLFwQh.77Bn_Z1X1dNo
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758b705c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 5526.c36a87ee.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
7 KB 33ms
28ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5526.c36a87ee.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6550693dadb570fdd94da3996a0887c68d4d291c0818f1528d1a7bc930d8b869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 321742
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 81XH278PW6N0PAFP
x-amz-id-2: 3lDO9y4UvL8/tRjZu2spqcmLlLmUToiFH24AoAV1vNJIZieNqiqGCBbL49a7P0as77vwa4uqcBg=
last-modified: Mon, 23 Aug 2021 20:31:41 GMT
server: cloudflare
etag: W/"761eda416058e1944cd688fb8a540df1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PW9bD0uYWuHd8da6Vje7AfFWyX6jId0x
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758be05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 3930.c5902e0c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 33ms
28ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3930.c5902e0c.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fcdf1b9c29d79fa8679eeefa1573c239bc5bea4dd2eed064fc6e2a0d1c97f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306355
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B1CNWTWTNN7QJ84F
x-amz-id-2: JSd+QrBUwpEmhcSYy4DvM1h7ZQW7sCMrt74GmEqXXZ+c3mx49RTBMAiTPylkbzBtnlRhNAwa0EA=
last-modified: Tue, 27 Jul 2021 23:29:34 GMT
server: cloudflare
etag: W/"523e01f518bae7c704faab27ee48575b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: g1rcqxHIKxADWbGA9ykroZlFG2mBSbal
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758c005c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 1034.cb1bb58c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 39ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1034.cb1bb58c.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0393d1706ef05b8c2ae9f12bd4d71aba8affbebee2dfa6fccba81b86e2e725ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 574106
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 16ZWNDS0ZKECC6WH
x-amz-id-2: gL30UYJPvbHtWtva58jlsO8AcPNHFFgOFgc3dYAF16aPdrOEJCQjy/B+wNXjKG7Svgclz3aPdXE=
last-modified: Fri, 20 Aug 2021 22:09:42 GMT
server: cloudflare
etag: W/"a7bb87785e9280af04400a0e4409f139"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Zbokbg3pt9AMIsmxs9O5YuopwjfoIeNh
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758c405c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 9088.6b836eb8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
1 KB 36ms
32ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9088.6b836eb8.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a1af335c12488ca849dbabfc6192f0710ff328f926f54859c4793b581c649d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 772070
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: TWMQP6NY1SHV3H46
x-amz-id-2: P6Glpy6KRMo0jPg/5Uo6AHlIXNoiUl8McJmmF2B6Ufu0JUPID/ZYdV2VnK5NZApz4twljuxMB9E=
last-modified: Tue, 17 Aug 2021 22:56:34 GMT
server: cloudflare
etag: W/"2d7e927dc8d9968ea009006e3c4a2993"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 1Y1mE1VEkn6tHmek0cTp8N4rqJYM57uz
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758c505c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 4822.2cff56f2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 39ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4822.2cff56f2.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac7c08c637f489dd02b2d3a6ff4aca3c7e038a920e39a685f07f81228c419a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61623
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XGFSKYC5S40R8M
x-amz-id-2: OugIBGwL14zWp/fJfeBV2X+FbtWTUvlKzHeS2DDoDtMXToNvmZD8tToNvgkU2qKwZeAZ8ELUTA0=
last-modified: Thu, 26 Aug 2021 19:50:20 GMT
server: cloudflare
etag: W/"42119393de9a3fbcec2f40d20813d412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PDl9j6B.v0J0qnnnUbA1qIYrx0RB8HuO
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758c705c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 1661.8bde4f1f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 46ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1661.8bde4f1f.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2c52d005eafc6341d3d19a7a8a05ed649686c6881ab62155ae95d4618adf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61623
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XH0YX9ZQMX1900
x-amz-id-2: m4hqI7pcnVQC+f/M1CpVEdlgbpazOHscr46K+k8TigTmVSwWhLxmy66zyQFZwNJce8WM8ql8A6c=
last-modified: Thu, 26 Aug 2021 20:49:21 GMT
server: cloudflare
etag: W/"b1c0813455329a225ee442b32731cb6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: MYC7eSjw3Gv0b9pmI.sZjrOlPHWqvQFf
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758c905c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 1801.5518e725.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 43ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1801.5518e725.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499d277272839c165137bbaf1609abf7d5347654872481e6577ba16b992e2bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61623
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XHN9ZCDHX0D6AZ
x-amz-id-2: /7gX2YCX9mjnVIQltelx5/0JUd29HWAEtOdWmbxavEZWmLO8V9FaZPo7YeBec/x2Mn35J1qHD+w=
last-modified: Thu, 26 Aug 2021 19:50:16 GMT
server: cloudflare
etag: W/"a7e7645ce354df36d07de97a9db0b4fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: dkwVyJzhMR2V1Q4uXlf9b.kU9ffa8Mny
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758ca05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 233.3f1bf597.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 37ms
32ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/233.3f1bf597.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5748a354a1c79fdb238f56dde081004de39bb61a52bd74676e036f3786db9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84572
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: M1D460CJNMXJFR3W
x-amz-id-2: WvD2dY5ACVaoaPwLHGxxsdImiqDEfua4ZYyzRfXl0EVXo7qo+Jfo4ER0XaYKm2/tvIrieHPsTZA=
last-modified: Thu, 26 Aug 2021 14:04:48 GMT
server: cloudflare
etag: W/"45a93362ee195c63f33996b087f1f70e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 0DB7e2k6wso6Y30mPNz3kNDMiOdlVA_v
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758cc05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 2547.e8742600.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 43ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2547.e8742600.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e83c6b0ea99b4caf907cc41097879e6edc6ffd49cfe6266275abd3bcf771737c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 327588
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WGH530ZCK53MDGAB
x-amz-id-2: g8Z3KW7EeaIUsMOMKKvQvw7/3LFx6oQixwhB8+NggASw1QHDkR2j+A1knOaWkjHVcXuP0KTqFOg=
last-modified: Mon, 23 Aug 2021 17:29:14 GMT
server: cloudflare
etag: W/"634669d902b0fa87308e25ba23f201c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: XOnHyyNYFwPkhDM11CZDDyCIAUVzEzQ.
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758ce05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 7766.5a9d116e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 42 KB
11 KB 44ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7766.5a9d116e.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6f7776d9114c66723e5c20fb977343f5a94c7186be3cd5a9e921522e73522c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228746
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: H3RYSSR6MXR8Q0N8
x-amz-id-2: BulkmCCZ5hGxesdLeP0aKM4GI+gcb5mCGKSgOxYwIA9jHSOgc/ztP4olIfch8mDz/LxTJ/X4rfY=
last-modified: Tue, 24 Aug 2021 22:06:19 GMT
server: cloudflare
etag: W/"6c9097540f2871e59d12f2f8330e5d59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: .7d7QLFsuuFWQpCSYU6SbU2vLpi_GMRp
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758cf05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 8548.c16341cf.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 51ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8548.c16341cf.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b609bf586cb8e62af2f3267bbaa50c9f11d7d6e86e1c84e2eecfbc2be949ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 327588
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WGH8SC4QBKFDV4Z9
x-amz-id-2: Z6n1/1kDon8f2iWzV15aEGo7KBEyi36N7uM7ftinlLYKQVbVCtzjXVHTtoOAvJOd2UsAXM3m1bs=
last-modified: Mon, 23 Aug 2021 17:29:19 GMT
server: cloudflare
etag: W/"0440a28543c8a321858e2a5d2f4ab748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jTPqm0K2BoBJEteItKLWNsyzZVO0K5DQ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758d205c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 2382.6222239d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 27 KB
9 KB 44ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2382.6222239d.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6df94cc15c64e450354bf62f7de16c8dc4b0de88d2ff220c2eebe5ef953b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256157
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HE2HX943YR1RFSQQ
x-amz-id-2: 6meXpX37gcP/PygHl6AB8A/uNOsFTssXnExbLQnpFNiHTFx9Mc0lWSR1So6gAZ5kSF9aqCb7Jj0=
last-modified: Tue, 24 Aug 2021 15:18:17 GMT
server: cloudflare
etag: W/"15152b42d192dcb833b8610e94a0d3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: AUcuwIVJo8.8r4vBikFfDnNfmr4ORyVj
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758d305c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 3521.7b571f2d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 44ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3521.7b571f2d.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389d660ad6302843f61ead3441874022a81cc38678b5d0bf041897e376db4d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256157
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: HE2PX4VX1WDDT8QM
x-amz-id-2: ewnAElXYPP51IcBzx+7bBEzl9J4F3B2gzMGDGIBXn+peP8lLg1HvvH8btesGfiei95ALxa1pNVw=
last-modified: Tue, 24 Aug 2021 15:18:18 GMT
server: cloudflare
etag: W/"2be26c5818226d5e9617fae95d890b12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: .D30YcAtl19XKpnTL7rR.HvN7ZrbaT3B
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758d505c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 284.5c0cbf65.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 60 KB
19 KB 50ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/284.5c0cbf65.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a551671d29fb4718e5697b374fc9d0ab5f362651fb03863a6fe57a8a29ae9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 232272
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4VRQFD003NAPXJN7
x-amz-id-2: UWQDIQDWBXGM6hy9SCjaOQLPWrRfp7tZPQlL6wiGK5uN/0OaRCPNx7aj+3nx3q/fR9k/4KOFYno=
last-modified: Tue, 24 Aug 2021 21:56:46 GMT
server: cloudflare
etag: W/"c6ce4175be51298732674857bb320789"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: traw8MMWidmC5lZzhC74sf0gtEaca743
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758d805c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 3673.914f729b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 46ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3673.914f729b.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c4fa2b831a9d8a8d76c356c37f51a8c564fde548e73088dcd3627363d98d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 772070
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: TWMMVYJ9MJ571280
x-amz-id-2: u6o5miR+kpyj/CDFsuqGaPsJzP6Ms06iG1IgA6dL4PnxsBk16voAMZZhqmjXr3L+tTwj0GTgIP0=
last-modified: Tue, 17 Aug 2021 22:55:21 GMT
server: cloudflare
etag: W/"e35219bec27324510fb4186a944b5077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: z8cs.fo5ah.ZtAE8riudhOdBKa.jRZDe
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758da05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 7883.e324030d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
6 KB 53ms
48ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7883.e324030d.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3903354e40a89bc08ffd179ce96dc3dfe7f3603bfaa1f52982045573b32c40bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284863
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: G4JJTH8CGZV4Y7Q9
x-amz-id-2: Dfg28nO4QGLmEwFJD0l24pqrirtw05AVstWMGoTfAYzBD/CauFTCcoifQbpDzibFX8/UB4rIMmg=
last-modified: Mon, 23 Aug 2021 15:58:51 GMT
server: cloudflare
etag: W/"4de031117e444a226f3f000fd57e0c02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 63NAyQdWbi0sN0Rap1TcfEcjRfuXxOw4
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758dc05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 8886.cfbe554f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 41ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8886.cfbe554f.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8d5b9f74625e511e3c8d63848e7a54c98016daed84f8df3bc166368586afa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 574105
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 16ZSD6WQ4QS93P8V
x-amz-id-2: zb9NWrod2w6iFs4ffdtaU+mgbDShWCkw07xJkPUzUdF5bq3nhqmmcNxyXVXDHf6LqYd8j9wVL6s=
last-modified: Fri, 20 Aug 2021 22:09:48 GMT
server: cloudflare
etag: W/"bad81cae8a761510d8b321ec18487aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jC2fjNgjas4N8HxT6dJJMlTQRnKnnwJ0
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758dd05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 1334.9f48b6f9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 39ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1334.9f48b6f9.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5388efddd16e46845ff6bc0b750d6273ee98feae2dce22044c0019336019c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256157
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: ZYY2T22JMBVA1BKS
x-amz-id-2: t+JWQ1G6imO5VW/n/qgd37gGMyaEzjHxxSEye8YW6fyF3KnDjgY+L6WdheZFztrB/sb+wuFwCHk=
last-modified: Mon, 23 Aug 2021 22:24:56 GMT
server: cloudflare
etag: W/"061f34b24a9823dad6ce4c20c2a5371a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: HL_msvZD7dBka0Fb5tYDffxkzTQZK2A6
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758de05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 2796.096c850a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
2 KB 39ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2796.096c850a.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830f40ef2a3e1b3f6fa8391cc6c93d8ed19dcc454398596ec98aa2c6ebef48bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228746
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WMCZHFNQ8YYJBJV0
x-amz-id-2: OK0V/Vo9w3XD5N39zQvBiIv5zSIp4rWbsRC/sidoEOcFa/BujBdJY2xFTIcqs2OUw6ej3Q+4hoY=
last-modified: Tue, 24 Aug 2021 22:06:15 GMT
server: cloudflare
etag: W/"b0bb01ac70b4fd8a0d891526f29379eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ARdra2oSJdJHZZnZoXCfUdf_CCf3LTW.
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758e005c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 4824.6b3e6b44.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 40ms
34ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4824.6b3e6b44.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d8aa4689a04989a7698e498bc9d2b842b15742cd7f6710017620cd5c0ad22ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 103602
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WSTG98916TWKZ2JM
x-amz-id-2: ujqppIdHXzTj/dT0+jYMLju6steAU3tFqReU7PysVbb/JLTW3zKCpLSkJ+gpdML/hOadOlCZuxA=
last-modified: Wed, 25 Aug 2021 13:53:05 GMT
server: cloudflare
etag: W/"278ba5b435ac605d83f57fd2eaa62ee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: YRQFA5Djzmyv4JskZIjtJVVOVb3QAlCM
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758e105c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 9972.26470b0a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 52ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9972.26470b0a.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ce16af99f8a960767cf02eb3e2a0c55b201717d5eb340ca5e278a46cb67661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1028536
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 0GK623R94MWXM07C
x-amz-id-2: 5iVZc/XLUE312vye3HxLqNlSPwlWIDG7UkPPihZ/IoUQfvsz1MHAQldLH5lC/ZQivWMjPliNTY0=
last-modified: Tue, 10 Aug 2021 19:21:00 GMT
server: cloudflare
etag: W/"15d31b767f97e3e3bb1a8dfd0487c404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: _IvxDCIDoxpQwW3V1ICnh0pCORcUIH0_
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758e205c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 1743.f8cf1ba4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 48 KB
16 KB 47ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1743.f8cf1ba4.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f724cafa4496101c379bed8a55779f79605e2c99fa027fa7d3217177abc00193

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228746
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WMCH4TXWME47N586
x-amz-id-2: BSH7wo9GloNY7j38vpwozoaBpt0vk1+b51cvBxqkMhq+eZ4V8UlhOXgax597a8NapqLfQNzqgC0=
last-modified: Tue, 24 Aug 2021 22:06:14 GMT
server: cloudflare
etag: W/"8cf2b8a01c3976ec8e8ef9e83878fcbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Htz.OdRDO.b0dz_.UHNOm7aYrFrwfCWW
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758e305c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 3179.ca7a9e77.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
6 KB 40ms
35ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3179.ca7a9e77.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103c8f4bcf8bffd0fea54ecad915230d6025023083349a94e5e32ff50c0b96f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 240921
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: M1NCG9YXY4YCEG11
x-amz-id-2: 2HPAoX+pzZg1gqw1wFHz1v5TWQoTmd/rZfABarurHrgrMDUMJdtv2SLFpz7Ig2Urcd/1f+1ozIs=
last-modified: Tue, 24 Aug 2021 17:38:51 GMT
server: cloudflare
etag: W/"eb1211b8f96bfff7eb555a987d2f398f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Ew7B8.WqI4JfP9cjtD.9Y1fUb57m3tTg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758e605c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 5285.4e75ee33.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
5 KB 50ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5285.4e75ee33.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143be9b55563d57d3e4601b0281c8c5a6c698e8336841433f7f5f959605e2e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 545758
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B32DNYKS86E601NP
x-amz-id-2: AKV1pPOzYEVYi4DUNjlnOm2kZ44Al2wQfqfXV9Ur3WDER7W+y9C+9sZqnyixRPgKgS9nsoybqi8=
last-modified: Fri, 06 Aug 2021 23:56:45 GMT
server: cloudflare
etag: W/"04c5ee41730f353b1d05069bcd871516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: pUrFPUFmPXHrX9Bl27jtechGfL6tmoiJ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758e705c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 176.d220b053.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 44 KB
13 KB 47ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/176.d220b053.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b891f3fd101f913d6c2d42b7dccce4d53d33e49d733b8f4774a6559bb534be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228746
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WMCS88J4X7T996E4
x-amz-id-2: vGT55wXw8CkjlZrU2ETG8zQ0cPDVMqDYpWiqLTWJma9RBfWYfYermgvxc0g+JWxBZrVtO8ZkFcw=
last-modified: Tue, 24 Aug 2021 22:06:14 GMT
server: cloudflare
etag: W/"24d642e038bd318427fd27f526d90575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: a7PcCP_gZr9PQ8ON7BLwAgQDxzOGl8zf
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758ec05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 5231.717f8f99.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 81 KB
25 KB 51ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5231.717f8f99.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd520777ff12430259aea76eedc236888374a44fe25dc771b5abc1616794186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 232266
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4VRS3M19VN7W150F
x-amz-id-2: mKAWQV+lF4C+F+jJK6WfNuEFEdCXykoKMlGQSoF6ZM98qEmqODyInNfkwTjEbwaH0L92dpXf+BU=
last-modified: Tue, 24 Aug 2021 19:47:54 GMT
server: cloudflare
etag: W/"57722078cd70cdf6b02eb3cda1d11496"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: kPD6XlU3Vd1qTv95x4zWqIeZ9zytUZzC
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758ed05c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

GET
H3-29 200 Post.26d06aa9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 51ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.26d06aa9.chunk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

111cac9ce607d1b598d07b88659f6145cdc1015153fc3ae036c98f37eb9d5a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 240133
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6ZZNRZB5B7KPA7GG
x-amz-id-2: 7sskV5YLD896/1+fPPl2UrYVWsAt0xighHmIZx6HLb70YJR+SlhSaszAylJNH5D+e/pa5wvGt00=
last-modified: Tue, 24 Aug 2021 19:13:32 GMT
server: cloudflare
etag: W/"3ca948800e027dc5381ab50cc28a4b83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: NQY70N9TASbAoON8LSbeLRg7S9QWRRht
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560ce758f005c4-FRA
expires: Sat, 27 Aug 2022 14:39:38 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 141 B
456 B 212ms
211ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

568fe88e7db65428f3f7828196f047a5349141c1a1eb791c5326ab3951a0362f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 195
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:38 GMT
sepia-upstream: medium
server: nginx
etag: W/"8d-yz26whp8Urc+3+3KwoOZWLqblXs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86
x-envoy-upstream-service-time: 95
medium-missing-time: 0
content-length: 141
x-xss-protection: 0
x-request-received-at: 1630075178776

POST
H2 200 graphql Show response
doublepulsar.com/_/ 46 KB
9 KB 557ms
557ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

939fb1d2fd842bbdd120b1fb3e206f297a7ab81eb893ff2440d89b47879b65af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 5277
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: PostViewerEdgeContent
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: PostViewerEdgeContent
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"b716-oWpiAfYEVwtXgYJAuMRKdL2zK/U"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 431
medium-missing-time: 95
x-xss-protection: 0
x-request-received-at: 1630075178952

POST
H2 200 graphql Show response
doublepulsar.com/_/ 443 B
786 B 316ms
316ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1f26be1205a7d0312c6285603a29cfe9c778c82bd9c2525d610d8087ea224517

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 603
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: UserViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: UserViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"1bb-xmQR4cY1IvGECFL6QCxP2nKBkpI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 193
medium-missing-time: 0
content-length: 443
x-xss-protection: 0
x-request-received-at: 1630075178957

POST
H2 200 graphql Show response
doublepulsar.com/_/ 395 B
737 B 223ms
222ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f63811c573863c7a05bd6f566c58514065f86bc22670b01249ec511db42ab8a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 599
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: CollectionViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"18b-FQytvph5Q7eve/DILhWPIfMAi+w"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 106
medium-missing-time: 0
content-length: 395
x-xss-protection: 0
x-request-received-at: 1630075178963

POST
H2 200 graphql Show response
doublepulsar.com/_/ 181 B
521 B 221ms
221ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a047a2451ec24e1672c5be27907327922f6c2faf07590a209dc024bc8fe8d4be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 311
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: TopicViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: TopicViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"b5-bW1S2Q/t10PbgVStlWP8aIC+Cf0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 104
medium-missing-time: 0
content-length: 181
x-xss-protection: 0
x-request-received-at: 1630075178956

POST
H2 200 graphql Show response
doublepulsar.com/_/ 281 B
623 B 451ms
450ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8c29d9846491a99590d67d85354286ca11bffff92ae44c481be64a1681f59bcd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 451
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: PostViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: PostViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"119-ONvWEX7WWcKs+4UVpbVrHniAgLs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 335
medium-missing-time: 8
content-length: 281
x-xss-protection: 0
x-request-received-at: 1630075179016

POST
H2 200 graphql Show response
doublepulsar.com/_/ 208 B
549 B 278ms
278ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6a176d46d3ac1242b03bd2e6a9410fed8fe7eff96061b4d859ff988207334665

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 547
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"d0-3GiQOk78PtmaU79476ZNoLn7vvs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 159
medium-missing-time: 2
content-length: 208
x-xss-protection: 0
x-request-received-at: 1630075179176

POST
H2 200 graphql Show response
doublepulsar.com/_/ 208 B
549 B 239ms
239ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

637cdc0098af2338b74066ac586b96e6d92296dc12a7acbc0ac7424917bd5cae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 510
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"d0-8ME+VPJ7grrjMu6AjOFTtKF9JB0"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 123
medium-missing-time: 2
content-length: 208
x-xss-protection: 0
x-request-received-at: 1630075179169

GET
H3-29 200 8342.6aa0b45e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
34 KB 38ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8342.6aa0b45e.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 310185
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XZ1MCW81DYX4XYRA
x-amz-id-2: JBq2v1mt0X2gMH7anuTD0L29hBl6YEbcNFuFx4UcXyhBHZAwmrTku09UuVijG7UrHr9mRGJu58E=
last-modified: Fri, 14 May 2021 07:49:57 GMT
server: cloudflare
etag: W/"5daacb41c4e6b401be87ada016250ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QtuMS.aBLj19jleyzZwgHGYQHQ8_ziQc
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560cee0d2c05c4-FRA
expires: Sat, 27 Aug 2022 14:39:39 GMT

GET
H3-29 200 5402.a7b8fceb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 28 KB
10 KB 28ms
28ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5402.a7b8fceb.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe20d15189023af0455c9c6ac8f7e03ec7c42a2b8c794c141919951ea7ebd335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61622
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 57XR0QVABB9H7QKN
x-amz-id-2: ui3sDlfBKjMUHjYygfTfD8Wq/zshrYIg8WVzOA1Udn00MznU0ju9eg6I/GOCy6Iy91VjK/dHvoQ=
last-modified: Thu, 26 Aug 2021 19:50:20 GMT
server: cloudflare
etag: W/"d3eb9f530ff9cd082432ab1c8f94ab55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: jA49vMNQvVfbDZJtP6J2_3t5Tcy_XRsm
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560cee0d2d05c4-FRA
expires: Sat, 27 Aug 2022 14:39:39 GMT

GET
H3-29 200 9590.e1dc898a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 50 KB
15 KB 23ms
22ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9590.e1dc898a.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96be4a55208ca0e90dd710cc6eb9f4b612fe08c1a9d08a4a2c81ba1253488b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284814
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1386RQ6QVA9NM4FZ
x-amz-id-2: BNiopad20V2t8oC3Y/AGpV5L2W1dOGg1/4YMwjmergyO/TBb70z34bAccHyfZMlQfBS0IiACfh0=
last-modified: Mon, 23 Aug 2021 16:37:37 GMT
server: cloudflare
etag: W/"4797460f196378b05736df91276418bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ZLRuWfyfXz_JRiyLROmjSHK47Tscx61k
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560cee0d3005c4-FRA
expires: Sat, 27 Aug 2022 14:39:39 GMT

GET
H3-29 200 3913.ce667336.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 60 KB
19 KB 21ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3913.ce667336.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a94e6849b61a757cf02abe1a5b7b55f869d14cd3dcfa91da02141fc849df0b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 284814
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1388V1V67J8PQEGQ
x-amz-id-2: VStgJxACkHptfgEpT4QWK2ndvoC6GUt2wRZO0QmGh+M3P9ikkaAvtLkAzEHsuGjFEbWr0/r0PGw=
last-modified: Mon, 23 Aug 2021 16:37:34 GMT
server: cloudflare
etag: W/"770008cbfaab302d911ea7f49dd60982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hLIX6ks3p3.eNjd7lXI_C2Vs2dZnNZGd
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560cee0d3205c4-FRA
expires: Sat, 27 Aug 2022 14:39:39 GMT

GET
H3-29 200 ThreadedResponsesSidebar.b4b24dc4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 23ms
23ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/ThreadedResponsesSidebar.b4b24dc4.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

904397f76a8b5003581d647a59b7f0c48820e72692bae32f62faa78d9d08ece0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 369516
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PAYY82KBF9445XTF
x-amz-id-2: NBotOpydCg3BY7t3KyMN0XVJnQ/WhoyTsejT2bJA9oHtlZOVZ9U9rjeFnPnMaWBTThS/pwPkCyk=
last-modified: Fri, 20 Aug 2021 16:01:38 GMT
server: cloudflare
etag: W/"3deb3f7ac0f5b502877a149f3f580bed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: n1elk1RMi_Uy7j2PA3HQMs3IWHzbnXEk
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560cee0d3405c4-FRA
expires: Sat, 27 Aug 2022 14:39:39 GMT

GET
H3-29 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 22ms
21ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

685ebea4a8c71de75cf3b4f8c51d8ca871eb2edfbe2b5ae36c2becd2b22c4629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306279
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560cef5cb9535d-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:39 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 94 B
433 B 242ms
241ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0edebda7c824603f9d5502a48e012b991c04985cdf27360b157dc3ef2214e2ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0; dd_cookie_test_0ae5a78c-6415-478f-ab9d-1e381989a584=test; _dd_s=rum=0&expire=1630076079219; dd_cookie_test_280f9a93-fdf3-4076-81f0-7b3508f6d555=test; dd_cookie_test_b7722b7f-1b26-473a-af99-58529c1b4b23=test
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 5605
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
sepia-upstream: medium
server: nginx
etag: W/"5e-UW74HFK6f2lqS7izUUVo2HGVz/M"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 115
medium-missing-time: 3
content-length: 94
x-xss-protection: 0
x-request-received-at: 1630075179580

GET
H3-29 200 0*eN7KaUa3262blFJP
miro.medium.com/max/700/ 39 KB
40 KB 128ms
128ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/0*eN7KaUa3262blFJP

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8942b90f53f2c2ab0836230b85c3055701e5ab9b3439b0fa4c7bc0366d400e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-envoy-upstream-service-time: 357
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 40443
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560cf10af605c4-FRA
expires: Sun, 26 Sep 2021 14:39:39 GMT

GET
H3-29 200 1*u9RwN0668pjS1BTgAenrNQ.png
miro.medium.com/max/700/ 115 KB
116 KB 140ms
140ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*u9RwN0668pjS1BTgAenrNQ.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf1d0212a4714b3f473779b2c0bc89ecc064414c86ae363d83b0033c9d1f74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-envoy-upstream-service-time: 45
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 118125
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210726-203004-84c4ac1529
accept-ranges: bytes
cf-ray: 68560cf10af705c4-FRA
expires: Sun, 26 Sep 2021 14:39:39 GMT

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 129ms
128ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0; dd_cookie_test_0ae5a78c-6415-478f-ab9d-1e381989a584=test; _dd_s=rum=0&expire=1630076079219; dd_cookie_test_280f9a93-fdf3-4076-81f0-7b3508f6d555=test; dd_cookie_test_b7722b7f-1b26-473a-af99-58529c1b4b23=test; dd_cookie_test_63896854-985e-4b43-bea8-45ee7b082077=test; lightstep_guid/lite-web=0b9fb94a6fab0bdb; lightstep_session_id=1a5b6b050cf54d0d; dd_cookie_test_193ff7d5-f8fd-4d65-a7d5-0d15e1ab8675=test
content-length: 194
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, clientele/main-20210818-220841-79e497bc6b
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 135ms
135ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_f587adeaa0e0; sid=1:gUQoO0TcXZiJqtUZtO5lTikfh34Ge+c75TQK76h9pyW8JwnNTZHa1LfZ2SqGcD/T; optimizelyEndUserId=lo_f587adeaa0e0; dd_cookie_test_0ae5a78c-6415-478f-ab9d-1e381989a584=test; _dd_s=rum=0&expire=1630076079219; dd_cookie_test_280f9a93-fdf3-4076-81f0-7b3508f6d555=test; dd_cookie_test_b7722b7f-1b26-473a-af99-58529c1b4b23=test; dd_cookie_test_63896854-985e-4b43-bea8-45ee7b082077=test; lightstep_guid/lite-web=0b9fb94a6fab0bdb; lightstep_session_id=1a5b6b050cf54d0d; dd_cookie_test_193ff7d5-f8fd-4d65-a7d5-0d15e1ab8675=test; dd_cookie_test_73f28029-a8fa-474e-98b1-fd5ecaab6171=test
content-length: 221
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:39 GMT
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, clientele/main-20210818-220841-79e497bc6b
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6456
date: Fri, 27 Aug 2021 12:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 27 Aug 2021 14:52:04 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 166ms
49ms Script
text/javascript 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c?source=rss-7db6d2df42a6------2&gi=d6d94ee9e910
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 68
etag: "494b4c270c41c5456742136e682b1007"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Fri, 27 Aug 2021 14:38:32 GMT
x-amz-cf-pop: ZRH50-C1
content-length: 23861
x-amz-cf-id: Aq42RDcBkVzocQFPGCI4scTe7JDAEYowtLxZvbGRyXq8KDCMvcw9bA==

GET
H3-29 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/135/ 4 KB
4 KB 15ms
14ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/135/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971c28b0d1f472873001dc7dc6a2cccb67ae422fd00cd6a12e753fbc1ff1e2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 31
x-envoy-upstream-service-time: 104
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4048
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 68560cf64d8a05c4-FRA
expires: Sun, 26 Sep 2021 14:39:40 GMT

GET
H3-29 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/135/ 4 KB
5 KB 16ms
15ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/135/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: doublepulsar.com
URL: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a16399be3dd5a77dab492b09571656ea17bcab138b1422484312c761aecbf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4354
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 68560cf64d8b05c4-FRA
expires: Sun, 26 Sep 2021 14:39:40 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 208 B
621 B 248ms
248ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

150983f7af705c483efe7030e5a770c42e3057ce296469f731b1a29dca347835

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 576
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Graphql-Operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:40 GMT
sepia-upstream: medium
server: nginx
etag: W/"d0-wbMiaRUvtUIMW5YtnZXxDiHlcLU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210827-075923-0742fb32e1
x-envoy-upstream-service-time: 132
set-cookie: uid=lo_31a295735e1f; Path=/; Expires=Sat, 27 Aug 2022 14:39:40 GMT; HttpOnly; Secure
medium-missing-time: 2
content-length: 208
x-xss-protection: 0
x-request-received-at: 1630075180650

GET
H2 200 responses.editor.1db6aecd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 24ms
24ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.1db6aecd.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.7ef8f5b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d9552c1a8a70745378143287ac280762bb3a0bb1f338157d4d1c2b96383b563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306171
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PAYG2E7JEN12TKBP
x-amz-id-2: j4H31BdSgNacdzt2rZi1AiRb2Bn75YDg83Vln4NPrNzF7rJKdMzdqIwIzhQioMKXS3fICp1NIow=
last-modified: Fri, 20 Aug 2021 14:33:44 GMT
server: cloudflare
etag: W/"ffc07db1aa2d1688216d374167949218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Dz5YOwqhcOGy3u_s2XH6oBKfek607CgG
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 68560cf73b02dfa9-FRA
expires: Sat, 27 Aug 2022 14:39:40 GMT

POST
H2 200 graphql Show response
doublepulsar.com/_/ 3 KB
2 KB 561ms
560ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://doublepulsar.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

40b5b8739da64f4d3729bb9807bd3a1d96d3ba6109ee8e44a93b4ff7fd153b08

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
medium-frontend-route: post
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
ot-tracer-spanid: 0c4c8a701cba5bbb
sec-fetch-dest: empty
medium-frontend-app: lite/main-20210826-210656-6b979099c1
content-length: 7136
:path: /_/graphql
pragma: no-cache
sec-fetch-site: same-origin
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
medium-frontend-path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
graphql-operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
apollographql-client-version: main-20210826-210656-6b979099c1
apollographql-client-name: lite
:method: POST
apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 2c2736c6752ee7e2
Medium-Frontend-Path: /multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Graphql-Operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
Medium-Frontend-App: lite/main-20210826-210656-6b979099c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
apollographql-client-version: main-20210826-210656-6b979099c1
ot-tracer-spanid: 0c4c8a701cba5bbb

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"b04-ovtcZiTEPpHMo8Q8FGsWUB69AjI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, rito/main-20210826-204817-b854c4bb86, tutu/main-20210826-165940-b1c222eadb
x-envoy-upstream-service-time: 430
set-cookie: uid=lo_505874d46734; Path=/; Expires=Sat, 27 Aug 2022 14:39:40 GMT; HttpOnly; Secure
medium-missing-time: 32
x-xss-protection: 0
x-request-received-at: 1630075180756

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=906961525&t=pageview&_s=1&dl=https%3A%2F%2Fdoublepulsar.com%2Fmultiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c&ul=en-us&de=UTF-8&dt=Multiple%20threat%20actors%2C%20including%20a%20ransomware%20gang%2C%20exploiting%20Exchange%20ProxyShell%20vulnerabilities%20%7C%20by%20Kevin%20Beaumont%20%7C%20Aug%2C%202021%20%7C%20DoublePulsar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=516826881&gjid=2061573539&cid=752440306.1630075181&tid=UA-24232453-2&_gid=544689318.1630075181&_r=1&_slc=1&z=1546729213

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Aug 2021 14:39:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doublepulsar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 109ms
109ms Fetch
application/json 2600:1f18:24e6:b902:3560:f86b:b647:d2d7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:3560:f86b:b647:d2d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 14:39:41 GMT
content-length: 2
content-type: application/json

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0 283ms
93ms Preflight 2600:1f18:24e6:b902:3560:f86b:b647:d2d7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b902:3560:f86b:b647:d2d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

GET
H2 200 _r Show response
app.link/ 90 B
564 B 206ms
171ms Script
text/javascript 2600:9000:2190:7a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:7a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

0fb31a44cfd1495cb28d89c94af045f6e3996d4e0861280a30cccfa3d21a3664

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-1TsVq+//FuSxmFXrHc/mlw2lr94"
x-amz-cf-id: AIlmbAbjznC4l2qB6OHKr7WDbw0uN5fTfwec7OOKKtnYtLwNQ9Mxyw==

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
624 B 190ms
164ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: addbe05beb440d94ba5bf73ecdbb7d46affc437f37b5a39c34d84f5d1cb2dfa1

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 6f958d652b08437c9e8b106910477af2-2021082714
content-length: 312
x-amz-cf-id: 3hesWYDu2ppcT9q9oZBcMpRVFuM9rwKFcasjy4-wAQnJ6_KccDb8tg==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 0
0 454ms
111ms Preflight
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://doublepulsar.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Fri, 27 Aug 2021 14:39:41 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
242 B 111ms
111ms XHR
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://doublepulsar.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 27 Aug 2021 14:39:41 GMT
Content-Type: text/plain

POST
H2 200 /
doublepulsar.com/_/clientele/reports/performance/ 0
0 125ms
125ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: uid=lo_31a295735e1f; _ga=GA1.2.752440306.1630075181; _gid=GA1.2.544689318.1630075181; _gat=1
content-length: 1442
:path: /_/clientele/reports/performance/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3, clientele/main-20210818-220841-79e497bc6b
x-envoy-upstream-service-time: 8
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
20 KB 37ms
22ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3887986/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://doublepulsar.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10920358
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 68560cfafabc05fd-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sat, 27 Aug 2022 14:39:41 GMT

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
704 B 135ms
126ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7792c2be4eaab118f29983565c43f73a770215d8f27a7a46a44562d007a548

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t16Z3w4w0tL1fd21codfDB4omihWKaxVnz4JGQuCzuUDrQ1dJfiWayRGaUb%2Bdlhoees%2FdfAuSMTwTbXGio6Re0TXuiy13TIKojr49sCw42hNrimdp1K8StFHzs7k51Zk5hWjMscCWAxhKLexL%2B6f0p6BImFTsE0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 68560cfc4c9f5c4a-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 145ms
121ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 6
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceJPeWx9Zg3p3AiUbj6TFplbbeXVBSBNroDoBn1lKZvGiLgt5Ik5agW6fnQdwG1VGC6zaB8QNT4IhNXUc7r8y1yfijZhBsxiKJ1EVZJrla99RNo1z2P41XyxgbcIwo0rlFNVJrRWMWFTT88%2FDX8sKmsvd7C2Slo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560cfb7c9c2c36-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
561 B 179ms
179ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

63949e8bcc569dc5867c1ac45730d4328fb75aed0af3e590d85e5b7b5e90409b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"b4-RiUAa/HW2dKafaNaL6YaYsb6KpY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: d5a5f352b1b1499e866e900f3914f778-2021082714
content-length: 180
x-amz-cf-id: 7NxBcfxX9oEsrXwnNWcqp1EIe6GAwiDdBaLZAA73PbHmztMJSwTrEQ==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
385 B 190ms
190ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:39:41 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 77a8fa0d4d89405b8acfc502e3bdbfee-2021082714
content-length: 28
x-amz-cf-id: b88Tgu5grHrh17f5qctfnU9egxkZUq-neY5CYl29wi5Z1s-FyVMjaA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
386 B 340ms
339ms XHR
application/json 2600:9000:21f3:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Aug 2021 14:39:42 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: e77b7255092747aca492ebb382a56a16-2021082714
content-length: 28
x-amz-cf-id: 6D1BAFt2gwUOry2CqKy9I6gf7kNZ2RjP__B-SYu-v-j_d9zC2zXi1A==

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
676 B 129ms
129ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a6db1203e39e624888c3741b215f8ae7c07835d612624554a615fbfccb5c72

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T39FV%2FjuPIoL6q7pBoUf%2BHrAnDCEAAlASZa3gjhoVRrFAHBOCyWgQR6CXUNPNpyMLR%2BYb3rJR9mTgGn4cNa8POLeE9epxkTFB%2FXGRfKdGvMbnIdmrAcmyTvjBtbxl1f%2B1GDSpktb8kI9aLvl8QCHGr7WnWjN46o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
cf-ray: 68560d006ea85c4a-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 120ms
120ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:39:42 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vhEOS0D%2BpH%2BUQDy60fD8cPQggInvV%2BdzEASYjFbwOImP7R%2BQGe5HAc1R1feI0u%2BfDF95kXv34Yed3F%2BdEz%2FDoyyUACvSMykPTDQTrhqR0LlbAryif2MfLKgnhvrHoRFouIN37AeRUycXwUZlxkyHOL3NQoExXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560cfface65c4a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
675 B 114ms
114ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e326647d12d139a9b7294208b6d567411e522fb6b2b97ea281649ad30407bbf5

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T4Pf9F0OigFjfhu73v8IMTopxWBse4%2F08ZyR%2BceZ34jJNniy6B7ocOGPTrwNr%2BMeM2Bgkj%2BZBDKpmPEFuKVX5AnPblWEfnu%2FMXJi4l41NAsyRODj%2FUSpGN26hVybMBsJbbirdqC5ryrvXXQIGQpq7QU19JGNgs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 68560d0449015c4a-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 117ms
117ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:39:42 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtLwn%2F9aTX1qE2uUxX3bLJOJ4eF0dOlRF2hm0SBIFxh%2FOYIlWzEt%2BTfYuQn42jL4E0Z6Rxx5WMNezXZCXzPRIwtYk6jn8vSocHqhQd5izFK9CPm9%2FwBxpKjyN3RdIFUzVQigbOTE71SX35HVuBZ5tFQTfpA56ng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560d038ee55c4a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 141ms
141ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:39:43 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 7
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8SXgTApTeZdqMVh3JPjqKhmrCoRiT7vp5aBVTde3wzRSyG8E4gWueCWOpY8breJWMn6CHn1TfAy7FE2CSvjDanFy2pM2e8qIb0nxgpkW4%2Bel5wp8H5L9gwsRWMctbtG%2B7CId4ohTpfK%2BnY0YZ88GNAfH01%2F2Dw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560d06cf815c4a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
675 B 123ms
123ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42c52e890f28e70ff1ca83516c725e896e26200f68ca981b04fc071bac4ed27a

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKvzrW2q5ka4btBBBJuWGEtxLD8IH9IyoH3cqF1YEjb2WbAt%2F%2FrABH2eibGLIKCKvkfJfg3MbPE3NN%2FwzVvcKBKjdceeM%2FlvipJR4XhhZIb%2FtA8AkZ03cxC5vqkg%2Bzq16PLkYa2e37KNKLztU26puvq7450foAA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 68560d07a9d05c4a-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 batch Show response
doublepulsar.com/_/ 17 B
245 B 275ms
274ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doublepulsar.com/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

sec-fetch-mode: cors
origin: https://doublepulsar.com
x-xsrf-token: 1
accept-language: en-US
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
content-length: 9737
:path: /_/batch
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: doublepulsar.com
referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:44 GMT
sepia-upstream: medium
server: nginx
content-type: application/json
medium-fulfilled-by: valencia/main-20210826-123830-4cdf4f0dd3
x-envoy-upstream-service-time: 142
set-cookie: uid=lo_24006bab0d2d; Path=/; Expires=Sat, 27 Aug 2022 14:39:44 GMT; HttpOnly; Secure
content-length: 17

OPTIONS
H3-29 200 reports
lightstep.medium.systems/api/v0/ 0
0 116ms
115ms Preflight 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H3-29
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://doublepulsar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 27 Aug 2021 14:39:46 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ%2B1pn5hOmU8TgcW8IumEY9ZfiHVxL33qLs18zkSjWQJIh3nGNXkXe6O7Q9UBVEqjCRW9fFWqEn7iNsDlR%2F4aQLHFHpt8309OngVFce3q8WMVf88z5f%2FCHDLAiL6X3LKHCIQ%2B2XXp%2Bpx674vZ5O%2BiCUbfGqUcKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68560d18cd955c4a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
675 B 117ms
117ms XHR
application/json 2606:4700:3032::6815:5081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9115.1a9358c4.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8094acafe89a5817d2a6abc64561fec6226c3b2c83c9810d179d4505a7fdb65

Request headers

Referer: https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Aug 2021 14:39:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIYtN3sWLDxuCOFHn1RR7NVKJYqVNYRCvdHsPGmnYTOjp6eOOZDJttmPU8LNBkgsbG6jBiIRZzq8%2FlIY9lgK59YzXEA3NZeZ9m1fD%2FNpuFsqDlD0xMpaQfKILVSH3KxMW2%2FHI7D3oh5%2FtdhLu6mvbaETezHIQkg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 68560d197f7c5c4a-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doublepulsar.com/	1970-01-19 20:49:21	Name: _gid Value: GA1.2.544689318.1630075181
.doublepulsar.com/	1970-01-19 20:47:55	Name: _gat Value: 1
.doublepulsar.com/	1970-01-20 14:19:07	Name: _ga Value: GA1.2.752440306.1630075181
doublepulsar.com/	1970-01-20 05:33:31	Name: uid Value: lo_31a295735e1f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.994b41d4.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
doublepulsar.com
errors.client.optimizely.com
glyph.medium.com
lightstep.medium.systems
medium.com
miro.medium.com
www.google-analytics.com
13.224.96.57
2600:1f18:24e6:b902:3560:f86b:b647:d2d7
2600:9000:2190:7a00:19:9934:6a80:93a1
2600:9000:21f3:6600:11:f728:3040:93a1
2606:4700:3032::6815:5081
2606:4700:7::a29f:9904
2a00:1450:4001:803::200e
2a02:26f0:6c00:2a0::13b8
3.225.10.210
52.1.119.170
023e4896942ae770c88c045d89d253862d0bb4ecb47adfc19be2d2702412af42
02a209d50a545e4955d40866065477107a19b3ba0f74f449ce3e3f4fac6b08aa
038262231160fee976d84fa8d1db80567769112008a892e0edeb76f6c1121165
0393d1706ef05b8c2ae9f12bd4d71aba8affbebee2dfa6fccba81b86e2e725ae
042e4e303b7ad0b97a172aa37962c7f649c1afad771dd31f8e7161744d84cdff
05a1af335c12488ca849dbabfc6192f0710ff328f926f54859c4793b581c649d
074120e0ce9c1b6b278f30fbc208a1312ad9c87639665a2abfb86bdacb6bdbbf
0b891f3fd101f913d6c2d42b7dccce4d53d33e49d733b8f4774a6559bb534be6
0c8816dc8228d4e702aac7c2832e7617ffbdf7aecc865587b696d063f3ea93b3
0d9552c1a8a70745378143287ac280762bb3a0bb1f338157d4d1c2b96383b563
0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107
0edebda7c824603f9d5502a48e012b991c04985cdf27360b157dc3ef2214e2ac
0fb31a44cfd1495cb28d89c94af045f6e3996d4e0861280a30cccfa3d21a3664
0fcdf1b9c29d79fa8679eeefa1573c239bc5bea4dd2eed064fc6e2a0d1c97f4b
103c8f4bcf8bffd0fea54ecad915230d6025023083349a94e5e32ff50c0b96f7
111cac9ce607d1b598d07b88659f6145cdc1015153fc3ae036c98f37eb9d5a59
12ae1072afc293ec30101e3f8d4eee96b04952b8f21ac49df261e70ae69cafbf
143be9b55563d57d3e4601b0281c8c5a6c698e8336841433f7f5f959605e2e34
150983f7af705c483efe7030e5a770c42e3057ce296469f731b1a29dca347835
1a903333a957f9311e1d51fb0064c219e1e0f578e36fa993d750a99d0f7fe697
1f26be1205a7d0312c6285603a29cfe9c778c82bd9c2525d610d8087ea224517
23d5d5917766394d6fb54189597fcc1ad7b0fe96870e594d940a89717d8338f7
24ffbef1177aa861458bf509b1995d08c855a289b1dceb2928773815b1c7c27d
29c4fa2b831a9d8a8d76c356c37f51a8c564fde548e73088dcd3627363d98d75
2d62c45fc2fb98a30f520480ed1060f0000ec78a37bfa80103e7d7ff3930b084
2f858ae42dc95fa7d296a95b414952a71bc640985593fc83a5ecdbbafb9a9525
37df73af877e88b767044bae0ec895370689d3f1986a7b84d5325ab9c7287c55
389d660ad6302843f61ead3441874022a81cc38678b5d0bf041897e376db4d43
3903354e40a89bc08ffd179ce96dc3dfe7f3603bfaa1f52982045573b32c40bc
40b5b8739da64f4d3729bb9807bd3a1d96d3ba6109ee8e44a93b4ff7fd153b08
42c52e890f28e70ff1ca83516c725e896e26200f68ca981b04fc071bac4ed27a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
499d277272839c165137bbaf1609abf7d5347654872481e6577ba16b992e2bd6
50b109a0afc4f7cf5f7684158734de0b1f4251d7e1ac64a83b9b520d8c7caf93
51041a29d93ea155720fb49ddd960a39b1a081d7d43a3d051c08bb620a3cb2e3
525519582b1bd4a7a793e91b793c4c727c4cec22ce14884f6ba4d3aaf6ded90c
5653275fd2234822f5aab4c7fb5bc5325e4991570295998f1ab5a83287c7f285
568fe88e7db65428f3f7828196f047a5349141c1a1eb791c5326ab3951a0362f
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
5ced593854bb82c95cf35f22c421e3ada59d60b4c9292b58da914d4340139d17
5f2abdf9e9752867b58046f22000379a3c4da9c0f4a0536635972bc124a7854d
637cdc0098af2338b74066ac586b96e6d92296dc12a7acbc0ac7424917bd5cae
63949e8bcc569dc5867c1ac45730d4328fb75aed0af3e590d85e5b7b5e90409b
63ff695f5b36586ec7fb3acc54730f33d4167cc2b797897bdec8a1654ee7d87b
6550693dadb570fdd94da3996a0887c68d4d291c0818f1528d1a7bc930d8b869
68078ec955d9fe1ecbba1656e1f4469e2585307cfc1b5b993df6e56e5de3d359
685ebea4a8c71de75cf3b4f8c51d8ca871eb2edfbe2b5ae36c2becd2b22c4629
6a176d46d3ac1242b03bd2e6a9410fed8fe7eff96061b4d859ff988207334665
6c05b8e83e0fcbb9a024cd9f2b13345167f61cd318684b92ed268df7ab5d6d6d
6fefca2e39b0c80d4d1c9b40a41787df0f738a85ff142e5295f17b2e96711ad3
72fdaeca4c65e6655aeeb37b8b9787e1cef79a4e8b10cee34f64f6315cef91e3
73a6db1203e39e624888c3741b215f8ae7c07835d612624554a615fbfccb5c72
78370f1c60ca7a80d7bc4052eedbb87ad1425f418730b2cf7b3922719001d752
78f3247a4ee16f29508798e228c2f1cfe7d0406cee82a94cf2c34a25cb0a41ee
7d6d130d8f196bb2c14843b9bd09ca0f6eb9c826133a4451082927aba4f40f39
7df3af12e866788eb580b7542e9e29e8bffe1c046eaccea8b019fb5c9d88097b
830f40ef2a3e1b3f6fa8391cc6c93d8ed19dcc454398596ec98aa2c6ebef48bd
83b609bf586cb8e62af2f3267bbaa50c9f11d7d6e86e1c84e2eecfbc2be949ef
8a16399be3dd5a77dab492b09571656ea17bcab138b1422484312c761aecbf2d
8a6f7776d9114c66723e5c20fb977343f5a94c7186be3cd5a9e921522e73522c
8a7792c2be4eaab118f29983565c43f73a770215d8f27a7a46a44562d007a548
8bbacda37b119c290c184c6975dc0f9e7892a22c56bb572d70457e437484864d
8c29d9846491a99590d67d85354286ca11bffff92ae44c481be64a1681f59bcd
8d3263919f036071371394d7d4bdfa9715658cebab2cb453ec39383e5c902958
8ef36cd81a32a63c14214d2d7c45e0809be147e68869ea1a5c34feab6d207fa2
904397f76a8b5003581d647a59b7f0c48820e72692bae32f62faa78d9d08ece0
92d2ff27d2b587da629e4ff4aaae0eb0541e5dc2412152dd075034da1fda8c25
939fb1d2fd842bbdd120b1fb3e206f297a7ab81eb893ff2440d89b47879b65af
96be4a55208ca0e90dd710cc6eb9f4b612fe08c1a9d08a4a2c81ba1253488b2f
971c28b0d1f472873001dc7dc6a2cccb67ae422fd00cd6a12e753fbc1ff1e2ea
99a551671d29fb4718e5697b374fc9d0ab5f362651fb03863a6fe57a8a29ae9f
9a1bb21db6c50c8c9d7931a77cba791bc9d7ecd6eef2373a66cb4cde5e6e5d16
9d8aa4689a04989a7698e498bc9d2b842b15742cd7f6710017620cd5c0ad22ea
9f9426d07320e3f576a16016df14965aa352eea15b901f44f72187ae8c4d597c
a047a2451ec24e1672c5be27907327922f6c2faf07590a209dc024bc8fe8d4be
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4234de612d23c49b753051754b4a09d58f6812aae0960fac0578cd2e8d9566d
a8094acafe89a5817d2a6abc64561fec6226c3b2c83c9810d179d4505a7fdb65
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a94e6849b61a757cf02abe1a5b7b55f869d14cd3dcfa91da02141fc849df0b95
ad2c52d005eafc6341d3d19a7a8a05ed649686c6881ab62155ae95d4618adf35
addbe05beb440d94ba5bf73ecdbb7d46affc437f37b5a39c34d84f5d1cb2dfa1
ae1c273ad638e70d8bf5fd973b10ca3396efd4296ed46d5f4f9fc0c89ce19a76
af4cd63175903f7de1128348f087273d1d0b50dec0d84b6d96d9595aacaab923
af53bb392cf949de35ca399079add6d28e09d25b1b2072624fc78c804dfd607e
afed961ddb57f36277dfd3c4746651600913c0bfff3b3a498971e1d40d027351
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b3207bd24557fefc2773c0bb9d388545f3666a14bf86abe03f10f95272ca24b2
b3d5fdf94cc9bcce6d26f71f0d82b4e925e0ca901df59c1d24d7d911eddb0cbd
b5c56db5c125272d6c1961aec103670e022d01534cfbd4baa7ff3b595f9825ce
bac7c08c637f489dd02b2d3a6ff4aca3c7e038a920e39a685f07f81228c419a3
c4a10cbffdbce76d8de099fabe5eaf5fe08c12fa86e846e34013f7597c716e88
c5388efddd16e46845ff6bc0b750d6273ee98feae2dce22044c0019336019c1f
c5748a354a1c79fdb238f56dde081004de39bb61a52bd74676e036f3786db9e6
c88a6fd9c0f927b6c6eb6a0333d8df738064c2f09458bb23064d319ae34f344f
c8ea4c5606f00ece39073ca2c52012151e25038242447053b13ac4f2021f0c02
ccf1d0212a4714b3f473779b2c0bc89ecc064414c86ae363d83b0033c9d1f74f
cd520777ff12430259aea76eedc236888374a44fe25dc771b5abc1616794186c
d3dd90bc7589e2dfce2ebb76fbbdeb3edb151dda0fc05cb3ce013b4058be34a2
d49f9d5f6cf0fe5e246dae163447d21a876c54cdf3da502fca7d95f2441a51a6
d60f382ab7dcba7579cd2088e8f9ef61e63acbcf269626a9b081c54d9624cdaf
e0ce16af99f8a960767cf02eb3e2a0c55b201717d5eb340ca5e278a46cb67661
e326647d12d139a9b7294208b6d567411e522fb6b2b97ea281649ad30407bbf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e544bd8d73fe98d8ba7a775515ae3f80b1dc3d63f6aaded903352e5bfd0dbf5f
e798695365aaabfbd6209396d2f2e565e367bd2d29a805358798bde076c9a4be
e80822fa48ad371fcf8ee70251a00651a367ba539273ff7e5b2ca639dd33bcfd
e83c6b0ea99b4caf907cc41097879e6edc6ffd49cfe6266275abd3bcf771737c
e8942b90f53f2c2ab0836230b85c3055701e5ab9b3439b0fa4c7bc0366d400e5
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8
e9d67ee8bdede3d1235705cc312c9c039d5e1dc94e77ca56a3ba07a944657b06
edac038fa41b6998706870940e3dcb6a50bf6ff175cfd7e274dc1f096f9e1c30
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f63811c573863c7a05bd6f566c58514065f86bc22670b01249ec511db42ab8a9
f6df94cc15c64e450354bf62f7de16c8dc4b0de88d2ff220c2eebe5ef953b1ff
f724cafa4496101c379bed8a55779f79605e2c99fa027fa7d3217177abc00193
fb8d5b9f74625e511e3c8d63848e7a54c98016daed84f8df3bc166368586afa5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe20d15189023af0455c9c6ac8f7e03ec7c42a2b8c794c141919951ea7ebd335
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

doublepulsar.com Open in urlscan Pro 52.1.119.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

70 %IPv6

8 Domains

13 Subdomains

10 IPs

2 Countries

1520 kBTransfer

3854 kBSize

4 Cookies

72 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

doublepulsar.com Open in urlscan Pro
52.1.119.170 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

13
Subdomains

10
IPs

2
Countries

1520 kB
Transfer

3854 kB
Size

4
Cookies

132 HTTP transactions
0 data transactions