Submitted URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Effective URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Submission: On June 10 via manual from IN — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 85 HTTP transactions. The main IP is 162.159.153.4, located in and belongs to CLOUDFLARENET, US. The main domain is timurengin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 15th 2024. Valid for: a year.
This is the only time timurengin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 162.159.153.4 13335 (CLOUDFLAR...)
1 38 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 162.159.152.4 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.68 15169 (GOOGLE)
1 108.138.26.113 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:244... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
3 2600:9000:249... 16509 (AMAZON-02)
85 11
Apex Domain
Subdomains
Transfer
58 medium.com
medium.com — Cisco Umbrella Rank: 12402
glyph.medium.com — Cisco Umbrella Rank: 23863
miro.medium.com — Cisco Umbrella Rank: 18176
cdn-client.medium.com — Cisco Umbrella Rank: 25861
1 MB
18 timurengin.com
timurengin.com
46 KB
4 branch.io
cdn.branch.io — Cisco Umbrella Rank: 1111
api2.branch.io — Cisco Umbrella Rank: 1281
25 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
1014 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
253 B
1 app.link
app.link — Cisco Umbrella Rank: 2509
634 B
1 gstatic.com
www.gstatic.com
205 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
93 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009
7 KB
85 9
Domain Requested by
38 cdn-client.medium.com timurengin.com
cdn-client.medium.com
18 timurengin.com 1 redirects cdn-client.medium.com
13 glyph.medium.com glyph.medium.com
6 miro.medium.com timurengin.com
3 api2.branch.io cdn-client.medium.com
2 www.google.com cdn-client.medium.com
www.gstatic.com
1 region1.google-analytics.com www.googletagmanager.com
1 app.link cdn.branch.io
1 www.gstatic.com www.google.com
1 cdn.branch.io timurengin.com
1 www.googletagmanager.com cdn-client.medium.com
1 static.cloudflareinsights.com timurengin.com
1 medium.com 1 redirects
85 13
Subject Issuer Validity Valid
timurengin.com
Cloudflare Inc ECC CA-3
2024-02-15 -
2024-12-31
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2024-02-16 -
2024-12-31
a year crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-05-08 -
2024-08-06
3 months crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.branch.io
Amazon RSA 2048 M01
2023-09-11 -
2024-10-09
a year crt.sh
*.gstatic.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
appipv4.link
Amazon RSA 2048 M03
2024-03-25 -
2025-04-22
a year crt.sh

This page contains 2 frames:

Primary Page: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Frame ID: 42C4A5BFF366537F77BCB6AFEFBE5F33
Requests: 84 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp&co=aHR0cHM6Ly90aW11cmVuZ2luLmNvbTo0NDM.&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=b2aw4fxbvs0u
Frame ID: FE73FFA0C6515059D0B99034C992A343
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The anatomy of a DCSync attack and how to protect against it | by Timur Engin | Medium

Page URL History Show full URLs

  1. https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316 HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Ftimurengin.com%2Fthe-anatomy-o... HTTP 307
    https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

85
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

11
IPs

3
Countries

1619 kB
Transfer

4016 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316 HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Ftimurengin.com%2Fthe-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316 HTTP 307
    https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
timurengin.com/
Redirect Chain
  • https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
  • https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Ftimurengin.com%2Fthe-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
  • https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
148 KB
34 KB
Document
General
Full URL
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8fccd0d8983514e24e869acd27da546ce68678d8391a8b7cad56730f61fbd52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8919fc246c031d8e-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://medium.com
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 14:17:26 GMT
link
<https://glyph.medium.com/css/unbound.css>; as="style"; rel="preload"
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, lite/main-20240610-090440-1ebae99da5, rito/main-20240610-085433-1f59e6950b, tutu/main-20240610-120748-57091d757a
medium-missing-time
236
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
346
x-request-received-at
1718029046567

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8919fc22dcfe6915-FRA
content-length
0
content-type
text/plain;charset=UTF-8
date
Mon, 10 Jun 2024 14:17:26 GMT
location
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
1
x-content-type-options
nosniff
x-envoy-upstream-service-time
19
unbound.css
glyph.medium.com/css/
19 KB
0
Stylesheet
General
Full URL
https://glyph.medium.com/css/unbound.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
114
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=7200
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc21fa7a5c32-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 10 Jun 2024 16:17:26 GMT
0*oG_8tPjXBUvJhTzt
miro.medium.com/v2/resize:fit:720/format:webp/
11 KB
12 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/format:webp/0*oG_8tPjXBUvJhTzt
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89ed575a512e0f253065de58203e51e59122ad5305205544db73ce4ca638190
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
82024
x-envoy-upstream-service-time
239
content-disposition
inline; filename="0*oG_8tPjXBUvJhTzt.webp"
alt-svc
h3=":443"; ma=86400
content-length
11534
x-request-id
25bf8126-c592-457e-b623-0629a5556172
sepia-upstream
medium
server
cloudflare
etag
"YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjMzNmM1YWFhZmYzYTk4MmY2ODI4ZDQ4MDJjMTRjZTkzIg"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20240524-181611-fb0697a384
accept-ranges
bytes
cf-ray
8919fc27c8ef5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
manifest.2e9508c2.js
cdn-client.medium.com/lite/static/js/
13 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/manifest.2e9508c2.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4cddc0926fc6a7e8d6fbcf7ce70687152f5497122c32a3b9f068d72b5cb847
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
Sihmie3yAENgJ5n80GmEmmPk6iNUWgVI
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
450J05VBWX0N0VM6
age
18082
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ARKj3YMxeDGmj38oRWM28LN3Grsce4RCXxKiQ02eFQA5XScNaO9uTtt7X6mECFnwmS/C0C4qVf8=
last-modified
Mon, 10 Jun 2024 09:10:42 GMT
server
cloudflare
etag
W/"8ee771b8e635613730606b8df149c216"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc27c8ed5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
2640.3217006c.js
cdn-client.medium.com/lite/static/js/
652 KB
204 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e53bf25943edec0a2663f840a87906e1fe6ca9146657ff7f7aab7221c6a5bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
qouFjdhBhXw7VOX_P9INyPUqk0U8Gve9
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
G7GWAG17RV089PMX
age
365562
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pYONYEsrc7CcK0tedR686lNWEPZ+YjiHTl5gQnBrKflvr2WY56r09/dzNn9EFHOX5C3udtZR/Gk=
last-modified
Wed, 29 May 2024 14:37:57 GMT
server
cloudflare
etag
W/"385d941d17bab9e98b527991bf919197"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc27e9025c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
main.c185212f.js
cdn-client.medium.com/lite/static/js/
776 KB
185 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/main.c185212f.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f61b7962bf20d6eb800d6dba3db091cf4826b23be35a07bd527de416bd3b0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
vA0nL0nn0DtCt_eLOLLkUYdjuxvdRri3
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
450Y8QYW34H2363Y
age
18082
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
eAh5nw3MMJHo43ihK4qBLn0iNLH/SHyUox5U68rQ+01qx3jX4C8dGcgv9TCxh+wbspST2cJFkt4=
last-modified
Mon, 10 Jun 2024 09:10:39 GMT
server
cloudflare
etag
W/"61c12187c315375be266077aef2e9886"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc27e9035c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
instrumentation.4ddbf12e.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/instrumentation.4ddbf12e.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd54632c13105eaefede7c6fe85aa1443d0aa552835c76f075fd1c586386092
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
rMqkPVNA2E7XmXuqBKyIJ4v22fap13vu
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
0HXG10X1PN31YAWZ
age
862899
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
S2TdSYkig6/JKcFroH1dHqyvyVQBCk9Ja2GG5rBAUPrgWqPcZc3h9lgLuUmuP8wdZrGHsbd/Cik=
last-modified
Mon, 13 May 2024 14:24:46 GMT
server
cloudflare
etag
W/"b7cdf4487e98a5ccb283f3edf8a4019d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc27e9075c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
reporting.2021fe63.chunk.js
cdn-client.medium.com/lite/static/js/
1 KB
942 B
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/reporting.2021fe63.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
EAFtMMjOBNpoIMOAp_mjLfH0fLlmjqvd
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GV4RFK8T778MPWRB
age
418634
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5O9oMi95fSwEDWCCoW/zAbpOECZr9PABcx2Hl854ytyXkFtFOiINgxMvNUEYKVN/c30Ona2aU9I=
last-modified
Fri, 23 Jun 2023 16:13:42 GMT
server
cloudflare
etag
W/"4f45b39c86a2eb9ca7068099b34d3af6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc27e9095c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
4398.db4d4378.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4398.db4d4378.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b283a69fdffec5aed19ca2a40b67f490744d4e28d1b41b14f78c7c3ca85304
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
nD1Ekxpw41hmPZGu8aCR69Fn6l56BS19
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
710GYJMZMX9T7NGZ
age
423273
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sjqpdMVqjBfESWRs5xhG/mIWiF7BOMIkvwN/mtgjm/eW0hArhYoO6C+eqOMXw5Mx3WX33F6rPgg=
last-modified
Wed, 10 Jan 2024 23:43:40 GMT
server
cloudflare
etag
W/"2a9a8cc3a5c7456e93ac9fd0734d8562"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc27e90b5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
7883.0e445e04.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
10 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7883.0e445e04.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e45ce783ff6f2159c09545f4a3a53cfd8aa6588e53ab2e3dc894b69048128e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
Xo3CN7D2L9evtWunaTa_wVLneZe0Q4Yq
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
8KYM4MHTQKDCMD9W
age
733016
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fNZkOgaWJrlpH87uGAnN1GiWmY4r91pQ73zYpJWJeXH9JNggIbCrlNcDD1CLQdZ0wr9pFg8HI5M=
last-modified
Mon, 05 Feb 2024 14:32:27 GMT
server
cloudflare
etag
W/"ff460fdd31cf043a5b0c5480db3156c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2809295c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
9281.e9be8bce.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9281.e9be8bce.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30251f4e625a346addb5cd29524310cad04a944b047d53d00e0bd15f0dcca25
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
ZC099pBtAGAPaBMRHC22KXEADdiotpwP
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
D0NH4C9DTFG2FHKW
age
430425
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
374LUte9WuAG6PjD3XX9QlKbRptG0+XpBg+MSeUgYSvt7pKy9/s1byCEn4FbSLufMcVsBgRqpeo=
last-modified
Tue, 09 Apr 2024 19:40:27 GMT
server
cloudflare
etag
W/"d036e5d86dbf699f79f51c8a9dc04532"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28092b5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
7111.b294e9da.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7111.b294e9da.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4676e26ad5d634cbdd30255199fed758b31a73b63996fb2d8033b53c453fb90e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
E2kjKIfsg14a1qWGfN0mLUtE2M7_WLBz
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YF80AJGR8RV77PH0
age
1116597
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xnqJSfUfLEcVyVm2WBHZURkkmeSf33QHCyGdl4hwJvSzGUukS5x66OTTCuFoQ3aFR4qWJaMURac=
last-modified
Fri, 24 May 2024 16:51:01 GMT
server
cloudflare
etag
W/"31a2d116dcf70bdd2b8952f888f16c45"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28092c5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
6481.362dec70.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6481.362dec70.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164d22a531e5889fd654ddd1b5014e47c3c277d9baae8e299387597418722cec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
OQ1jH6pbczGkylNCyKNchdt91HyTedyF
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
G7GR2D8DF6F3NP71
age
365561
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
g6el7nIJ3KJlAQ4B0FQDYSLZbN9LcvuEDw3maRSbxTW7wANCUUEAl6tu3G3pU8JPBQiGZRzicHY=
last-modified
Wed, 29 May 2024 14:38:02 GMT
server
cloudflare
etag
W/"3799207a61beb04ef00631a54b0114dc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28092d5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
8695.6f58679b.chunk.js
cdn-client.medium.com/lite/static/js/
15 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8695.6f58679b.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0fe3ba943eaa74f75c754a98818a6fe066839aa02a1d6f2b654b1d6d8a778b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
LK7Ol3MNhRS4Vl_hN_LlG5NnMGnb31oL
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
P96058MDWW09A7ND
age
336736
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ZRRcpwVaMdMjyw+1OZ3gcRjxHh4IUOYCG+M8U8hXRfHDxMHi4aPdLfFI8eWJYBL/NlcF/CyCXg9Z2myKe9130XpaToGbBRSX
last-modified
Thu, 06 Jun 2024 15:54:15 GMT
server
cloudflare
etag
W/"73f38183234a590a97928773301d5ca4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28092f5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
8978.4b110123.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8978.4b110123.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbf3a093ebd491bb3b6bf61f26ab7d136b4e839fbbeeb7034621b65d2ffacc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
RJse79LZh2Ea7s9c3XX35BLShz6dh5ov
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
P964MA3K471PQJ6E
age
336736
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lQ6pYEsQxTU3p1pXqiwZCpu+HWNEral6Go2S4F6DJg7DTI3KqKJSoBs7dHRiiykHJPnioJMS1GY=
last-modified
Thu, 06 Jun 2024 16:06:59 GMT
server
cloudflare
etag
W/"d63fbf46686e797089ce12cdab41d227"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2809305c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
3418.eb013b5a.chunk.js
cdn-client.medium.com/lite/static/js/
33 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3418.eb013b5a.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d13e1fdcda3e5fb3144c21c24bf60c7cfa4f8ff63d1358cfbab24a80f1a5b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
udxrpW9fhjCuUZxuj6I2ZLDTo7nIATss
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
9KAP6EK4G7PRWX83
age
871389
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rzbUEwv4rwTPvMuVq6/CTgfldomTYoLiRm3dmy+2jqBleZKsFUx/N0QaR/xQClS0tyLY99S7GlE=
last-modified
Thu, 16 May 2024 13:24:31 GMT
server
cloudflare
etag
W/"7b964db49a6e90208da33e36eafe8ac0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2809335c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
3894.e3d01e2c.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3894.e3d01e2c.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f946277d2c1f664978f48b1f986d8461d287f382afe7f086f3c8809506754426
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
16LlL_JRPKkV4l.NVpcp1pwvbR6Wq0Bu
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MRHB5WXPEMKXDCKR
age
598615
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CVD/y5iXrlM++t3Flga4VVU3FpN+xUHNkkVqqR6wep5NeDEx1qMkMaZ4LVug6ld1MmvWzfB5QABlDPGLYqjDtNBf9Adp0+4Z
last-modified
Fri, 31 May 2024 20:40:31 GMT
server
cloudflare
etag
W/"da600c35d99a242ab08ae1c2b13c7e7a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2809375c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
5514.32e692f6.chunk.js
cdn-client.medium.com/lite/static/js/
41 KB
13 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5514.32e692f6.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e771d1c92d58d80f69fc1439c6075be64fa3fa8e29c4034d4f322e03bb85f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
YXlg6Uzg64rel7OIjxOuCqMdfpEhg9m3
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
P71D20ZF1F9ZHSQS
age
935931
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
90TS37cmpF0BHa8nx5zK3sU/aBsmKWtrTnQywZU8PZbSxq3DNFXMh5JqoUpvJQxfP4O/AMP+UM5/5pb1I5vBMyWMOLXsrQKOTy3et172UsY=
last-modified
Tue, 14 May 2024 06:10:29 GMT
server
cloudflare
etag
W/"7d73ee1bc1fd4ae6d7cc77d53c6f8b71"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2809395c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
5203.e7f058c5.chunk.js
cdn-client.medium.com/lite/static/js/
17 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5203.e7f058c5.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c257f945b1944daaac2482525763db5e4a9de6dc850e0f9913284a9e37f4143
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
ssiDgyppHcytZIcmChr0o_HVKLraYUhp
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YF84YTHESSEA93BT
age
1104899
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
o2dzIoS9PTz1VohZbh0VrLVFkdIMu4rkYUowztrwDG9AmhNpwCBFMyu+4MhVK8/c+ZilWY6d8X8N9ILTbCy1i1flpmZO2Nqyr7RoHbTSqXU=
last-modified
Fri, 24 May 2024 16:50:58 GMT
server
cloudflare
etag
W/"89b05f3b96526d956f4dff206adf088f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28193b5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
7098.93054372.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7098.93054372.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c458a3e54a0769df1bab5ff6f1a2ff3b7c0f02babab54d795cbfdcbce1b3c01e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
9yLOCUjyvaBGdBOHllc2Ncr.t85Fkp7e
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
P713Y9MR6S6EFZH7
age
935931
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ctCPhUVt2LMIllcKh/Fpbds33AS3iREFyT1948A7XcH7s8DLWdjrn2cJygqWBZGWVb9y9nzWMm/+X7siTwivxHLOVL/KVuW3hk2kI5jD/yg=
last-modified
Tue, 14 May 2024 06:10:30 GMT
server
cloudflare
etag
W/"0d067984c15e3b46787cf4395e8b5932"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28193e5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
8051.0a9d3f4b.chunk.js
cdn-client.medium.com/lite/static/js/
19 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8051.0a9d3f4b.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d51bea7f29bd4033e201414dd2a08ed0d49a6203605f541c84d4e9523418c225
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
wd2zGcxHlN1KeLtPgQYmD8Wcr1D62y7K
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KS493H6769A5CWTY
age
259981
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KeFHnuZRmpHZZpcjP45p0RLGZdSplyHHbQbENOqYtB3H092qfhRB4Xxd+r2wgsU6affZgJJlB5AMZw1yYFSBnMQewMAS0vSc
last-modified
Wed, 05 Jun 2024 18:28:23 GMT
server
cloudflare
etag
W/"acd0843143205aad55f5fa5ace640234"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819405c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
8558.abbaadfd.chunk.js
cdn-client.medium.com/lite/static/js/
75 KB
19 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8558.abbaadfd.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8f3243d0e03a16231ab0e8e7a461f509d8e7aefa07d713b33ab346f562abd8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
ujzT3QI00xQ4BXWEyHellSecFyvh5k3X
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
8KPFA05Q5BQEXWM2
age
255497
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cgKLFlyWDBFWZ5dlARJJ8hObUhmk6tJfn1/OkQ8DjIPtLELLP9pLZIyMeC8KILA7pxUNhydwAJs=
last-modified
Fri, 07 Jun 2024 14:47:41 GMT
server
cloudflare
etag
W/"f06719d09dfaaf41859ff2f287f7889a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819415c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
1711.7605eb3e.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1711.7605eb3e.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed75f86c5ce7754fc0e87b124e5ad23af369acc5132f5228a2ebfaf03ebcbfe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
_TbKpYlRiJ5bp9.znRIMmz9_xY_kxDm7
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
PW9X2X0PFCSXY30E
age
935932
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WIWZQAuZdcsH2/AJ2F6tVMW60Vsu4SN4kVHYkCs8XeTwiq+tJSps1EwrwhmieBzcAKPua/WLThU=
last-modified
Tue, 14 May 2024 06:10:23 GMT
server
cloudflare
etag
W/"5d92048ed08c83f8ec8c3c2848f48152"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819445c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
8597.762eae49.chunk.js
cdn-client.medium.com/lite/static/js/
34 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8597.762eae49.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9f3e3dfa1587611468ec13c87fba041457108251a2f28b2d3f5594145f2ec7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
AwyQ.ou50w0diQC3p7YipueJYt.WI66A
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MMPJS6G00F5A8867
age
259981
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l5AaewIroIjAXEIw093FADDFX31Pk+LvKSwa/Xie6i0DRwaULQbH1QRJ5dPxXj+nNt62Mo65Ug7sCxgtWQoOUQ==
last-modified
Wed, 05 Jun 2024 18:28:23 GMT
server
cloudflare
etag
W/"750b030f7f939a6b69c3d438126d70b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819455c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
9174.b1b0f607.chunk.js
cdn-client.medium.com/lite/static/js/
106 KB
26 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9174.b1b0f607.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e91d860b59a30eeac69682f675aa8affd64a2fb72029e67b073532d454800dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
iLwJEABkj2b4cp40ij0e75HtEWKt2GAg
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KS43TKT4Y3P1888X
age
259981
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fHc0Kz3qq1j1rEVI/m/PQiPCzk8T/Wx27uRJ3rgU3HpdRjmLzcRytccSDBZLPmBO5pGd2Q8oU1U=
last-modified
Wed, 05 Jun 2024 18:28:24 GMT
server
cloudflare
etag
W/"d6696146d68988070e67a4f5605660ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819465c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
8883.2f95bbf4.chunk.js
cdn-client.medium.com/lite/static/js/
30 KB
10 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8883.2f95bbf4.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04eebb17f99d43de75394a48bbe764a9202ba64812a5fb995d4c9337873e62b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
eahwmCiUdlIDTn7K_8sSJ4RAuAgixT2l
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
PW9JRB102Y5EGR04
age
935931
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
blwPvi2SBmZfVOLGls+wP9cZ3NsJMotTrswtB31qflg6EIPL723+bLzOLjjKDu3D70gGPdEmaJ/uD4QIDY4Kkw==
last-modified
Tue, 14 May 2024 06:10:32 GMT
server
cloudflare
etag
W/"3a3cfcc133bf69ba8ab269f9023200e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28194a5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
705.e5898c57.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/705.e5898c57.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907039974c2c52cf9a6776353bdfa72bb1aac218544fb7cad78ecb6e9d2cc4e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
whb7G9143x1oPlPcDaYgWDDWBqA33Mcf
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
G7GYSNSE48XJE699
age
365541
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
eH62EvI6bK2w9UQ1bzbxtVsDFKKNw6NoP6s+ICLr3cMdqYMn+XCdhTW+btEP8R0fyuAFWoyUMXk=
last-modified
Wed, 29 May 2024 14:38:02 GMT
server
cloudflare
etag
W/"fca43a51eaa9dd09b959bf3b0333e2db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28194c5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
2911.e467316c.chunk.js
cdn-client.medium.com/lite/static/js/
12 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2911.e467316c.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25181b62cc6c5c33512c81ad3f5332c198493c995ee3d8d65b5e5c97a167144
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
K2Q9EvvXpmj5HNWF85_uAzX9rOEhCGZF
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6QE5K0QYTX4HADJT
age
23899
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BDXm3qkhE0z7zUIo/Cp58AcYcrP+lZBNJDP8VvcPvVG/CsFDYsvU4csDObsRyFNDpYQ5u5oqlCiKUZVEcS3roNfEW1VZfj7Uy9JVZVfaUto=
last-modified
Fri, 07 Jun 2024 14:57:18 GMT
server
cloudflare
etag
W/"412fa16ab43b3f7a37483a9461b93d5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28194e5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
8580.feeb2549.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8580.feeb2549.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
zzAbVdzU1EHaoBWemZXYawSAaPKOliQq
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CVDXW2ZGRRZW8RPG
age
1019006
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8+iN6W7H7MsTkXDNvzxacUh1VwoxkU/FbKqE6kP0wzu5dm55IYrp6t8RRVSskYPQ6e0fhhlk8Qc=
last-modified
Thu, 19 Oct 2023 20:38:14 GMT
server
cloudflare
etag
W/"807d78fe3a15361dfb7d56b056c4ff12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28194f5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
6046.f9be485b.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6046.f9be485b.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
806ff1a7e5be16f7da7ea06a745c2b53ebd0f945c019b410095598af64271035
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
0_Vn4xVFZ352xWQ1tzX5OTAFkS2JUuWa
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
90SSSYQC8QRSENRA
age
257499
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Ge08vIU8SUopH0mtjw4bPPyXZgbGEB2dN5c5wFMSr24vmUCr8PPYuj97z7630lZlOJZxNmSWShA=
last-modified
Tue, 09 Apr 2024 14:12:43 GMT
server
cloudflare
etag
W/"c861691b79d5daf39e5466e7a37fdb78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819515c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
500.d5389c14.chunk.js
cdn-client.medium.com/lite/static/js/
46 KB
15 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/500.d5389c14.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50bf967f6a2d4f6ea005179a472f8d278e24cc8e5b6cc70f974bb193f845d0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
x00UEo8UgTApCL3kKV.wmWrhzBR.cmHW
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KS42K8CCDWAYHDDQ
age
259981
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IwZZgXQ/68O13rx+2BMScqYQntc4XS+ioG9V39jasvHl8BBkwGJ6nWQv0vJhxIiyZTpi54V9oLA=
last-modified
Wed, 05 Jun 2024 18:28:19 GMT
server
cloudflare
etag
W/"01674480a940d0a1f330f1d434a1f55d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819535c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
9408.22b56993.chunk.js
cdn-client.medium.com/lite/static/js/
19 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9408.22b56993.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65709458fda67251b1ecd9b72e14237457475b2f8b3cd657088f37f97e3af4cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
cWPCPTxZ4oLqjSA.n_eDNuy_AX7JcotB
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
0EEAF3Y8XA5B1K6V
age
598615
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hGsnQZ9cbHsx7rRjNiwmFyOYP3Grwm5ZQvgW+IT+9XclQEAbLiCDNbZ0+sxpBNSQK0sOjaBtGg8=
last-modified
Fri, 31 May 2024 20:40:36 GMT
server
cloudflare
etag
W/"d54247b9c12a19ac0a5aa0173e73be73"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819555c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
6605.84e81b15.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6605.84e81b15.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdcc2fc364294f2d085517c4a3cbc74ba496b2755f6a971813a6d9faf052d776
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
WlMpWRuAPHQ42f150ntsZh022kw9wkR2
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CNVT9Z9FDWAG9PFD
age
422266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AAqtkeYn/n68p6aV3xFkAVJwup5n6XAjzeIfbay5iU09PoRh4khqPmE1NmdV0r7ZHLAG6y5qnqQ=
last-modified
Wed, 24 Apr 2024 16:27:27 GMT
server
cloudflare
etag
W/"902b48e179868b274d1be58d4fa06015"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819575c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
6637.661bd7cf.chunk.js
cdn-client.medium.com/lite/static/js/
36 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6637.661bd7cf.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80706484b7c5fe5170639c001287c543d5958134c6b2d9a1d8d9c95c980771d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
DNRojazMK.lRc4O0XL9mdJAseF.NWUxX
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6QE89PBHSSKF63V8
age
23899
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KCvCiLpfCFN3vVs2JXrG8b5xzKnqeLXA1DOQOmMH/GCKiksqev+ahG0wdwd97xkoNWuPzOW+d5w=
last-modified
Fri, 07 Jun 2024 14:57:21 GMT
server
cloudflare
etag
W/"0c5227140208163aa0fb8ab9a4220b6b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819585c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
7421.3f94f5ea.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7421.3f94f5ea.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17274971fa3ac182df06276ac2ef7c98add2b2f17e9247145763334b4f5468cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
rxA8oRyIrw214l5JNS0od_ydV29pbj2L
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ZRV2F13BNKA014X8
age
505702
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FFZ3RtDHgP9HB5fL3HQ0exKAlmM30tpjqGvOeCpZIi7fzruZbDz1mKXEJOoGrL4asv+6kQQg8iM=
last-modified
Tue, 09 Apr 2024 14:12:45 GMT
server
cloudflare
etag
W/"30321ceea236ffc21f79407e9c690f05"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819595c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
51.d8fb2684.chunk.js
cdn-client.medium.com/lite/static/js/
17 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/51.d8fb2684.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c43acf2ee08d93154adc062d0b124da42a3345d6c43abef7a830708b956433
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
dPdZwY3kd2SjSzcVLPbi3mcZCMUucUdN
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
P71403W34NF6T13S
age
935931
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
14ywKtQQNnAK6gpsbujZh9WvJNJkIE8DOIjO49NbXHM5W/7bcuTzLyFk4qnfQVG7myb1nxbyqwU=
last-modified
Tue, 14 May 2024 06:10:28 GMT
server
cloudflare
etag
W/"c8f51214a9b99f0c55dfb4870cbf50bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc28195a5c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
2133.c8ba56b1.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2133.c8ba56b1.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b45de7fbfcd80d76825dbe2c35a2e568ca9b73199fb4612bcadd0868e0742e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
V3N6wfPnOqpya3S04_O734JSRuP3ZUZf
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6QEAX826Y8MRSJBE
age
23899
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Iu0WKU13DM+vMgorT65pPJnZetMZH3ycMweo48qt0mE4rn2JWcnf6Zb6x11FFhX4XsN5GvUi7VVCbdVeUX4fwAOpmOtZUDm1RTlUC5upKDE=
last-modified
Fri, 07 Jun 2024 14:57:17 GMT
server
cloudflare
etag
W/"22665f95480632e71721083aef6602aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819605c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
PostPage.MainContent.36cfba62.chunk.js
cdn-client.medium.com/lite/static/js/
149 KB
35 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.36cfba62.chunk.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0217bbce271902205b24557e2422d222f76a999060452a305afaa27744d3f28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
4MB.kRa7F0YL56QUDLRB5jzm6EZ9TGH5
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6QE694FV93G5CMPQ
age
23899
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hqIbt8deZAb+ZRjgEE/zW82YeTEDhm0ZuvZQrCPF2bQrzTl/AlonTCK8rXyt8xWTNeVetAecMsY=
last-modified
Fri, 07 Jun 2024 14:57:34 GMT
server
cloudflare
etag
W/"16030650455c70c00db8c6276de604bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2819625c32-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8919fc281b818c4f-FRA
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6444027
x-envoy-upstream-service-time
39
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e6b3624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6613411
x-envoy-upstream-service-time
85
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e6e3624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
12 KB
12 KB
Font
General
Full URL
https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7671369
x-envoy-upstream-service-time
80
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e673624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
12 KB
13 KB
Font
General
Full URL
https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7671368
x-envoy-upstream-service-time
101
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e643624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
source-serif-pro-700-italic.woff
glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
13 KB
14 KB
Font
General
Full URL
https://glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6384343
x-envoy-upstream-service-time
31
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e723624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
7 KB
7 KB
Font
General
Full URL
https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7676239
x-envoy-upstream-service-time
31
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e6c3624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
12 KB
13 KB
Font
General
Full URL
https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
503122
x-envoy-upstream-service-time
65
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e693624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
18 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7680871
x-envoy-upstream-service-time
45
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e623624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
55 KB
55 KB
Font
General
Full URL
https://glyph.medium.com/font/76c214a/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2dcb49178e613d7c504bf451d47354109e9dbd3cf5ad3c9e87896005398878
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7671352
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc284e5d3624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
423266
x-envoy-upstream-service-time
51
content-disposition
inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc
h3=":443"; ma=86400
content-length
1310
x-request-id
716855b3-79a7-4e20-9124-a7052843c164
sepia-upstream
medium
server
cloudflare
etag
"qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20240226-230532-797fb80223
accept-ranges
bytes
cf-ray
8919fc2829f21d88-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
1*4lEtCEg7aYYa63hFmPy06A.png
miro.medium.com/v2/resize:fill:88:88/
14 KB
15 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:88:88/1*4lEtCEg7aYYa63hFmPy06A.png
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1158d4879a0a44516c6f0dbc2e271a303cf63debb43a68479886a61de7d3b820
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
204
x-envoy-upstream-service-time
176
content-disposition
inline; filename="1*4lEtCEg7aYYa63hFmPy06A.png"
alt-svc
h3=":443"; ma=86400
content-length
14676
x-request-id
65718e3e-8020-4473-882f-b18c2c7b25b3
sepia-upstream
medium
server
cloudflare
etag
"9ivaNyhTKaKecaYmZr68Fn9V98S0df7YQu7TMR33mwc/RImUyNTEyZDA4NDgzYjY5ODYxYWViNzg0NTk4ZmNiNGU4Ig"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20240524-181611-fb0697a384
accept-ranges
bytes
cf-ray
8919fc2829f81d88-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
0*_wCRVD0IPAbpJPEt
miro.medium.com/v2/resize:fit:640/format:webp/
21 KB
22 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:640/format:webp/0*_wCRVD0IPAbpJPEt
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e9cb4bc089bc3fe60f24ca2fcea18c1ed003e3ca64606fb05ec98524e92cf0
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
82023
x-envoy-upstream-service-time
155
content-disposition
inline; filename="0*_wCRVD0IPAbpJPEt.webp"
alt-svc
h3=":443"; ma=86400
content-length
21590
x-request-id
e415508f-6943-4628-bb5d-9ecba103d453
sepia-upstream
medium
server
cloudflare
etag
"5XwRHYwIENFFMN6XE5PEtPy8tbvGeXuL8hHOqeA6hfc/RImQwYWJjODQ5ZWNhOTBmOTU1YjQ4MWU0MjE5MTFmMTZiIg"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20240524-181611-fb0697a384
accept-ranges
bytes
cf-ray
8919fc2829fb1d88-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
/
timurengin.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://timurengin.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c185212f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Medium-Clientele-Client
lite
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, clientele/main-20240524-181611-fb0697a384
x-envoy-upstream-service-time
11
cf-ray
8919fc2bcea08ed0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
2230.c546f16c.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2230.c546f16c.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2e9508c2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
xWJf__tEGtfK6SYsYt3.b.Ctl1FYrL2e
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
85VJM3V314JWTXB9
age
427460
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IXegUsVJFiW8N+jvCGcJMQ1i6PcaEnHnJxbGIZONqSETfXpgtrH/icMHvmv3j5tlIcMaDN6EdDk=
last-modified
Thu, 19 Oct 2023 20:38:05 GMT
server
cloudflare
etag
W/"5b5ebdea4bda0086b419f1dc8ca91a75"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2bcfd41d88-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
/
timurengin.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://timurengin.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c185212f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Medium-Clientele-Client
lite
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, clientele/main-20240524-181611-fb0697a384
x-envoy-upstream-service-time
14
cf-ray
8919fc2bdec38ed0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
GiveTipButton.7844a2d2.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/GiveTipButton.7844a2d2.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2e9508c2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
5wxFaPBbZuXVEH4zg8t9Fz46CDAnJYq7
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CJ62WD4Q898WG2EE
age
418639
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IVrWCYWvwXUgDj1tmKZOMMZcJjtCthP1H7NnYiTCimppg9Qh9Ql3gbG9sRFoViGi7SUAprzsTug=
last-modified
Thu, 19 Oct 2023 20:38:24 GMT
server
cloudflare
etag
W/"c9d3c6b5a486ea6dcc919c927917cf19"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2c58bc1d88-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
13 KB
13 KB
Font
General
Full URL
https://glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/gt-super-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7671380
x-envoy-upstream-service-time
29
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc2c8be83624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:27 GMT
js
www.googletagmanager.com/gtag/
266 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0e3470c4da29d659d1cdde3643aaa2bb2e5b465e8e6c625720e34fbc828217f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94617
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jun 2024 14:17:27 GMT
enterprise.js
www.google.com/recaptcha/
2 KB
1014 B
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
9493d9db3fd1444e38237f37c4eee6fbb3e5fee3bd64bab9b906c122e2f92f33
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 10 Jun 2024 14:17:27 GMT
branch-latest.min.js
cdn.branch.io/
75 KB
23 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-113.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
content-encoding
gzip
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
date
Mon, 10 Jun 2024 14:15:56 GMT
last-modified
Wed, 10 Apr 2024 21:44:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
91
etag
"f4ec9657a3dc111d088e2eca7b9796a4"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
23431
x-amz-cf-id
7s9X2WrSpiGAWG0Sm49KNg8Pa0yTmTI49rS7-2h_e7XnE6kALBRgZg==
5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/da:true/resize:fit:0/
300 KB
300 KB
Image
General
Full URL
https://miro.medium.com/v2/da:true/resize:fit:0/5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
Requested by
Host: timurengin.com
URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
423256
x-envoy-upstream-service-time
149
content-disposition
inline; filename="5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74.png"
alt-svc
h3=":443"; ma=86400
content-length
306868
x-request-id
4e0998d4-e9ba-4e7e-a3ec-89e403f44026
sepia-upstream
medium
server
cloudflare
etag
"_89iZTbMWFrDAXoszgLV1LA1pq4J7sBwEDXleeW4l1U/RIjIwZDEwN2Y4NjUyZGRjYWYzMDBkNGYxNjllNjMwODQ5Ig"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20240226-230532-797fb80223
accept-ranges
bytes
cf-ray
8919fc2c78f71d88-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
graphql
timurengin.com/_/
129 B
497 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465956de98b5f8e9b1f7590603b1a6f03613a4b15be546cc9280437611508dd2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
VisitorQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
21
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"81-Do6hXnmZkInXsYs4L/YNcAVwVDo"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-133511-2fcbdcba3c
cf-ray
8919fc2d08a38ed0-FRA
x-request-received-at
1718029047953
graphql
timurengin.com/_/
80 B
476 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
AvatarMenuQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
97
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"50-uwdNQiS1cauYvMsRotgPVGuGSSE"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-133511-2fcbdcba3c
cf-ray
8919fc2d08a68ed0-FRA
x-request-received-at
1718029047974
graphql
timurengin.com/_/
791 B
774 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6ec2433e800b5079324fadee6b72a820c384a0d20d4c4a41d59c7866719a02
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
ClapCountQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
66
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"317-hdKl9mxFbfguLYjjK1S3nw8K37g"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-085433-1f59e6950b, tutu/main-20240610-120748-57091d757a
cf-ray
8919fc2d08a88ed0-FRA
x-request-received-at
1718029047961
graphql
timurengin.com/_/
33 B
433 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
36
alt-svc
h3=":443"; ma=86400
content-length
33
x-xss-protection
0
server
cloudflare
etag
W/"21-wYWzkSPGnZEMaisoTvxqzNqNGzY"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-085433-1f59e6950b, tutu/main-20240610-120748-57091d757a
cf-ray
8919fc2d08ab8ed0-FRA
x-request-received-at
1718029047940
graphql
timurengin.com/_/
24 KB
6 KB
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c397548051115f9d45e0af73b16c05265733112a8bb7df70a83b6f6cce1dd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
MoreFromMediumRecircQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
197
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"5e16-Wd6DaunZo34X/A9f7PbAyrLoE0c"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-085433-1f59e6950b, tutu/main-20240607-155249-07abd76f38
cf-ray
8919fc2d08b18ed0-FRA
x-request-received-at
1718029047946
graphql
timurengin.com/_/
27 B
400 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
ViewerQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
21
alt-svc
h3=":443"; ma=86400
content-length
27
x-xss-protection
0
server
cloudflare
etag
W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-085433-1f59e6950b
cf-ray
8919fc2d08b48ed0-FRA
x-request-received-at
1718029047948
graphql
timurengin.com/_/
79 B
472 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d25ab4a53674b721be8fa2983c6b0f2b6821618f6d4fbc3472fec02b5e67d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
LogGateExposure
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
27
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"4f-PyDyq/vz3tkRgbZXHMnLXcJrsR4"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-133511-2fcbdcba3c
cf-ray
8919fc2d08bd8ed0-FRA
x-request-received-at
1718029047949
graphql
timurengin.com/_/
79 B
472 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d25ab4a53674b721be8fa2983c6b0f2b6821618f6d4fbc3472fec02b5e67d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
LogGateExposure
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
24
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"4f-PyDyq/vz3tkRgbZXHMnLXcJrsR4"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-133511-2fcbdcba3c
cf-ray
8919fc2d08c08ed0-FRA
x-request-received-at
1718029047953
graphql
timurengin.com/_/
96 B
512 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ed1e8f9aada71291f34d91e064bace9edcd5541d123bb9639c18248bcaa2ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
InteractivePostBodyQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
43
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"60-88/gdIR0uvQ05FCpV3lEOttuYFc"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-133511-2fcbdcba3c, tutu/main-20240610-120748-57091d757a
cf-ray
8919fc2d08c28ed0-FRA
x-request-received-at
1718029047981
recaptcha__de.js
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/
515 KB
205 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209755
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 04:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Jun 2025 13:39:02 GMT
_r
app.link/
91 B
634 B
Script
General
Full URL
https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:3800:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
846d9880201fbdb7c3a05705949a7817edb7e43177bb2d72948adce60f2f35fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 45f8047ab98fa87807d2f5362a7fb75c.cloudfront.net (CloudFront)
server
openresty
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop
AMS58-P6
etag
W/"5b-wiblB7kRXYKfNuG9QXGB66rjCK4"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
YdPUnky-KDuWuw8ohgHgY3Sm9Tz626FPc1GNO4mFE0xD16x0YEvFzA==
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7JY7T788PK&gtm=45je4650v9123887712za200&_p=1718029047753&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=908741202.1718029048&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718029047&sct=1&seg=0&dl=https%3A%2F%2Ftimurengin.com%2Fthe-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316&dt=The%20anatomy%20of%20a%20DCSync%20attack%20and%20how%20to%20protect%20against%20it%20%7C%20by%20Timur%20Engin%20%7C%20Medium&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4050
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 14:17:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://timurengin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8097.afb6fd3b.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8097.afb6fd3b.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.2e9508c2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e09bc5a33e0f75283654c0716fe81ed66bca9292541f967d5218666921bdfc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:27 GMT
x-amz-version-id
9ZTfZt7cs_93hcZ64_O6H9.JfMBIdbnP
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
Y6AQ212H8YWP4WDA
age
413596
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/uI0IGisxnHhQRcVfRYi/LOXMU4WFNeia/N2n3dnkSvka9cdf9qbB7+EfGWK3i/PU3o+qx4VAp8nAH4yfuPUV5+6ry6Qgjm0vURMCES4Gsc=
last-modified
Mon, 24 Oct 2022 03:04:52 GMT
server
cloudflare
etag
W/"f4931d95a679d73fda4d9841b302413e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8919fc2daad31d88-FRA
expires
Tue, 10 Jun 2025 14:17:27 GMT
graphql
timurengin.com/_/
81 B
475 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e088eadd15935ca8532cde71ebc86d8a2517dccdde13d51b0b6cf7d364ce96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
PostGiveTipOnExternalPlatformQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
32
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"51-laHsRpyY6f5/gYmEuSYqCK2IpjU"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-133511-2fcbdcba3c
cf-ray
8919fc2dca0b8ed0-FRA
x-request-received-at
1718029048069
anchor
www.google.com/recaptcha/enterprise/ Frame FE73
0
0
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp&co=aHR0cHM6Ly90aW11cmVuZ2luLmNvbTo0NDM.&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=b2aw4fxbvs0u
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TeWOV-Pfcy3EIMwEPip6LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TeWOV-Pfcy3EIMwEPip6LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 10 Jun 2024 14:17:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
open
api2.branch.io/v1/
316 B
710 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:c600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
e7f0a6555c5764060c13426e730dcbba0ccdc8c6d90a0227a19f939f02251f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Branch
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
2098c643-1f6e-481d-b865-f1975a67e4dd-2024061014
content-length
316
x-amz-cf-id
oIuCZjxtg1vgdLb1mMmV1Kj9EpxK89hRUCCqsnkHJkrMNV7zdunYbg==
/
timurengin.com/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://timurengin.com/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c185212f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Medium-Clientele-Client
lite
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, clientele/main-20240524-181611-fb0697a384
x-envoy-upstream-service-time
18
cf-ray
8919fc2f8ccc8ed0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
rum
timurengin.com/cdn-cgi/
0
140 B
XHR
General
Full URL
https://timurengin.com/cdn-cgi/rum?
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://timurengin.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8919fc2f8ccf8ed0-FRA
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
28 KB
29 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7676234
x-envoy-upstream-service-time
63
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc310a1a3624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:28 GMT
sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
28 KB
28 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://glyph.medium.com/css/unbound.css
Origin
https://timurengin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7671368
x-envoy-upstream-service-time
75
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
8919fc311a383624-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 10 Jun 2025 14:17:28 GMT
graphql
timurengin.com/_/
3 KB
869 B
Fetch
General
Full URL
https://timurengin.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b0c77bc8adc6ebb1f46dedad1c61a63393a2b9786f70b48a806c9117808f60
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
medium-frontend-route
post
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform
"Win32"
apollographql-client-name
lite
ot-tracer-sampled
true
sec-ch-ua-mobile
?0
ot-tracer-traceid
724f67f637da2b5d
medium-frontend-path
/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
graphql-operation
ClapCountQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
medium-frontend-app
lite/main-20240610-090440-1ebae99da5
apollographql-client-version
main-20240610-090440-1ebae99da5
ot-tracer-spanid
735b5e0409791d4a

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
132
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"d96-b7Fy1y2fZObKRAM9LPFV6xSUI8I"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b, rito/main-20240610-133511-2fcbdcba3c, tutu/main-20240610-120748-57091d757a
cf-ray
8919fc30ef0c8ed0-FRA
x-request-received-at
1718029048574
1*m-R_BkNf1Qjr1YbyOIJY2w.png
miro.medium.com/v2/
737 B
1 KB
Other
General
Full URL
https://miro.medium.com/v2/1*m-R_BkNf1Qjr1YbyOIJY2w.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c615bd22b74f1ea5bc75e4f06ca7f877e3d76f15b98beb36af76909b7e25d7
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
418633
x-envoy-upstream-service-time
20
content-disposition
inline; filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
alt-svc
h3=":443"; ma=86400
content-length
737
x-request-id
e6fc9866-27ae-4392-8fd2-53b721a4ad71
sepia-upstream
medium
server
cloudflare
etag
"yj0WO6sFU4GCciYUBWjzvvfqrBh869doeOC2Pp5EI1Y/RIjliZTQ3ZjA2NDM1ZmQ1MDhlYmQ1ODZmMjM4ODI1OGRiIg"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20240226-230532-797fb80223
accept-ranges
bytes
cf-ray
8919fc30ffed1d88-FRA
expires
Tue, 10 Jun 2025 14:17:28 GMT
pageview
api2.branch.io/v1/
28 B
351 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:c600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Branch
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
28
x-amz-cf-id
x7m0h45NZtRrzcKDKH1LHc__gypVI-LbsRwDwnnnCzrTtak1dppVOw==
pageview
api2.branch.io/v1/
28 B
351 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/2640.3217006c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:c600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 10 Jun 2024 14:17:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Branch
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
28
x-amz-cf-id
ivaAXU4gylRv7LTcFMxtTU8oi29LuPKAGsax8UjIkDnanWI5UndqXg==
batch
timurengin.com/_/
17 B
277 B
Fetch
General
Full URL
https://timurengin.com/_/batch
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.c185212f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-xsrf-token
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
Referer
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:17:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json
medium-fulfilled-by
edgy/8.7.1, valencia/main-20240610-085433-1f59e6950b
x-envoy-upstream-service-time
35
cf-ray
8919fc4b097f8ed0-FRA
alt-svc
h3=":443"; ma=86400
content-length
17

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| DD_RUM function| main object| __APOLLO_CLIENT__ function| gtag object| dataLayer object| branch object| __cfBeacon object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| gaGlobal object| recaptcha object| closure_lm_713851

10 Cookies

Domain/Path Name / Value
.timurengin.com/ Name: _cfuvid
Value: bk.HiNpT90BfZqukRsBKK_8Rlat1lrdhPLHymrLGMkA-1718029046155-0.0.1.1-604800000
.medium.com/ Name: uid
Value: lo_33638b82b289
.medium.com/ Name: sid
Value: 1:ZUNegeBTE4E0gmbhaRyMjPYRx1AF1XGzJb3O/VH3kSz5Es8Tw3huIGLylu91oqlm
timurengin.com/ Name: uid
Value: lo_33638b82b289
timurengin.com/ Name: sid
Value: 1:eEfNQHBsFnj/i8k1QrgSh+aQ2pQnAb+2t/pjeSWQDuP/DMHBGCTVkxtDb5ZLMnh0
.medium.com/ Name: _cfuvid
Value: WSBQ3L9XNgrUm2mYNpp2oNECFbhsoYqoH2baHOFNkHQ-1718029047115-0.0.1.1-604800000
timurengin.com/ Name: _dd_s
Value: rum=0&expire=1718029947658
.timurengin.com/ Name: _ga_7JY7T788PK
Value: GS1.1.1718029047.1.0.1718029047.0.0.0
.timurengin.com/ Name: _ga
Value: GA1.1.908741202.1718029048
.app.link/ Name: _s
Value: 0Rrvc1SjP0BYngw4b8%2BaddZZTd0hAEZhxmPSrNEUpn2fizzvZn90NmqKIxbufTnq

138 Console Messages

Source Level URL
Text
other warning URL: about:blank
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0(Line 41)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316(Line 73)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316(Line 73)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316(Line 73)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
medium.com
miro.medium.com
region1.google-analytics.com
static.cloudflareinsights.com
timurengin.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.138.26.113
142.250.185.68
162.159.152.4
162.159.153.4
2001:4860:4802:34::36
2600:9000:2449:3800:19:9934:6a80:93a1
2600:9000:2491:c600:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700::6810:5049
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2003
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
1158d4879a0a44516c6f0dbc2e271a303cf63debb43a68479886a61de7d3b820
164d22a531e5889fd654ddd1b5014e47c3c277d9baae8e299387597418722cec
17274971fa3ac182df06276ac2ef7c98add2b2f17e9247145763334b4f5468cb
17d13e1fdcda3e5fb3144c21c24bf60c7cfa4f8ff63d1358cfbab24a80f1a5b1
1b8f3243d0e03a16231ab0e8e7a461f509d8e7aefa07d713b33ab346f562abd8
1bd54632c13105eaefede7c6fe85aa1443d0aa552835c76f075fd1c586386092
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
22c615bd22b74f1ea5bc75e4f06ca7f877e3d76f15b98beb36af76909b7e25d7
25b283a69fdffec5aed19ca2a40b67f490744d4e28d1b41b14f78c7c3ca85304
28c43acf2ee08d93154adc062d0b124da42a3345d6c43abef7a830708b956433
2ed75f86c5ce7754fc0e87b124e5ad23af369acc5132f5228a2ebfaf03ebcbfe
30e09bc5a33e0f75283654c0716fe81ed66bca9292541f967d5218666921bdfc
3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e
465956de98b5f8e9b1f7590603b1a6f03613a4b15be546cc9280437611508dd2
4676e26ad5d634cbdd30255199fed758b31a73b63996fb2d8033b53c453fb90e
4fbf3a093ebd491bb3b6bf61f26ab7d136b4e839fbbeeb7034621b65d2ffacc8
50bf967f6a2d4f6ea005179a472f8d278e24cc8e5b6cc70f974bb193f845d0a3
52d25ab4a53674b721be8fa2983c6b0f2b6821618f6d4fbc3472fec02b5e67d0
52f61b7962bf20d6eb800d6dba3db091cf4826b23be35a07bd527de416bd3b0a
56b45de7fbfcd80d76825dbe2c35a2e568ca9b73199fb4612bcadd0868e0742e
5e45ce783ff6f2159c09545f4a3a53cfd8aa6588e53ab2e3dc894b69048128e3
65709458fda67251b1ecd9b72e14237457475b2f8b3cd657088f37f97e3af4cd
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
6c257f945b1944daaac2482525763db5e4a9de6dc850e0f9913284a9e37f4143
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
78e9cb4bc089bc3fe60f24ca2fcea18c1ed003e3ca64606fb05ec98524e92cf0
806ff1a7e5be16f7da7ea06a745c2b53ebd0f945c019b410095598af64271035
80706484b7c5fe5170639c001287c543d5958134c6b2d9a1d8d9c95c980771d6
846d9880201fbdb7c3a05705949a7817edb7e43177bb2d72948adce60f2f35fd
85c397548051115f9d45e0af73b16c05265733112a8bb7df70a83b6f6cce1dd3
8b4cddc0926fc6a7e8d6fbcf7ce70687152f5497122c32a3b9f068d72b5cb847
8e91d860b59a30eeac69682f675aa8affd64a2fb72029e67b073532d454800dd
907039974c2c52cf9a6776353bdfa72bb1aac218544fb7cad78ecb6e9d2cc4e8
9493d9db3fd1444e38237f37c4eee6fbb3e5fee3bd64bab9b906c122e2f92f33
95ed1e8f9aada71291f34d91e064bace9edcd5541d123bb9639c18248bcaa2ca
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
9b6ec2433e800b5079324fadee6b72a820c384a0d20d4c4a41d59c7866719a02
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a89ed575a512e0f253065de58203e51e59122ad5305205544db73ce4ca638190
aa2dcb49178e613d7c504bf451d47354109e9dbd3cf5ad3c9e87896005398878
ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0e3470c4da29d659d1cdde3643aaa2bb2e5b465e8e6c625720e34fbc828217f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b25181b62cc6c5c33512c81ad3f5332c198493c995ee3d8d65b5e5c97a167144
ba0fe3ba943eaa74f75c754a98818a6fe066839aa02a1d6f2b654b1d6d8a778b
c458a3e54a0769df1bab5ff6f1a2ff3b7c0f02babab54d795cbfdcbce1b3c01e
cdcc2fc364294f2d085517c4a3cbc74ba496b2755f6a971813a6d9faf052d776
cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182
d0217bbce271902205b24557e2422d222f76a999060452a305afaa27744d3f28
d51bea7f29bd4033e201414dd2a08ed0d49a6203605f541c84d4e9523418c225
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
d8b0c77bc8adc6ebb1f46dedad1c61a63393a2b9786f70b48a806c9117808f60
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0
de9f3e3dfa1587611468ec13c87fba041457108251a2f28b2d3f5594145f2ec7
e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991
e30251f4e625a346addb5cd29524310cad04a944b047d53d00e0bd15f0dcca25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f0a6555c5764060c13426e730dcbba0ccdc8c6d90a0227a19f939f02251f8f
e9e088eadd15935ca8532cde71ebc86d8a2517dccdde13d51b0b6cf7d364ce96
f04eebb17f99d43de75394a48bbe764a9202ba64812a5fb995d4c9337873e62b
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f3e771d1c92d58d80f69fc1439c6075be64fa3fa8e29c4034d4f322e03bb85f0
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
f8e53bf25943edec0a2663f840a87906e1fe6ca9146657ff7f7aab7221c6a5bc
f8fccd0d8983514e24e869acd27da546ce68678d8391a8b7cad56730f61fbd52
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
f946277d2c1f664978f48b1f986d8461d287f382afe7f086f3c8809506754426
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d