labs.guard.io
Open in
urlscan Pro
162.159.152.4
Public Scan
Effective URL: https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-318...
Submission: On September 13 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 14th 2022. Valid for: a year.
This is the only time labs.guard.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 162.159.153.4 162.159.153.4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 14 | 162.159.152.4 162.159.152.4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 60 | 2606:4700:7::... 2606:4700:7::a29f:9904 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:3965 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.84.174.11 52.84.174.11 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:230... 2600:9000:2304:e000:19:9934:6a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2600:9000:249... 2600:9000:2491:1000:11:f728:3040:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
80 | 8 |
ASN13335 (CLOUDFLARENET, US)
medium.com | |
glyph.medium.com | |
cdn-client.medium.com | |
miro.medium.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-11.cdg50.r.cloudfront.net
cdn.branch.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
60 |
medium.com
1 redirects
medium.com — Cisco Umbrella Rank: 12555 glyph.medium.com — Cisco Umbrella Rank: 24234 cdn-client.medium.com — Cisco Umbrella Rank: 25536 miro.medium.com — Cisco Umbrella Rank: 18140 |
1 MB |
15 |
guard.io
2 redirects
labs.guard.io |
65 KB |
4 |
branch.io
cdn.branch.io — Cisco Umbrella Rank: 1031 api2.branch.io — Cisco Umbrella Rank: 667 |
24 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2288 |
252 B |
1 |
app.link
app.link — Cisco Umbrella Rank: 2705 |
636 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63 |
82 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1118 |
7 KB |
80 | 7 |
Domain | Requested by | |
---|---|---|
39 | cdn-client.medium.com |
labs.guard.io
cdn-client.medium.com |
15 | labs.guard.io |
2 redirects
cdn-client.medium.com
|
14 | glyph.medium.com |
glyph.medium.com
|
6 | miro.medium.com |
labs.guard.io
|
3 | api2.branch.io |
cdn-client.medium.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | app.link |
cdn.branch.io
|
1 | cdn.branch.io |
labs.guard.io
|
1 | www.googletagmanager.com |
cdn-client.medium.com
|
1 | static.cloudflareinsights.com |
labs.guard.io
|
1 | medium.com | 1 redirects |
80 | 11 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
labs.guard.io Cloudflare Inc ECC CA-3 |
2022-11-14 - 2023-11-13 |
a year | crt.sh |
medium.com Cloudflare Inc ECC CA-3 |
2023-08-20 - 2023-11-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
*.branch.io Amazon RSA 2048 M01 |
2023-09-11 - 2024-10-09 |
a year | crt.sh |
appipv4.link Amazon RSA 2048 M02 |
2023-04-25 - 2024-05-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d?gi=6a6136707c39
Frame ID: 2553BFD12670F887032D55CFFF5855E6
Requests: 80 HTTP requests in this frame
Screenshot
Page Title
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts | by Guardio | Sep, 2023 | MediumPage URL History Show full URLs
-
http://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-at...
HTTP 301
https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-at... HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fmrtonyscam-bot... HTTP 307
https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-at... Page URL
Detected technologies
Medium (Blogs) ExpandDetected patterns
- medium\.com
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
76 Outgoing links
These are links going to different origins than the main page.
Title: Open in app
Search URL Search Domain Scan URL
Title: Sign up
Search URL Search Domain Scan URL
Title: Sign In
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Write
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Follow
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Listen
Search URL Search Domain Scan URL
Title: Oleg Zaytsev
Search URL Search Domain Scan URL
Title: Guardio Labs
Search URL Search Domain Scan URL
Title: Coc Coc
Search URL Search Domain Scan URL
Title: hardly 2 detections
Search URL Search Domain Scan URL
Title: Guardio
Search URL Search Domain Scan URL
Title: Sign up for free
Search URL Search Domain Scan URL
Title: Try for $5/month
Search URL Search Domain Scan URL
Title: Malware
Search URL Search Domain Scan URL
Title: Stealer
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Cybersecurity
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Follow
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: https://guard.io
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 1
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: See more recommendations
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Status
Search URL Search Domain Scan URL
Title: Writers
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Text to speech
Search URL Search Domain Scan URL
Title: Teams
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d
HTTP 301
https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fmrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d HTTP 307
https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d?gi=6a6136707c39 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
80 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d
labs.guard.io/ Redirect Chain
|
312 KB 59 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unbound.css
glyph.medium.com/css/ |
18 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.4255ae7f.js
cdn-client.medium.com/lite/static/js/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6036.d874957b.js
cdn-client.medium.com/lite/static/js/ |
682 KB 213 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f82baa0c.js
cdn-client.medium.com/lite/static/js/ |
789 KB 189 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instrumentation.63e6e68a.chunk.js
cdn-client.medium.com/lite/static/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reporting.2021fe63.chunk.js
cdn-client.medium.com/lite/static/js/ |
1 KB 904 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4398.780b79a2.chunk.js
cdn-client.medium.com/lite/static/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1752.a348f767.chunk.js
cdn-client.medium.com/lite/static/js/ |
23 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6733.c6c17f3e.chunk.js
cdn-client.medium.com/lite/static/js/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4711.eb865124.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8695.673263b3.chunk.js
cdn-client.medium.com/lite/static/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9662.34febdc6.chunk.js
cdn-client.medium.com/lite/static/js/ |
40 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3154.7a158bef.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5203.972fb599.chunk.js
cdn-client.medium.com/lite/static/js/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1957.8b8ca9f7.chunk.js
cdn-client.medium.com/lite/static/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9599.952193c5.chunk.js
cdn-client.medium.com/lite/static/js/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1711.6127e5e0.chunk.js
cdn-client.medium.com/lite/static/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5268.340f7f3b.chunk.js
cdn-client.medium.com/lite/static/js/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9114.0cf8f28e.chunk.js
cdn-client.medium.com/lite/static/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5459.cfc2e69b.chunk.js
cdn-client.medium.com/lite/static/js/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6804.2f4a4354.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9174.a3342633.chunk.js
cdn-client.medium.com/lite/static/js/ |
106 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4129.36dc9d8c.chunk.js
cdn-client.medium.com/lite/static/js/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8580.2dd0c5ae.chunk.js
cdn-client.medium.com/lite/static/js/ |
20 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1802.29605d4c.chunk.js
cdn-client.medium.com/lite/static/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4078.9fb8a750.chunk.js
cdn-client.medium.com/lite/static/js/ |
10 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8883.0a827231.chunk.js
cdn-client.medium.com/lite/static/js/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
923.f5e3d4bf.chunk.js
cdn-client.medium.com/lite/static/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2550.97ddfb27.chunk.js
cdn-client.medium.com/lite/static/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9408.f91ba3c5.chunk.js
cdn-client.medium.com/lite/static/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1743.4ea74641.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9150.a9db6cd7.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5005.fdfae8c9.chunk.js
cdn-client.medium.com/lite/static/js/ |
30 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2804.1db64f9a.chunk.js
cdn-client.medium.com/lite/static/js/ |
41 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1006.97cfd7bf.chunk.js
cdn-client.medium.com/lite/static/js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PostPage.MainContent.52cf49e1.chunk.js
cdn-client.medium.com/lite/static/js/ |
185 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
12 KB 12 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
12 KB 13 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
12 KB 13 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-700-italic.woff
glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
13 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
7 KB 7 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-code-pro-700-normal.woff
glyph.medium.com/font/a9cd261/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
7 KB 7 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ |
7 KB 7 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
18 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ |
57 KB 57 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ |
58 KB 59 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*s7SJaF9dODo7rWqa2rFQ6Q.png
miro.medium.com/v2/resize:fill:88:88/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*qok6JJlO_KBA147t7XjEgA.png
miro.medium.com/v2/resize:fit:720/format:webp/ |
21 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*a92bwILy0a8yOXpd9-4haA.png
miro.medium.com/v2/resize:fit:720/format:webp/ |
46 KB 46 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*PnNH-8TrcHWNdNTBP-OVEA.png
miro.medium.com/v2/resize:fit:720/format:webp/ |
27 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
labs.guard.io/_/clientele/reports/performance/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2230.571ed6c4.chunk.js
cdn-client.medium.com/lite/static/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
labs.guard.io/_/ |
3 KB 869 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
labs.guard.io/_/clientele/reports/performance/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GiveTipButton.98455ae9.chunk.js
cdn-client.medium.com/lite/static/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
13 KB 13 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
231 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branch-latest.min.js
cdn.branch.io/ |
71 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/resize:fit:0/ |
300 KB 300 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
labs.guard.io/_/ |
129 B 498 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
labs.guard.io/_/ |
792 B 775 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
labs.guard.io/_/ |
210 B 560 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
labs.guard.io/_/ |
27 B 400 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
labs.guard.io/_/ |
96 B 514 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_r
app.link/ |
91 B 636 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1878.73a360f3.chunk.js
cdn-client.medium.com/lite/static/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7906.47ff48f1.chunk.js
cdn-client.medium.com/lite/static/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
labs.guard.io/_/ |
81 B 478 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
open
api2.branch.io/v1/ |
316 B 691 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pageview
api2.branch.io/v1/ |
28 B 435 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
labs.guard.io/_/clientele/reports/performance/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
labs.guard.io/cdn-cgi/ |
0 139 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pageview
api2.branch.io/v1/ |
28 B 435 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
batch
labs.guard.io/_/ |
17 B 278 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_RUM function| main object| __APOLLO_CLIENT__ function| gtag object| dataLayer object| branch object| __cfBeacon object| google_tag_manager object| google_tag_data object| gaGlobal10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.labs.guard.io/ | Name: __cfruid Value: 762e744585bcf6d93e04f6bbcbae4daf9280cdb5-1694629967 |
|
.medium.com/ | Name: uid Value: lo_37b7d515251e |
|
.medium.com/ | Name: sid Value: 1:yHBGMfd1cTPbvEUIXvxd97El6Y4xsnFnIhJwEmCAHrKd6EWX9nYS0WYhd7/6UUAT |
|
.medium.com/ | Name: __cfruid Value: 269a8711fc4c4ae72fe4b724ab6d2cf773c8f5a9-1694629967 |
|
labs.guard.io/ | Name: uid Value: lo_37b7d515251e |
|
labs.guard.io/ | Name: sid Value: 1:Dg6yhAx3h8V4dufBhYq6AKcHC8ujow0/6MZT5ku9Rc9p6yaKMH5hZl/VeRKF0S/0 |
|
labs.guard.io/ | Name: _dd_s Value: rum=0&expire=1694630869657 |
|
.guard.io/ | Name: _ga_7JY7T788PK Value: GS1.1.1694629970.1.0.1694629970.0.0.0 |
|
.guard.io/ | Name: _ga Value: GA1.1.1332177664.1694629971 |
|
.app.link/ | Name: _s Value: mqF2DkAAdf1Tx%2FmGLM9N7mFdsWV8n9cM48mX%2Fs1zV013P8Ikytr3G%2BJHlSsKHAz4 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://medium.com |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
labs.guard.io
medium.com
miro.medium.com
region1.google-analytics.com
static.cloudflareinsights.com
www.googletagmanager.com
162.159.152.4
162.159.153.4
2001:4860:4802:32::36
2600:9000:2304:e000:19:9934:6a80:93a1
2600:9000:2491:1000:11:f728:3040:93a1
2606:4700:7::a29f:9904
2606:4700::6810:3965
2a00:1450:4001:811::2008
52.84.174.11
04eda4d284f90f9ec43581fe6193267a3cd3f8ce5f946819d455af1aece12ae9
0a880471f257e08db576de262b06150d83d5bf694a336079dfc366cfee74c3d6
0f9c0a1568a42e3e57ab99db1693255751171eeb541c948ed1d096260fc005b6
14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e
157392f2778803fa61f5f78583670f1da4f4dab67afb8ec0802c34a3ce859931
157ae650ab2912d20559dbb12a35bf455ce425c2239f8516c8f96668e0d7bf79
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1f8966d0d2e6a678c02b6dd803818513f943c842a3b9114e4316b8d94fcad538
1f99c18f59b40e4b607007b679029113e87feb73ef4477a39568f882ce24e1f8
265526ce77f97d404aa19bc51556dceafed4c642c3eac315a0633db316b07257
293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174
2cd5d7529407b9d68c6fdaf5c2b9e347b44082291637cf0dc58179f7f79dd602
30be0156ba1bb5821d0b2aa42248d0c5997b95298b758e1a8c8855847ae79fec
3177c0013737d38f7a9fc5f06b3e7ba3d6d7ea0d02406d8c5beb176d26b701ab
31a07ac14687751699238fa68c9f365511a80a38c3c24ba524bc982cbb2dab6b
33b3315b3529cf5a3c513032bf5d44c311d52f0ba8356ebf5b220656d405f120
33b5a8a7273e6585e0591d4cbbfb8f86f4e6c0e8428f049e8cb206cfb03f3434
384ae8c415e34eadf08e7c7dcda45039e3ad1ddd6ca196a14d90dc4fb7f96d70
3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
4825b0e2fada3db8149a294ad14c74ce6f989d1b63c99ce4ad01b340a9779cce
4e84a98822746989083c5acbf6a62a051b13f9103c27451b611beec6f4897c12
4e8c5141a45860f1cf10629c45600c1c98754d05e3254d586950d9ec0f060b14
51e0ef3a72deb8935b838104321e50c5b1980b90d8db77dbc8b242323987dba1
58d8de9ef44ac3dcfcb9a8a77e59041edc9e879f24061de9b068a804dc9b5119
5924cd6ba776b839ed2cd153b6f93f57743504606574d65fe10da2c70b129392
5aed84be81fba9374ebf53ab86c414439b41ce763e92f363536ab8eb494e1d49
5fcec74725d7a63cfc5869ebbdefd59678f26afb7872323bec5074b00b8a0bca
638f93620b1876e8f00a21f387209e6c28d3bf78d72b6d9ca89b9b0ab7b1a3f7
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
703da51d1379c90aa4f05f52a98539b407f7ab5add1ec4f62f3228d5b1d0c67c
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
708af2491c0f1b12cdbea379d4602ea238ae140d64356348b50978b7e56c6e31
72de5f1ce7843977fa86444e7070f0c398bee31c6abb340d8c00fc3176503825
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
7a2d03019a7445f0165597cee0e0c875f8d98060d6d5e0a647d26d5019e964c2
7ad720cd5dc5c8f7b813afc9287592acb259baca4cbf0468de2f4e27d3406524
8523e1e00993aef1185139a0d86c3aabe9ee48fcd9256db78f711d2d8eb40529
8fc7473c68ffaed8e019a4d9e8aa7e7e659845ceccb991bd2c6782a361ecb18c
93e61c8d88b6b621b59e66086200824a0e1868b9d0f97db6b46b0b08202a3ac1
95df2c90d96ebc4257c475fb155772fd0c6aad12f22b617817b7c22c13e9578f
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
970ce8e357bdc4a7729f6a13774ca7936c4bf033d024c09d540a072a14358e6f
9ee9c955374d5d86d091dae6e36d5388cd821013351ef5878cab82f694f52395
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b082b2d739eb0da800d64e9190126e933488fc17fb403450ea7a1e04eb5cd62e
b0a212a23b4cd9a3ee8db8c1773cd1392084e1ba82e401ac16ce596602af221b
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
bcd406956c7fae2b7150e93938b77218d29026f5c318c44f45b3b88f4e0be1d5
c1042dfd875a282e6858470ea5e8c300cd4e8971f14d619130a484b9c068ab5c
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c82bd1b3a04f653dad53a95ab8c6db4406678743d7a08e43833398ff6e418298
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
cfc29c265e812e74b7f32172a8f0f34399994fae38cfb4dc5049beab0e5fa1dc
d160abd40d5c8cf78bc3f549514c05b2af811b3ae0c904d7a457c03d0a11d845
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
dc85955cf652c033240c1d6557f8f3bac68239fd7298303ab5f241a231f4b682
df29c958f5f503f0f5bb78eb2af04b85956382a1647367dc6e67ac5ed030c12d
e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991
e2d8e9c716f3a667de1612fc09f62523e37e6b67b5f3500de8a71afa49c844e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65a8893ccc8b7fb1b16cde320cc30236cf15e57d74436fe56401fb574d3e079
e9c155eb8c3ba5612390f3e6b0c49a703ba4e8fa55de16b7d6ce38f93f506a4d
edd8f3376de1c4ae1b202138e0c8e723c8c3b000df3790727c6d1b0d77e8024e
eec1dc8042d2196c05d3c8838c6f3d61b848488b047a4ecaa02078f9dc6d074f
f11e0207b486889ed4d87523e7bde18431dbef60b2551b718ba7e9074785536c
f15e35d0610369455126115b21400d2a07db21974d301f081aa027dcf4928ddf
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f7d5eab9057d7f445d0cd5edd107ef3f4223a8c20c467a4d33ff556a38bc2916
f7f58689887d5a2e1783c1d5fb0559c7c9c718a6df9d9494a4ccbdf16139f7fb
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
fb06e4a2e89a612e5120af5372339b4f5d72558cea72819aa6594cb41067dc27