posts.specterops.io Open in urlscan Pro
52.4.175.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/iLc72pPscF
Effective URL:
https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=9...
Submission: On July 15 via manual (July 15th 2020, 7:08:35 am UTC) from NL

Summary HTTP 82 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 82 HTTP transactions. The main IP is 52.4.175.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 3rd 2020. Valid for: a year.

This is the only time posts.specterops.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 8	52.4.175.111 52.4.175.111	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6810:797f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:eb:... 2a02:26f0:eb:389::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
54	2606:4700::68... 2606:4700::6810:7591	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.101.156 143.204.101.156	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.23 13.225.78.23	16509 (AMAZON-02) (AMAZON-02)
1	23.43.121.57 23.43.121.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:20e... 2600:9000:20eb:f000:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.86.1.233 52.86.1.233	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:21f... 2600:9000:21f3:6800:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b902:601e:7b09:7b05:7cf5	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700:e4:... 2606:4700:e4::ac40:ad17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.86.99.254 52.86.99.254	14618 (AMAZON-AES) (AMAZON-AES)
82	15

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.4.175.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

posts.specterops.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:797f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:389::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700::6810:7591 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.156 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.121.57 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)

a16180790160.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f000:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.1.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

srv-2020-07-15-07.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:6800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:601e:7b09:7b05:7cf5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:ad17 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.99.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	medium.com 1 redirects medium.com glyph.medium.com miro.medium.com cdn-client.medium.com	972 KB
8	specterops.io 1 redirects posts.specterops.io	45 KB
5	medium.systems lightstep.medium.systems	1 KB
5	branch.io cdn.branch.io api2.branch.io	25 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	optimizely.com cdn.optimizely.com a16180790160.cdn.optimizely.com logx.optimizely.com	91 KB
1	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
1	parsely.com srv-2020-07-15-07.pixel.parsely.com	229 B
1	app.link app.link	745 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	19 KB
1	t.co t.co	466 B
82	11

	Domain	Requested by
37	miro.medium.com	posts.specterops.io
11	cdn-client.medium.com	posts.specterops.io
8	posts.specterops.io	1 redirects t.co cdn-client.medium.com
6	glyph.medium.com	posts.specterops.io
5	lightstep.medium.systems	cdn-client.medium.com
4	api2.branch.io	cdn.branch.io
3	www.google-analytics.com	posts.specterops.io
1	logx.optimizely.com	cdn.optimizely.com
1	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
1	srv-2020-07-15-07.pixel.parsely.com	posts.specterops.io
1	app.link	cdn.branch.io
1	a16180790160.cdn.optimizely.com	cdn.optimizely.com
1	cdn.branch.io	t.co
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	cdn.optimizely.com	posts.specterops.io
1	medium.com	1 redirects
1	t.co
82	17

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
www.specterops.io
github.com
oauth.net
docs.microsoft.com
chrome.google.com
portal.azure.com
developer.chrome.com
login.microsoftonline.com
www.youtube.com
zacbrown.org
gist.github.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
posts.specterops.io Sectigo RSA Domain Validation Secure Server CA	`2020-03-03` - `2021-03-03`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2018-07-31` - `2020-09-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-05-31` - `2020-08-29`	3 months	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-03` - `2020-10-09`	6 months	crt.sh
logx.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-10-01` - `2020-10-05`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
Frame ID: 99C7145854023B382A61CE76B1AD52CD
Requests: 85 HTTP requests in this frame

Frame: https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html
Frame ID: 39C6ACE26445ECB0F39D3083C9103DDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/iLc72pPscF Page URL
https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-s... HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Frequesting... HTTP 302
https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-s... Page URL

Page Statistics

82
Requests

100 %
HTTPS

53 %
IPv6

11
Domains

17
Subdomains

15
IPs

4
Countries

1199 kB
Transfer

3159 kB
Size

8
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----2b0409caad30----------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=--------------------------nav_reg-
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F2b0409caad30&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=--------------------------nav_reg-
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=--------------------------nav_reg-
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.specterops.io/?source=post_page-----2b0409caad30----------------------
Title: specterops.io

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=-91b45ba406ef-------------------------follow_byline-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=post_actions_header--------------------------bookmark_header-

Search URL Search Domain Scan URL

URL: https://github.com/leechristensen/RequestAADRefreshToken/
Title: RequestAADRefreshToken

Search URL Search Domain Scan URL

URL: https://oauth.net/2/grant-types/refresh-token/
Title: OAuth 2.0

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#refresh-the-access-token
Title: refresh

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/active-directory/devices/concept-primary-refresh-token
Title: tokens

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/windows-10-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji
Title: Windows 10 Accounts

Search URL Search Domain Scan URL

URL: http://portal.azure.com/
Title: portal.azure.com

Search URL Search Domain Scan URL

URL: https://developer.chrome.com/apps/nativeMessaging#native-messaging-host
Title: native messaging host

Search URL Search Domain Scan URL

URL: https://developer.chrome.com/apps/nativeMessaging#native-messaging-host-protocol
Title: Per the docs

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
Title: Process Explorer

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/basic-audit-process-tracking
Title: process

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
Title: command line logging

Search URL Search Domain Scan URL

URL: https://github.com/0xd4d/dnSpy
Title: dnSpy

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/combaseapi/nf-combaseapi-cocreateinstance
Title: CoCreateInstance

Search URL Search Domain Scan URL

URL: https://github.com/tpn/winddk-8.1/blob/f6e6e4da7d1894536cf1fa774911df1218ef912e/Include/um/ProofOfPossessionCookieInfo.h#L199
Title: It’s

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/proofofpossessioncookieinfo/nn-proofofpossessioncookieinfo-iproofofpossessioncookieinfomanager
Title: documented

Search URL Search Domain Scan URL

URL: https://login.microsoftonline.com/login.srf
Title: https://login.microsoftonline.com/login.srf

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Hm3JodBR-vs
Title: !

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/evntprov/nf-evntprov-eventwritetransfer
Title: EventWriteTransfer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=VABMu05mYww
Title: suggest

Search URL Search Domain Scan URL

URL: https://medium.com/palantir/tampering-with-windows-event-tracing-background-offense-and-defense-4be7ac62ac63
Title: few

Search URL Search Domain Scan URL

URL: https://zacbrown.org/hidden-treasure-intrusion-detection-with-etw-part-1/
Title: great

Search URL Search Domain Scan URL

URL: https://zacbrown.org/hidden-treasure-intrusion-detection-with-etw-part-2/
Title: resources

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/evntprov/nf-evntprov-eventregister
Title: EventRegister

Search URL Search Domain Scan URL

URL: https://gist.github.com/mattifestation/edbac1614694886c8ef4583149f53658
Title: TLGMetadataParser.psm1

Search URL Search Domain Scan URL

URL: https://github.com/airbus-cert/etwbreaker
Title: etwbreaker

Search URL Search Domain Scan URL

URL: https://github.com/leechristensen/Random/blob/master/PowerShellScripts/Start-EtwTrace.ps1
Title: Start-EtwTrace

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=post_sidebar-----2b0409caad30---------------------clap_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=post_sidebar--------------------------post_sidebar-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=post_actions_footer-----2b0409caad30---------------------clap_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=post_actions_footer--------------------------bookmark_footer-

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&source=follow_footer-91b45ba406ef-------------------------follow_footer-
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/p/2b0409caad30/responses/show?source=follow_footer--------------------------follow_footer-
Title: Write the first response

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----2b0409caad30----------------------
Title: Discover Medium

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----2b0409caad30----------------------
Title: Make Medium yours

Search URL Search Domain Scan URL

URL: https://medium.com/membership?source=post_page-----2b0409caad30----------------------
Title: Become a member

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----2b0409caad30----------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----2b0409caad30----------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----2b0409caad30----------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----2b0409caad30----------------------

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/iLc72pPscF Page URL
https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30 HTTP 302
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30 HTTP 302
https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 iLc72pPscF Show response
t.co/ 512 B
466 B 136ms
136ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/iLc72pPscF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

5ef1af223be1724c835c8d9eadc56a4f449c5e8563820119fb50456b012f97ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /iLc72pPscF
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 236
content-type: text/html; charset=utf-8
date: Wed, 15 Jul 2020 07:08:12 GMT
expires: Wed, 15 Jul 2020 07:13:12 GMT
server: tsa_o
set-cookie: muc=67f08e15-2873-4752-b06d-f954ba0e4fce; Max-Age=63072000; Expires=Fri, 15 Jul 2022 07:08:12 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 9cd3f3262ef791ef011faf0d2d81bfd3
x-response-time: 116
x-xss-protection: 0

GET
H2

200

Primary Request requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30 Show response
posts.specterops.io/
Redirect Chain

https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

241 KB
44 KB

470ms
470ms

Document
text/html

52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Requested by

Host: t.co
URL: https://t.co/iLc72pPscF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

8a178adec3588f6e423a9f31410aaac1cdc48bcbffc70cb744ffbdea5291b137

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: posts.specterops.io
:scheme: https
:path: /requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/iLc72pPscF
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://t.co/iLc72pPscF

Response headers

status: 200
server: nginx
date: Wed, 15 Jul 2020 07:08:13 GMT
content-type: text/html; charset=utf-8
set-cookie: uid=lo_oQjZRY7c2KaE; path=/; expires=Thu, 15 Jul 2021 07:08:13 GMT; samesite=none; secure; httponly sid=1:C2oF+r1oGGD6XDP1kAo+TucHR/27d5287SSWtoeAQMOfNQq/gpKu7bI10roCihgh; path=/; expires=Thu, 15 Jul 2021 07:08:13 GMT; samesite=none; secure; httponly optimizelyEndUserId=lo_oQjZRY7c2KaE; path=/; expires=Thu, 15 Jul 2021 07:08:13 GMT; samesite=none; secure
sepia-upstream: production
x-frame-options: allow-from medium.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
medium-fulfilled-by: lite/master-20200714-224550-65ed4e3f49, rito/master-20200714-195830-5629c3b61e, tutu/medium-41628
etag: W/"3c2bc-2EJilbKuT2vikf/qq1VB3RHKFNY"
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 320

Redirect headers

status: 302
date: Wed, 15 Jul 2020 07:08:13 GMT
content-type: application/octet-stream
set-cookie: __cfduid=d11ac91e9b9ec4f111485f29abbc795001594796892; expires=Fri, 14-Aug-20 07:08:12 GMT; path=/; domain=.medium.com; HttpOnly; SameSite=Lax uid=lo_oQjZRY7c2KaE; Expires=Thu, 15-Jul-21 07:08:12 GMT; Domain=.medium.com; Path=/; Secure; HttpOnly sid=1:7l+UYI0fm75fwMb8gACexs3GdSFY+GhzednYZ+6nU+VhCeOqtzmHUQ8+kp1Dc0Hr; path=/; expires=Thu, 15 Jul 2021 07:08:12 GMT; domain=.medium.com; samesite=none; secure; httponly optimizelyEndUserId=lo_oQjZRY7c2KaE; path=/; expires=Thu, 15 Jul 2021 07:08:12 GMT; domain=.medium.com; samesite=none; secure __cfruid=3f0762f1022f5a98799b8de42c049e90c829d647-1594796893; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
x-opentracing: {"ot-tracer-spanid":"5e36399c22ad508a","ot-tracer-traceid":"16c3d581080b91ba","ot-tracer-sampled":"true"}
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
x-powered-by: Medium
x-obvious-tid: 1594796892923:33153b4c99f1
x-obvious-info: 41628-e1741e6,e1741e63d20
link: <https://medium.com/humans.txt>; rel="humans"
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
pragma: no-cache
location: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 03f2e67a71000007462909a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b31a6a3eac10746-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 306 KB
91 KB 39ms
22ms Script
text/javascript 2a02:26f0:eb:389::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb:389::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c71cc812486de4a7fab37b5c5a7e36fa5f64585d13d52194ac8d4c64473fc363

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: DIkSfdJxZfEhD.uZoYXNHFZLR.S2pIVt
content-encoding: gzip
etag: "a6e39a12a0bd05cb23a53bc78b49cd90"
x-amz-request-id: 794309C6AB9CE1D7
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:eb:389::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 92097
x-amz-id-2: XrJRLqnQBCojfNg9rJVgM/Bs0JvQx9b9s7gJUPdNC5W3NBWltmsLdc9xMm+r6OvAzaTMTgoo3B4=
last-modified: Tue, 14 Jul 2020 15:58:19 GMT
server: AmazonS3
date: Wed, 15 Jul 2020 07:08:13 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 3363
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 m2.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 47 KB
30 KB 51ms
26ms Stylesheet
text/css 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15542521acc8deecc31fc474956c6c78880f9d17a9d52349ced3593c9335a615

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2587
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03f2e67d57000006292495a200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 5b31a6a88ee40629-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 15 Jul 2020 11:08:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3153
date: Wed, 15 Jul 2020 06:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 15 Jul 2020 08:15:40 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1467578893&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30%3Fgi%3D98e3177ccc1d&dr=https%3A%2F%2Ft.co%2FiLc72pPscF&ul=en-us&de=UTF-8&dt=Requesting%20Azure%20AD%20Request%20Tokens%20on%20Azure-AD-joined%20Machines%20for%20Browser%20SSO%20%7C%20by%20Lee%20Christensen%20%7C%20Jul%2C%202020%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1313467289&gjid=1684364282&cid=103309438.1594796894&tid=UA-24232453-2&_gid=1474527641.1594796894&_r=1&z=1422740988

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/304/ 7 KB
7 KB 29ms
23ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/304/1*aa0HsXZL43r95TuTJlJNPw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 348445
status: 200
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6883
cf-request-id: 03f2e67d9e000006292495f200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200526-204632-bf3ad9f6f6
accept-ranges: bytes
cf-ray: 5b31a6a8ffde0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*AcKVsvVqg25680kdisLHcQ.jpeg
miro.medium.com/fit/c/96/96/ 5 KB
5 KB 24ms
18ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/1*AcKVsvVqg25680kdisLHcQ.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

988da124223b46f0769bb8180f0d83d4c19ed97676aa2e0667ab6c34e3c9a94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32699
status: 200
x-envoy-upstream-service-time: 65
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4749
cf-request-id: 03f2e67d9e0000062924960200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200629-230611-ec9f038ff1
accept-ranges: bytes
cf-ray: 5b31a6a8ffdf0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*juHB5LYmCBB4d6y3KZeZLw.png
miro.medium.com/max/60/ 2 KB
2 KB 23ms
17ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*juHB5LYmCBB4d6y3KZeZLw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e4573d897cc4661121a204433ea50efec21a04a4829bf5e127948cda18e9ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 48
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1551
cf-request-id: 03f2e67d9e0000062924964200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a8ffe70629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*duTEYAuX6ThMVfGOnf1-AA.png
miro.medium.com/max/60/ 832 B
932 B 23ms
18ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*duTEYAuX6ThMVfGOnf1-AA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f85707bc8a4c7303df87aa74fa3d29a716159448b03c9303c62e3b5f25a9e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 832
cf-request-id: 03f2e67d9e0000062924963200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a8ffe50629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*b7bpW-8enMwSEyo95ZXpZA.png
miro.medium.com/max/60/ 2 KB
2 KB 27ms
22ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*b7bpW-8enMwSEyo95ZXpZA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6872d502a54295d6491cfcfb488378a4bb21cf97524595b14427d9643e3000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1833
cf-request-id: 03f2e67d9e0000062924961200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a8ffe20629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*VYkXOntAE_McDVdridpmpg.png
miro.medium.com/max/60/ 1 KB
1 KB 26ms
21ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*VYkXOntAE_McDVdridpmpg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

686dc11a64c2104c2350191989173c6a008555af147b21bfc239666122ae0db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 58
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1368
cf-request-id: 03f2e67d9e0000062924962200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a8ffe30629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*vGFoxGRKzHEH1HldYEMkMw.png
miro.medium.com/max/60/ 2 KB
2 KB 19ms
18ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*vGFoxGRKzHEH1HldYEMkMw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046e3620c8a8b58ae5d94e9e24a0556cc606d25c76768ef8ae93027c59473b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2366
cf-request-id: 03f2e67db20000062924966200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a918410629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*LWJTr5rJoLHSqxFB1mkBag.png
miro.medium.com/max/60/ 511 B
612 B 22ms
21ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*LWJTr5rJoLHSqxFB1mkBag.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6d8ddef96bc0371c06597909b6cbc6bcf4460ed732056dee0e5fe967752b355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 75
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 511
cf-request-id: 03f2e67db20000062924967200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a918440629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*wUC1_DGWkqSK9ISELIVHlA.png
miro.medium.com/max/60/ 698 B
927 B 20ms
19ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*wUC1_DGWkqSK9ISELIVHlA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25a645467cc301174643b59e033df660f6e7cc1d73fe9377e00c23308f8090fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 698
cf-request-id: 03f2e67db20000062924968200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a918450629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*WVnEOuRsSN0mxMZvRSKi2w.png
miro.medium.com/max/60/ 630 B
860 B 21ms
20ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*WVnEOuRsSN0mxMZvRSKi2w.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e767be2943920ded76b37e6db4fd84b011f7d94a88d25d8ddc6b2718ee57c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 37
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 630
cf-request-id: 03f2e67db60000062924969200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a928550629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*WUWtSgLrWCN7Jo7G8NBUsg.png
miro.medium.com/max/60/ 1 KB
2 KB 22ms
21ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*WUWtSgLrWCN7Jo7G8NBUsg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214a4d833e9e41e47ebbee673a829fdea97f1c85afe15ee79cd691849ac28f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 56
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1359
cf-request-id: 03f2e67db6000006292496a200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a928560629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*FWpoilm1VOIlwrNsox1ufg.png
miro.medium.com/max/60/ 572 B
764 B 21ms
20ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*FWpoilm1VOIlwrNsox1ufg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625ea2773c27c0dca5ca1094cc7cbd8998c6ed71e13cc783fb3a3b1c58b02e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 75
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 572
cf-request-id: 03f2e67db6000006292496b200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a928570629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*vKf0N2gD2fFpq50aykhaCw.png
miro.medium.com/max/60/ 368 B
468 B 18ms
17ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*vKf0N2gD2fFpq50aykhaCw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a217b5a89f083304b2e6df60444781339be9b5f882aa3ceb700f823992ccaba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 368
cf-request-id: 03f2e67dc6000006292496e200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a9389a0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*EliMI3HpSHyuMaYCHtlIlQ.png
miro.medium.com/max/60/ 1 KB
1 KB 21ms
20ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*EliMI3HpSHyuMaYCHtlIlQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ec2542bfe10a7d479fdcb26a8ad93197185c258f01b70134114ff43364078c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1421
cf-request-id: 03f2e67dc6000006292496f200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a9389b0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*fMd8VcOlQuTQSPwTnguOkg.png
miro.medium.com/max/60/ 1 KB
1 KB 17ms
17ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*fMd8VcOlQuTQSPwTnguOkg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1bddb1f0523fa489b6bd2caf7006b85b8a00c56735b9e946f3e4db828f42209

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1044
cf-request-id: 03f2e67dc70000062924970200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a938a30629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*paaiax8YRM1QTxqukwedqA.png
miro.medium.com/max/60/ 504 B
600 B 24ms
21ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*paaiax8YRM1QTxqukwedqA.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aabbc322d386dcc470d9e0d001a3019db19be943948ab7e6443d5f696a2b66c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 504
cf-request-id: 03f2e67dce0000062924971200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a948be0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*L1rb2IZrvXKuFavOAPuScQ.png
miro.medium.com/max/60/ 2 KB
2 KB 22ms
19ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*L1rb2IZrvXKuFavOAPuScQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4958dd904d871f6e77aae1c8e9a6a83279d03813feedd9c5ae4b145f8cb7d5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32409
status: 200
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2370
cf-request-id: 03f2e67dce0000062924972200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6a948cb0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*AcKVsvVqg25680kdisLHcQ.jpeg
miro.medium.com/fit/c/160/160/ 11 KB
11 KB 21ms
20ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*AcKVsvVqg25680kdisLHcQ.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea179cdb518afa540607782a9e3b50fd3f0d94a492672495032d9469b659c350

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32699
status: 200
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10999
cf-request-id: 03f2e67dce0000062924973200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200629-230611-ec9f038ff1
accept-ranges: bytes
cf-ray: 5b31a6a948cc0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/160/160/ 6 KB
7 KB 13ms
12ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1126992
status: 200
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6539
cf-request-id: 03f2e67dd80000062924974200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200526-204632-bf3ad9f6f6
accept-ranges: bytes
cf-ray: 5b31a6a958f40629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*AcKVsvVqg25680kdisLHcQ.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
4 KB 17ms
17ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*AcKVsvVqg25680kdisLHcQ.jpeg

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa8a428aa7cb6a6bb5ae95e4051e29099a49e7a33bddb8e4f4dbe8d97015fb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32699
status: 200
x-envoy-upstream-service-time: 45
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3392
cf-request-id: 03f2e67dda0000062924975200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200629-230611-ec9f038ff1
accept-ranges: bytes
cf-ray: 5b31a6a958fc0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 15ms
15ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*D-FDlfkqivRBQZoESrwtqw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1786403
status: 200
x-envoy-upstream-service-time: 61
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2735
cf-request-id: 03f2e67ddb0000062924977200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200514-191947-e45d7283d4
accept-ranges: bytes
cf-ray: 5b31a6a959030629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*dy7MvBD79mkCTajDbSssBw.jpeg
miro.medium.com/max/60/ 993 B
1 KB 27ms
25ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*dy7MvBD79mkCTajDbSssBw.jpeg?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd42b41715639d00fdd524dae4734968e91e05abb368514929b740af942ddb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 349214
status: 200
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 993
cf-request-id: 03f2e67de30000062924978200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200526-204632-bf3ad9f6f6
accept-ranges: bytes
cf-ray: 5b31a6a969200629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 0*GHniN9KHMioCdUW5
miro.medium.com/max/60/ 3 KB
3 KB 126ms
125ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*GHniN9KHMioCdUW5?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

172f5b7d6aea73d3fb57d7638c740eeeff4b607a1aa0308d04b9b8f00ab49cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 12
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2661
cf-request-id: 03f2e67de30000062924979200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/master-20200714-222204-b4b071feaa
accept-ranges: bytes
cf-ray: 5b31a6a969210629-FRA
expires: Fri, 14 Aug 2020 07:08:13 UTC

GET
H2 200 1*_yKdMthPwVpKYyHZnvrKJQ.png
miro.medium.com/max/60/ 4 KB
4 KB 16ms
16ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*_yKdMthPwVpKYyHZnvrKJQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26fb182c4bdbe614059da22c59fbc361a8bcd754c9a370fdb031d16f0b29019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 471475
status: 200
x-envoy-upstream-service-time: 60
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3627
cf-request-id: 03f2e67de4000006292497a200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200514-191947-e45d7283d4
accept-ranges: bytes
cf-ray: 5b31a6a969230629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*ezJx8ZEu1Va14iscq_h5Gg.png
miro.medium.com/max/60/ 1 KB
1 KB 17ms
16ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*ezJx8ZEu1Va14iscq_h5Gg.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

a373fcf6e68420792ae6977c1b7f2fe73082944f237ec333b8f45d28752507de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1823148
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3209-f49543a
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1304
cf-request-id: 03f2e67de5000006292497b200000001
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5b31a6a9692a0629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 0*ji6keNd2kNMsDi-Z.png
miro.medium.com/max/60/ 830 B
958 B 16ms
15ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*ji6keNd2kNMsDi-Z.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

b3b4f1ce0d89e52e8e1e7e1005bd4ffd61a2124dbd2257a461520986b692a66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 189979
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3210-6a9380d
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 830
cf-request-id: 03f2e67dec000006292497c200000001
pragma: public
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5b31a6a979450629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 1*YDlbuijY1qh1K0WhSIRFKw.png
miro.medium.com/max/60/ 4 KB
4 KB 17ms
16ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*YDlbuijY1qh1K0WhSIRFKw.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6656287fa1325f938441be0a1343b7946a17457f95f19770a8981ce392e307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 238121
status: 200
x-envoy-upstream-service-time: 39
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3749
cf-request-id: 03f2e67dec000006292497d200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200511-225551-4419e2d569
accept-ranges: bytes
cf-ray: 5b31a6a979470629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 200 0*yjzGtsFkfBpscrgE
miro.medium.com/max/60/ 868 B
1009 B 130ms
130ms Image
image/jpeg 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*yjzGtsFkfBpscrgE?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2f8549af80d61cda0e562b2e750e07fb016c08106744ac871cf546c5695cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 13
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 868
cf-request-id: 03f2e67df5000006292497f200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/master-20200714-222204-b4b071feaa
accept-ranges: bytes
cf-ray: 5b31a6a989720629-FRA
expires: Fri, 14 Aug 2020 07:08:13 UTC

GET
H2 200 1*SctH4KPaDxBIRBgzoO_4FQ.png
miro.medium.com/max/60/ 2 KB
3 KB 14ms
14ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*SctH4KPaDxBIRBgzoO_4FQ.png?q=20

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32df049d0a2a3659563bfdbfd2fda563bcf8304699a950486266848c14a4b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1748142
status: 200
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2446
cf-request-id: 03f2e67df70000062924980200000001
pragma: public
sepia-upstream: production
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200424-230724-1c1533c810
accept-ranges: bytes
cf-ray: 5b31a6a989800629-FRA
expires: Fri, 14 Aug 2020 07:08:13 GMT

GET
H2 404 1*M2FVPPidy2x386MRAE-EeA.png
miro.medium.com/max/270/ 0
0 22ms
21ms Image
text/plain 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://miro.medium.com/max/270/1*M2FVPPidy2x386MRAE-EeA.png
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 1*HyH8oIcJvXp7xzu5oF6dTg.png
miro.medium.com/max/270/ 0
0 17ms
16ms Image
text/plain 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://miro.medium.com/max/270/1*HyH8oIcJvXp7xzu5oF6dTg.png
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ced73b0f46b99eb9ff844aec40e2276202b7609e0996172cb162ed4ff1499f6d

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
15 KB 36ms
18ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7426827
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03f2e67db90000d6f18609c200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5b31a6a92aefd6f1-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 15 Jul 2021 07:08:13 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://posts.specterops.io

Response headers

Content-Type: font/opentype

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 46ms
29ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7086020
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03f2e67db90000d6f18609e200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5b31a6a92af7d6f1-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 15 Jul 2021 07:08:13 GMT

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 36ms
19ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30754894
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03f2e67db90000d6f18609d200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5b31a6a92af1d6f1-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 15 Jul 2021 07:08:13 GMT

GET
H2 200 marat-sans-400-normal.woff
glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 14 KB
15 KB 26ms
26ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-400-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Wed, 15 Jul 2020 07:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22376742
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03f2e67df80000d6f1860a2200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5b31a6a98beed6f1-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 15 Jul 2021 07:08:13 GMT

GET
H2 200 marat-sans-600-normal.woff
glyph.medium.com/font/6f4b679/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 15 KB
15 KB 1270ms
1259ms Font
application/font-woff 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/6f4b679/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-600-normal.woff

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb31d2d43efc714642919af84920177170837267c64a8fd3cec95889f83cc276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin: https://posts.specterops.io

Response headers

date: Wed, 15 Jul 2020 07:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 237615
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03f2e67f130000d6f1860b8200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 5b31a6ab5fc5d6f1-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 15 Jul 2021 07:08:15 GMT

GET
H2 200 manifest.f67b0131.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
3 KB 22ms
17ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.f67b0131.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4429ba4e9f21ce1c24058e48df40eb30b2e9937a922f5cd2234f6154b9c9c35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28779
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 89105EFCCF625683
x-amz-id-2: tPl12LGH34uAhbV6a26OuTHhH31UwTCp6k8DVqqSWpo7nI+geE7H3uzQ5Lfc4kudm5zyFXWGz3w=
last-modified: Tue, 14 Jul 2020 22:53:47 GMT
server: cloudflare
etag: W/"3bc29e82c3422a6a435367aa7ef5704a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: IE0ZfjPVsmRhbKYWseWKG98Lz8o7x3.S
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f7b00000629249a8200000001
cf-ray: 5b31a6abf8540629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 vendors~main.df22847a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 678 KB
177 KB 23ms
19ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~main.df22847a.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a383be77a07f25cf4397ac553962ad928ee1868c8307bc2d7d0ecfe805347c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 632421
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BCB1F4FAF02EC4F7
x-amz-id-2: PBRuc9OYMmI8795SQA1Y+qelMfz+GX3HXPt3uemvkgREaXNrztuBPUgih5Qz+o58NSJatT/BAKk=
last-modified: Tue, 07 Jul 2020 23:18:40 GMT
server: cloudflare
etag: W/"18abf28e5680d2299ffa82a9f02412d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 4pFNELRy4Wu.g_Zix_xSz1.Dw1xOmOAA
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f7b00000629249ab200000001
cf-ray: 5b31a6abf85d0629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 main.4559b0bc.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 509 KB
116 KB 28ms
24ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb371f9d211b8e2c6189e92b52d6364d26e070bce1f6cbb031ca44aca807fbbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38210
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 08E93A027D061561
x-amz-id-2: //2LSKpcvVjfVIS0izzILXRPPH812/jbYttR+SbLMJXfB1Inum27PVa+wpyleD3MQuunmtqJwwQ=
last-modified: Tue, 14 Jul 2020 20:15:36 GMT
server: cloudflare
etag: W/"c4022f2e0f972f21f651e0525da08078"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: a8NMfk.coM_cypSJ3KGtQbE7ym_GC6Xo
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f7b00000629249ac200000001
cf-ray: 5b31a6abf85f0629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 vendors~instrumentation.f93c490a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 23ms
20ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~instrumentation.f93c490a.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb91bc1ffe2a96e1c79f14ee6db2ab866dd62937828d2dc8df78b5ed5d7fff47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 632421
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 15C95A28D65DA77E
x-amz-id-2: NVmaJEgNldqSwOqbS8USN5vhLCNrlppTU/VLZCn9rTJM0Ldzx1H0hivVosvvWcszT1l7Xxo5xlU=
last-modified: Tue, 07 Jul 2020 23:18:40 GMT
server: cloudflare
etag: W/"2ceb6973d7105e24840899ce2266adf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: DawE_LFm1QRQZkjxRLLkSmqwiJlixuf7
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f7b00000629249aa200000001
cf-ray: 5b31a6abf85b0629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 instrumentation.70574cab.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
2 KB 27ms
23ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.70574cab.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcee0b1efae1eee7be1fdf58776be9a2096b3b8a3df81929c1e35e4303c3b717

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 124752
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 95E64356D531538D
x-amz-id-2: +LmVnKOub9nvOokDcFYQOrQ7EIbtjTpwT2brVTC1EpIk95EBIrWYOODZuxCaFoY/mouEfDWcX4c=
last-modified: Mon, 13 Jul 2020 20:15:23 GMT
server: cloudflare
etag: W/"2d5e2f758de17143052b04f19f9b40b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: pNCH9e1xTQeYZjHuF90IGsHlXrs63YI2
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f7b00000629249a7200000001
cf-ray: 5b31a6abf8500629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 reporting.38e15c78.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 22ms
18ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.38e15c78.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e919c7b9ec630bca6dad32d2a5366ef4677b6631e1861949f8043fdd93815a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 124752
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7BA59B6F85231AAA
x-amz-id-2: JERezeqTIheRfBarUkI3Tyd8MCvhc9FO8YbvlAX38KXqFXztRgH2XPL2tyKt0Y1mHJyWM2yjMso=
last-modified: Mon, 13 Jul 2020 20:15:29 GMT
server: cloudflare
etag: W/"45c856f6eca2246ad95aaa10e77da801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: SfcSkeIlaaUW4bMKNmWk7AnvNHNMwSb2
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f7b00000629249a9200000001
cf-ray: 5b31a6abf8580629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 vendors~AMPPost~CollectionHomepage~CollectionHomepagePreview~CollectionNewShortformEditor~Collection~37c9fa1e.77e6fe9c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
13 KB 33ms
30ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~AMPPost~CollectionHomepage~CollectionHomepagePreview~CollectionNewShortformEditor~Collection~37c9fa1e.77e6fe9c.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c51d06c0b20c19a172b8ae56ab0d81b6ec7b57d177c5784db4a31cdba2ecd070

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 655064
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BAC5D14461E5EACA
x-amz-id-2: KNp/HBuQQ3bV4HoOBn/BuvFTt2D76623DjPUpUncHNgW4YKvAoL8f6E27Veee5gzWJr+ZhjB2PU=
last-modified: Tue, 28 Apr 2020 16:59:45 GMT
server: cloudflare
etag: W/"025226d099826a9f1bfc75a24c8e5daa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RA6QBUQkKIMheND9zuWf6IdX514BZrlu
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f9000000629249ae200000001
cf-ray: 5b31a6ac18cd0629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 vendors~AMPPost~CollectionHomepage~CollectionHomepagePreview~DebugCachedPost~Post~SequencePost~Series.3eeca2a8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 25ms
23ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/vendors~AMPPost~CollectionHomepage~CollectionHomepagePreview~DebugCachedPost~Post~SequencePost~Series.3eeca2a8.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1265d92d6e3f0c63668d47dd69ecb742a6e9f8aff5300e11b26f57560f1c8068

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 124752
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4C66E2B998C1F6FD
x-amz-id-2: vD4sS/KbHWcY6YccZNzIxbgvJmSXVjJURoDc/eu5oyL+3SdbkeqYwazRqRucP+z0BmxeTt/2jiY=
last-modified: Mon, 13 Jul 2020 20:15:38 GMT
server: cloudflare
etag: W/"0bcf571fd7356b3907e321687011f0fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: oalwiU0ahfwY208uqpdoVvNyAzALTayI
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f9000000629249af200000001
cf-ray: 5b31a6ac18ce0629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 AMPPost~CollectionHomepage~CollectionHomepagePreview~CollectionNewShortformEditor~CollectionPostShor~3fa3f642.fbd78fa8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 133 KB
34 KB 26ms
25ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AMPPost~CollectionHomepage~CollectionHomepagePreview~CollectionNewShortformEditor~CollectionPostShor~3fa3f642.fbd78fa8.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d34672da973f2cdee5b2a48220d527acec94ae29986f7c419dbbfe60f24b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 54029
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 658274A6D98B0366
x-amz-id-2: 44Q4sXVCJXeO+Ho0IL7V9bjlRM+eY76TUa4QG2amhO+szSeT8gm5z3XABsJW0TUt3fmPXujtWz0=
last-modified: Tue, 14 Jul 2020 15:52:57 GMT
server: cloudflare
etag: W/"55dc2d0f53375fd3493a84f14d3a9bea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: iwFGFfqZ8_ceDP3uQj0s8erToVZVmqzH
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f9000000629249b0200000001
cf-ray: 5b31a6ac18cf0629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 AMPPost~CollectionHomepage~CollectionHomepagePreview~DebugCachedPost~PackageBuilder~Post~SequenceLib~32b7ff81.a4a404f7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
6 KB 21ms
21ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AMPPost~CollectionHomepage~CollectionHomepagePreview~DebugCachedPost~PackageBuilder~Post~SequenceLib~32b7ff81.a4a404f7.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52d861a975a784d144ad3c5362ac7fc9a83628bd517683293dd7abb4b57d363d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 557508
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A954D6600EB7CDE1
x-amz-id-2: aFrJiZBscX1SXghgfLTQM8QI/Dp2x/GZuYidAtsQFQmz0y/dKfpmQjQtYrYYd2GY1iXGBvRgkos=
last-modified: Wed, 08 Jul 2020 20:04:58 GMT
server: cloudflare
etag: W/"c7e73b01a9c3471e5169f0e5ac4371f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: cbUoLPRvn0zELfmL0o49p58uJXuuxi_G
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67f9400000629249b2200000001
cf-ray: 5b31a6ac28e60629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

GET
H2 200 Post.3ef6846e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 458 KB
112 KB 20ms
19ms Script
application/javascript 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.3ef6846e.chunk.js

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af9a3fc9dfc0ec9bd6efa8065c80f43263a138256baf950f412a7e4411fcf536

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28779
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDA5969D9BBD6422
x-amz-id-2: LV+YKQVr5mur2Z3tY4BYVRE5C39FgALJt3MiesRBU0zY4Te8RK5UMPrhnN4HOA9LB06yuUHhof8=
last-modified: Tue, 14 Jul 2020 22:53:39 GMT
server: cloudflare
etag: W/"aaa9acd368cc14abda453087c95dea52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Pgi8Wi9nBn848ZFsDIlphfrrpWmNGxNr
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 03f2e67fa100000629249b6200000001
cf-ray: 5b31a6ac39360629-FRA
expires: Thu, 15 Jul 2021 07:08:14 GMT

POST
H2 200 graphql Show response
posts.specterops.io/_/ 459 B
725 B 154ms
154ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.df22847a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 69ba2efcc2922e62915dc2d11406e9571a44cc0019388955cf0742d7bece8a51

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 33b3cd8541f128f8
Medium-Frontend-Path: /requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30?gi=98e3177ccc1d
Medium-Frontend-App: lite/master-20200714-224550-65ed4e3f49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: master-20200714-224550-65ed4e3f49
ot-tracer-spanid: 2f7f188c3e83d365

Response headers

date: Wed, 15 Jul 2020 07:08:15 GMT
sepia-upstream: production
server: nginx
etag: W/"1cb-r3o2am0/tcPM9BFtvXZMcL7euFs"
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: rito/master-20200714-195830-5629c3b61e, tutu/medium-41628
x-envoy-upstream-service-time: 32
content-length: 459
x-request-received-at: 1594796894984

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 48 KB
19 KB 87ms
21ms Script
application/x-javascript 143.204.101.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 14 Jul 2020 14:58:30 GMT
Content-Encoding: gzip
Age: 58185
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Thu, 02 Apr 2020 00:28:20 GMT
Server: nginx
ETag: W/"5e8531a4-c079"
Content-Type: application/x-javascript
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: O10duIeMCtUdSWmvF9i8eok7W1FCvCXUab0AbRqp5RH-w2QMgncYVg==
Expires: Tue, 14 Jul 2020 14:58:17 GMT

POST
H2 200 client-ready
posts.specterops.io/_/lite/performance/ 2 B
0 111ms
110ms Fetch
text/plain 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/client-ready

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:15 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
medium-fulfilled-by: lite/master-20200714-224550-65ed4e3f49
content-length: 2

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1467578893&t=pageview&_s=1&dl=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&dr=https%3A%2F%2Ft.co%2FiLc72pPscF&ul=en-us&de=UTF-8&dt=Requesting%20Azure%20AD%20Request%20Tokens%20on%20Azure-AD-joined%20Machines%20for%20Browser%20SSO%20%7C%20by%20Lee%20Christensen%20%7C%20Jul%2C%202020%20%7C%20Posts%20By%20SpecterOps%20Team%20Members&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEhAAEAB~&jid=1163631648&gjid=1887243672&cid=103309438.1594796894&tid=UA-102239211-2&_gid=1943175108.1594796895&_r=1&z=1852012696

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 07:08:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 77 KB
23 KB 92ms
27ms Script
text/javascript 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: t.co
URL: https://t.co/iLc72pPscF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 333e985d3b578d27203fad9c4175ddf9b76124226b9cdd3e85f7803657d0bc0d

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: A6w94ALyMzoS8qJspUJ4CAqZB2ApjNRM
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 07 Jul 2020 17:32:37 GMT
Server: AmazonS3
Age: 135
ETag: "46bcf0883acadb8869563d1105cf1476"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Wed, 15 Jul 2020 07:06:01 GMT
X-Amz-Cf-Pop: FRA2-C2
Content-Length: 23156
X-Amz-Cf-Id: bdbq8uCOc-YGZz1D2jIVUFvavfHrtZGqZaMFB9WGfmFOTJfceU3mrA==

POST
H2 200 fcp
posts.specterops.io/_/lite/performance/ 2 B
0 110ms
110ms Fetch
text/plain 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/fcp

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
medium-fulfilled-by: lite/master-20200714-224550-65ed4e3f49
content-length: 2

POST
H2 200 lcp
posts.specterops.io/_/lite/performance/ 2 B
0 115ms
115ms Fetch
text/plain 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/lcp

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
medium-fulfilled-by: lite/master-20200714-224550-65ed4e3f49
content-length: 2

GET
H2 200 a16180790160.html
a16180790160.cdn.optimizely.com/client_storage/ Frame 39C6 0
0 77ms
22ms Document
text/html 23.43.121.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.43.121.57 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a16180790160.cdn.optimizely.com
:scheme: https
:path: /client_storage/a16180790160.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Response headers

status: 200
x-amz-id-2: w/XTzl431KRw0f+AWMeHdIn+iuBE55JJTVtaTkgNZG8MQxPCD7HL1WubKB7yR8073FbYporR1N4=
x-amz-request-id: 7E5C25E970CE2F3C
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Jul 2020 15:58:13 GMT
etag: "2b9af6dfbbf2f091223174aac6cc77ac"
cache-control: max-age=120
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: Na.TtZr9gvyOKs_.KcO2mpikWJht1CW3
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 781
server: AmazonS3
vary: Accept-Encoding
date: Wed, 15 Jul 2020 07:08:16 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="23.43.121.57";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 1*duTEYAuX6ThMVfGOnf1-AA.png
miro.medium.com/max/1156/ 18 KB
18 KB 119ms
118ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1156/1*duTEYAuX6ThMVfGOnf1-AA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12849c25c6c0da0d847f2cf7b623e07e453378cda6c2300281b95509ed7eea47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18484
cf-request-id: 03f2e6876b0000062924a4a200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6b8ad220629-FRA
expires: Fri, 14 Aug 2020 07:08:16 GMT

GET
H2 200 1*juHB5LYmCBB4d6y3KZeZLw.png
miro.medium.com/max/1132/ 68 KB
68 KB 19ms
19ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1132/1*juHB5LYmCBB4d6y3KZeZLw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5021c68a79969825637baf2b5009a7b57f21e94b21b96f1b9b06420bd8202e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33353
status: 200
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69211
cf-request-id: 03f2e687710000062924a4c200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6b8bd320629-FRA
expires: Fri, 14 Aug 2020 07:08:16 GMT

GET
H2 200 1*b7bpW-8enMwSEyo95ZXpZA.png
miro.medium.com/max/784/ 45 KB
45 KB 112ms
112ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/784/1*b7bpW-8enMwSEyo95ZXpZA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452d38d19e26bdad506bec4a8b32b710890730e26eeb7ded9f016ad4b1436d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45827
cf-request-id: 03f2e687710000062924a4d200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6b8bd330629-FRA
expires: Fri, 14 Aug 2020 07:08:16 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
745 B 189ms
167ms Script
text/javascript 2600:9000:20eb:f000:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.54.3&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:f000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

2b38c79c01aa7b533a8c3b40910b7f1dae9288fe82c2af16abd20f72de48a6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 07:08:16 GMT
Via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA2-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-zYAPttRVYckZ4nNU9mQ7qGOZiYU"
X-Amz-Cf-Id: AlxMPrZrzGHgXI2FQjpf3XhewdZJ0ow0VCzeYM57v1if7ZEH3P2q6g==

GET
H/1.1 200
OK /
srv-2020-07-15-07.pixel.parsely.com/plogger/ 43 B
229 B 382ms
95ms Image
image/gif 52.86.1.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-07-15-07.pixel.parsely.com/plogger/?rand=1594796896290&plid=60726584&idsite=medium.com&url=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&urlref=https%3A%2F%2Ft.co%2FiLc72pPscF&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fposts.specterops.io%2Frequesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30&sref=https%3A%2F%2Ft.co%2FiLc72pPscF&sts=1594796896246&slts=0&title=Requesting+Azure+AD+Request+Tokens+on+Azure-AD-joined+Machines+for+Browser+SSO+%7C+by+Lee+Christensen+%7C+Jul%2C+2020+%7C+Posts+By+SpecterOps+Team+Members&date=Wed+Jul+15+2020+09%3A08%3A16+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=62723884&u=pid%3Dec5911455f8cb2847ab3ac4541eb817c
Requested by: Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.1.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 07:08:16 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 1*b7bpW-8enMwSEyo95ZXpZA.png
miro.medium.com/max/700/ 70 KB
70 KB 115ms
114ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*b7bpW-8enMwSEyo95ZXpZA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a18eec25c2e6b39ff29d58b7cad7113dfd7b27c5cf2020cf72c0d10a9fe22d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
x-envoy-upstream-service-time: 60
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71623
cf-request-id: 03f2e688350000062924a62200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6b9e92f0629-FRA
expires: Fri, 14 Aug 2020 07:08:16 GMT

GET
H2 200 1*duTEYAuX6ThMVfGOnf1-AA.png
miro.medium.com/max/700/ 39 KB
39 KB 112ms
111ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*duTEYAuX6ThMVfGOnf1-AA.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

763791380bc27d6a0d1a3d2b0945e983ea9184d97b48e79645a6bbb48aafd448

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
x-envoy-upstream-service-time: 65
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40302
cf-request-id: 03f2e688360000062924a63200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6b9f9330629-FRA
expires: Fri, 14 Aug 2020 07:08:16 GMT

GET
H2 200 1*juHB5LYmCBB4d6y3KZeZLw.png
miro.medium.com/max/700/ 78 KB
78 KB 110ms
110ms Image
image/png 2606:4700::6810:7591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/1*juHB5LYmCBB4d6y3KZeZLw.png

Requested by

Host: posts.specterops.io
URL: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f51abff25edc36b03b13da244ccd526254746b82c1a5a7382155db8af43c8405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
x-envoy-upstream-service-time: 79
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79555
cf-request-id: 03f2e688360000062924a64200000001
pragma: public
sepia-upstream: production
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/master-20200710-222327-2c63c6cbcf
accept-ranges: bytes
cf-ray: 5b31a6b9f9340629-FRA
expires: Fri, 14 Aug 2020 07:08:16 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
600 B 389ms
370ms XHR
application/json 2600:9000:21f3:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: afbf1f479e5c3ac7b0de1a15ae608464eeaf7d6d2b36781bd69f714bf2790e7d

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 312
x-amz-cf-id: Cu76ysrLBPH1Dr7zsi7Zm38SXQuP4IzJBFa-N5oK7VBg1nRLvIPSYQ==

POST
H2 200 render
posts.specterops.io/_/lite/performance/ 2 B
0 111ms
111ms Fetch
text/plain 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://posts.specterops.io/_/lite/performance/render

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
sepia-upstream: production
server: nginx
x-frame-options: allow-from medium.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
medium-fulfilled-by: lite/master-20200714-224550-65ed4e3f49
content-length: 2

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
537 B 181ms
181ms XHR
application/json 2600:9000:21f3:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

29448af120e665a144e60a0b71f67c3e38e462d770246afc6b32ca336886a1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Jul 2020 07:08:16 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 180
etag: W/"b4-zNf0qILyOXBZ8AqkUrHS2UZEAoQ"
x-amz-cf-id: 9wWmCCR_d2OJcdb5ATtNX-IPHp_3LXbTLmYmtKhuqczh_vaYlDvoAw==

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 164ms
163ms Fetch
application/json 2600:1f18:24e6:b902:601e:7b09:7b05:7cf5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:601e:7b09:7b05:7cf5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Wed, 15 Jul 2020 07:08:17 GMT
access-control-allow-origin: *
content-length: 2
content-type: application/json

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
287 B 141ms
141ms XHR
application/json 2606:4700:e4::ac40:ad17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~instrumentation.f93c490a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4fb1fd0918475258dedf58b5f2de365d831c23e43b137cc38a843454c84959

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5b31a6bec89ad6fd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 03f2e68b410000d6fda229b200000001

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
360 B 198ms
198ms XHR
application/json 2600:9000:21f3:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Jul 2020 07:08:17 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: ai4boeDZhK5sTglsfWYoeEOEAOUfBd03cxURVx7y-t9vP7bsd6YbUA==

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
364 B 432ms
111ms XHR
text/plain 52.86.99.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.99.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 15 Jul 2020 07:08:17 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://posts.specterops.io
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: b716fc83-25e3-450a-b096-ce9088269caa

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
362 B 184ms
183ms XHR
application/json 2600:9000:21f3:6800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:6800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Jul 2020 07:08:17 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: rItdBWU5u4X9aSu7RdvGGCqY5xdxbbgFnjQZp4qdQXShl7kopxTn7g==

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
157 B 140ms
140ms XHR
application/json 2606:4700:e4::ac40:ad17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~instrumentation.f93c490a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cae1decb8336528e145d589d9c9775c456bfdcf4726c936ce1a6474021ebdb

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5b31a6c2fb77d6fd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 03f2e68dde0000d6fda22cb200000001

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
272 B 140ms
140ms XHR
application/json 2606:4700:e4::ac40:ad17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~instrumentation.f93c490a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68f373e6c9e8b614e954a5573b1b0a24af9c8b4691be58a9ba15cdeb0e1bb5b

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5b31a6c73ddfd6fd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 03f2e690830000d6fda22f3200000001

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
272 B 132ms
132ms XHR
application/json 2606:4700:e4::ac40:ad17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~instrumentation.f93c490a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e3c5e592763eee6b6713936704a22f4332c429ab601e8948ea070a82cfa6af7

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5b31a6cd2cf2d6fd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 03f2e694350000d6fda2330200000001

POST
H2 200 batch Show response
posts.specterops.io/_/ 17 B
202 B 246ms
246ms Fetch
application/json 52.4.175.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posts.specterops.io/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.4.175.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

status: 200
date: Wed, 15 Jul 2020 07:08:20 GMT
x-envoy-upstream-service-time: 125
sepia-upstream: production
server: nginx
content-length: 17
content-type: application/json

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
272 B 140ms
140ms XHR
application/json 2606:4700:e4::ac40:ad17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~instrumentation.f93c490a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ad17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34003207796b7b6595cd89e2b51155240177be564a93bc5190c11fabad4109d

Request headers

Referer: https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Jul 2020 07:08:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 5b31a6de68a5d6fd-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 03f2e69f030000d6fda2003200000001

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.specterops.io/	1970-01-19 15:19:08	Name: optimizelyEndUserId Value: oeu1594796896033r0.33144926547597686
posts.specterops.io/	1970-01-19 11:10:01	Name: lightstep_guid/lite-web Value: 2a6f0bd636178e61
.specterops.io/	1970-01-19 10:59:56	Name: _gat_tracker0 Value: 1
.specterops.io/	1970-01-19 20:29:20	Name: _parsely_visitor Value: {%22id%22:%22pid=ec5911455f8cb2847ab3ac4541eb817c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1594796896246}
.specterops.io/	1970-01-19 10:59:58	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://posts.specterops.io/requesting-azure-ad-request-tokens-on-azure-ad-joined-machines-for-browser-sso-2b0409caad30%22%2C%22sref%22:%22https://t.co/iLc72pPscF%22%2C%22sts%22:1594796896246%2C%22slts%22:0}
.specterops.io/	1970-01-19 11:01:23	Name: _gid Value: GA1.2.1943175108.1594796895
posts.specterops.io/	1970-01-19 11:10:01	Name: lightstep_session_id Value: 7854273923bff325
.specterops.io/	1970-01-20 04:31:08	Name: _ga Value: GA1.2.103309438.1594796894

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js(Line 1) Message: -+++++= .+++++= .+@@@@@+ #@@@@: .@@@@@= @@@@@ @+@@@@- =#@@@@@ @ +@@@@: :% @@@@@ @ @@@@-%: @@@@@ @ @@@@- @@@@@ -@- #@@+ :@@@@@: -#@@@#- ## =@@@@@@@= ....... .........
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.4559b0bc.chunk.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a16180790160.cdn.optimizely.com
api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
d1z2jf7jlzjs58.cloudfront.net
glyph.medium.com
lightstep.medium.systems
logx.optimizely.com
medium.com
miro.medium.com
posts.specterops.io
srv-2020-07-15-07.pixel.parsely.com
t.co
www.google-analytics.com
104.244.42.133
13.225.78.23
143.204.101.156
23.43.121.57
2600:1f18:24e6:b902:601e:7b09:7b05:7cf5
2600:9000:20eb:f000:19:9934:6a80:93a1
2600:9000:21f3:6800:11:f728:3040:93a1
2606:4700::6810:7591
2606:4700::6810:797f
2606:4700:e4::ac40:ad17
2a00:1450:4001:816::200e
2a02:26f0:eb:389::13b8
52.4.175.111
52.86.1.233
52.86.99.254
046e3620c8a8b58ae5d94e9e24a0556cc606d25c76768ef8ae93027c59473b31
0f85707bc8a4c7303df87aa74fa3d29a716159448b03c9303c62e3b5f25a9e39
1265d92d6e3f0c63668d47dd69ecb742a6e9f8aff5300e11b26f57560f1c8068
12849c25c6c0da0d847f2cf7b623e07e453378cda6c2300281b95509ed7eea47
12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192
15542521acc8deecc31fc474956c6c78880f9d17a9d52349ced3593c9335a615
172f5b7d6aea73d3fb57d7638c740eeeff4b607a1aa0308d04b9b8f00ab49cc6
1dd42b41715639d00fdd524dae4734968e91e05abb368514929b740af942ddb5
214a4d833e9e41e47ebbee673a829fdea97f1c85afe15ee79cd691849ac28f2d
25a645467cc301174643b59e033df660f6e7cc1d73fe9377e00c23308f8090fe
25cae1decb8336528e145d589d9c9775c456bfdcf4726c936ce1a6474021ebdb
29448af120e665a144e60a0b71f67c3e38e462d770246afc6b32ca336886a1ec
2aabbc322d386dcc470d9e0d001a3019db19be943948ab7e6443d5f696a2b66c
2b38c79c01aa7b533a8c3b40910b7f1dae9288fe82c2af16abd20f72de48a6f2
2d6656287fa1325f938441be0a1343b7946a17457f95f19770a8981ce392e307
333e985d3b578d27203fad9c4175ddf9b76124226b9cdd3e85f7803657d0bc0d
35e4573d897cc4661121a204433ea50efec21a04a4829bf5e127948cda18e9ec
386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572
3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51
3e3c5e592763eee6b6713936704a22f4332c429ab601e8948ea070a82cfa6af7
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4429ba4e9f21ce1c24058e48df40eb30b2e9937a922f5cd2234f6154b9c9c35d
452d38d19e26bdad506bec4a8b32b710890730e26eeb7ded9f016ad4b1436d81
4958dd904d871f6e77aae1c8e9a6a83279d03813feedd9c5ae4b145f8cb7d5cd
5021c68a79969825637baf2b5009a7b57f21e94b21b96f1b9b06420bd8202e6c
52d861a975a784d144ad3c5362ac7fc9a83628bd517683293dd7abb4b57d363d
5ef1af223be1724c835c8d9eadc56a4f449c5e8563820119fb50456b012f97ec
625ea2773c27c0dca5ca1094cc7cbd8998c6ed71e13cc783fb3a3b1c58b02e44
686dc11a64c2104c2350191989173c6a008555af147b21bfc239666122ae0db1
69ba2efcc2922e62915dc2d11406e9571a44cc0019388955cf0742d7bece8a51
6e767be2943920ded76b37e6db4fd84b011f7d94a88d25d8ddc6b2718ee57c69
763791380bc27d6a0d1a3d2b0945e983ea9184d97b48e79645a6bbb48aafd448
7a18eec25c2e6b39ff29d58b7cad7113dfd7b27c5cf2020cf72c0d10a9fe22d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a178adec3588f6e423a9f31410aaac1cdc48bcbffc70cb744ffbdea5291b137
8e2f8549af80d61cda0e562b2e750e07fb016c08106744ac871cf546c5695cfb
988da124223b46f0769bb8180f0d83d4c19ed97676aa2e0667ab6c34e3c9a94e
99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8
a217b5a89f083304b2e6df60444781339be9b5f882aa3ceb700f823992ccaba5
a26fb182c4bdbe614059da22c59fbc361a8bcd754c9a370fdb031d16f0b29019
a32df049d0a2a3659563bfdbfd2fda563bcf8304699a950486266848c14a4b32
a373fcf6e68420792ae6977c1b7f2fe73082944f237ec333b8f45d28752507de
a383be77a07f25cf4397ac553962ad928ee1868c8307bc2d7d0ecfe805347c93
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aa8a428aa7cb6a6bb5ae95e4051e29099a49e7a33bddb8e4f4dbe8d97015fb82
af9a3fc9dfc0ec9bd6efa8065c80f43263a138256baf950f412a7e4411fcf536
afbf1f479e5c3ac7b0de1a15ae608464eeaf7d6d2b36781bd69f714bf2790e7d
b2ec2542bfe10a7d479fdcb26a8ad93197185c258f01b70134114ff43364078c
b3b4f1ce0d89e52e8e1e7e1005bd4ffd61a2124dbd2257a461520986b692a66d
b6d8ddef96bc0371c06597909b6cbc6bcf4460ed732056dee0e5fe967752b355
bf4fb1fd0918475258dedf58b5f2de365d831c23e43b137cc38a843454c84959
c1bddb1f0523fa489b6bd2caf7006b85b8a00c56735b9e946f3e4db828f42209
c51d06c0b20c19a172b8ae56ab0d81b6ec7b57d177c5784db4a31cdba2ecd070
c68f373e6c9e8b614e954a5573b1b0a24af9c8b4691be58a9ba15cdeb0e1bb5b
c71cc812486de4a7fab37b5c5a7e36fa5f64585d13d52194ac8d4c64473fc363
cb31d2d43efc714642919af84920177170837267c64a8fd3cec95889f83cc276
cb91bc1ffe2a96e1c79f14ee6db2ab866dd62937828d2dc8df78b5ed5d7fff47
ced73b0f46b99eb9ff844aec40e2276202b7609e0996172cb162ed4ff1499f6d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d34672da973f2cdee5b2a48220d527acec94ae29986f7c419dbbfe60f24b1e
e919c7b9ec630bca6dad32d2a5366ef4677b6631e1861949f8043fdd93815a81
ea179cdb518afa540607782a9e3b50fd3f0d94a492672495032d9469b659c350
eb371f9d211b8e2c6189e92b52d6364d26e070bce1f6cbb031ca44aca807fbbb
ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f34003207796b7b6595cd89e2b51155240177be564a93bc5190c11fabad4109d
f51abff25edc36b03b13da244ccd526254746b82c1a5a7382155db8af43c8405
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62
fcee0b1efae1eee7be1fdf58776be9a2096b3b8a3df81929c1e35e4303c3b717
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd6872d502a54295d6491cfcfb488378a4bb21cf97524595b14427d9643e3000

posts.specterops.io Open in urlscan Pro 52.4.175.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

82 Requests

100 %HTTPS

53 %IPv6

11 Domains

17 Subdomains

15 IPs

4 Countries

1199 kBTransfer

3159 kBSize

8 Cookies

47 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

posts.specterops.io Open in urlscan Pro
52.4.175.111 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

100 %
HTTPS

53 %
IPv6

11
Domains

17
Subdomains

15
IPs

4
Countries

1199 kB
Transfer

3159 kB
Size

8
Cookies

82 HTTP transactions
4 data transactions