labs.guard.io Open in urlscan Pro
162.159.152.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a...
Effective URL:
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a...
Submission: On February 27 via api (February 27th 2024, 2:14:27 am UTC) from TR — Scanned from DE

Summary HTTP 79 Redirects Links 83 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 79 HTTP transactions. The main IP is 162.159.152.4, located in and belongs to CLOUDFLARENET, US. The main domain is labs.guard.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 14th 2023. Valid for: a year.

This is the only time labs.guard.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	162.159.152.4 162.159.152.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 58	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.26.87 108.138.26.87	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:4a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:9800:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
79	8

15 162.159.152.4 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

labs.guard.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-87.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:9800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 10182 glyph.medium.com — Cisco Umbrella Rank: 20612 miro.medium.com — Cisco Umbrella Rank: 13762 cdn-client.medium.com — Cisco Umbrella Rank: 21529	1 MB
15	guard.io 1 redirects labs.guard.io	62 KB
4	branch.io cdn.branch.io — Cisco Umbrella Rank: 1103 api2.branch.io — Cisco Umbrella Rank: 1104	25 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	252 B
1	app.link app.link — Cisco Umbrella Rank: 2522	629 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	85 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 787	7 KB
79	7

	Domain	Requested by
36	cdn-client.medium.com	labs.guard.io cdn-client.medium.com
15	labs.guard.io	1 redirects cdn-client.medium.com
14	glyph.medium.com	glyph.medium.com
7	miro.medium.com	labs.guard.io
3	api2.branch.io	cdn-client.medium.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.link	cdn.branch.io
1	cdn.branch.io	labs.guard.io
1	www.googletagmanager.com	cdn-client.medium.com
1	static.cloudflareinsights.com	labs.guard.io
1	medium.com	1 redirects
79	11

This site contains links to these domains. Also see Links.

Domain
rsci.app.link
medium.com
www.linkedin.com
www.guard.io
guard.io
www.whatsmydns.net
web.archive.org
www.shodan.io
krebsonsecurity.com
blog.google
vijetareigns.medium.com
xelkomy.medium.com
erickfernandox.medium.com
help.medium.com
medium.statuspage.io
blog.medium.com
policy.medium.com
speechify.com

Subject Issuer	Validity	Valid
labs.guard.io Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2024-02-16` - `2024-12-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-09-11` - `2024-10-09`	a year	crt.sh
appipv4.link Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
Frame ID: 7ACDF746B2AC728898E20688EAC0FF59
Requests: 79 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

“SubdoMailing” — Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions of Malicious Emails | by Guardio | Feb, 2024 | Medium

Page URL History Show full URLs

https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-u... HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-t... HTTP 307
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-u... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

79
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1501 kB
Transfer

3638 kB
Size

8
Cookies

83 Outgoing links

These are links going to different origins than the main page.

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2Fa5e5fb892935&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderUser&source=---two_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign up

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---two_column_layout_nav-----------------------new_post_topnav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F6a038e71ff0f&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&user=Guardio&userId=6a038e71ff0f&source=post_page-6a038e71ff0f----a5e5fb892935---------------------post_header-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fa5e5fb892935&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&user=Guardio&userId=6a038e71ff0f&source=-----a5e5fb892935---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa5e5fb892935&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&source=-----a5e5fb892935---------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3Da5e5fb892935&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&source=-----a5e5fb892935---------------------post_audio_button-----------
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/natital/
Title: Nati Tal

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/oleg-zaytsev-rd/
Title: Oleg Zaytsev

Search URL Search Domain Scan URL

URL: http://www.guard.io/
Title: Guardio Labs

Search URL Search Domain Scan URL

URL: https://guard.io/subdomailing
Title: “SubdoMailing” checker

Search URL Search Domain Scan URL

URL: https://www.guard.io/
Title: Guardio

Search URL Search Domain Scan URL

URL: https://www.whatsmydns.net/dns-lookup?query=marthastewart.msn.com&server=google
Title: DNS record

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20010517194309/http://www.msnmarthastewartsweeps.com/
Title: Internet Archive Wayback Machine

Search URL Search Domain Scan URL

URL: https://www.whatsmydns.net/dns-lookup?query=directtoaccess.com&server=google
Title: way too many IP addresses

Search URL Search Domain Scan URL

URL: https://www.shodan.io/host/194.33.180.163
Title: Shodan

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2018/06/bad-men-at-work-please-dont-click
Title: house of many of the most scammy TLDs

Search URL Search Domain Scan URL

URL: https://blog.google/products/gmail/gmail-security-authentication-spam-protection/
Title: Google stepped up

Search URL Search Domain Scan URL

URL: http://www.guard.io/subdomailing
Title: “SubdoMailing” checker website

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&source=---post_footer_upsell--a5e5fb892935---------------------lo_non_moc_upsell-----------
Title: Sign up for free

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fplans&source=---post_footer_upsell--a5e5fb892935---------------------lo_non_moc_upsell-----------
Title: Try for $5/month

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----a5e5fb892935---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/tag/phishing?source=post_page-----a5e5fb892935---------------phishing-----------------
Title: Phishing

Search URL Search Domain Scan URL

URL: https://medium.com/tag/spam-filter?source=post_page-----a5e5fb892935---------------spam_filter-----------------
Title: Spam Filter

Search URL Search Domain Scan URL

URL: https://medium.com/tag/subdomain-takeover?source=post_page-----a5e5fb892935---------------subdomain_takeover-----------------
Title: Subdomain Takeover

Search URL Search Domain Scan URL

URL: https://medium.com/tag/email-protection?source=post_page-----a5e5fb892935---------------email_protection-----------------
Title: Email Protection

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Ff776b280f31b&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&newsletterV3=6a038e71ff0f&newsletterV3Id=f776b280f31b&user=Guardio&userId=6a038e71ff0f&source=-----a5e5fb892935---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://guard.io/
Title: https://guard.io

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fa2225e51898e&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fscammers-paradise-exploring-telegrams-dark-markets-breeding-ground-for-modern-phishing-a2225e51898e&user=Guardio&userId=6a038e71ff0f&source=-----a2225e51898e----0-----------------clap_footer----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa2225e51898e&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fscammers-paradise-exploring-telegrams-dark-markets-breeding-ground-for-modern-phishing-a2225e51898e&source=-----a5e5fb892935----0-----------------bookmark_preview----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F3182cfb12f4d&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fmrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d&user=Guardio&userId=6a038e71ff0f&source=-----3182cfb12f4d----1-----------------clap_footer----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F3182cfb12f4d&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fmrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d&source=-----a5e5fb892935----1-----------------bookmark_preview----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F099361a808ab&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fmyflaw-cross-platform-0-day-rce-vulnerability-discovered-in-operas-browsers-099361a808ab&user=Guardio&userId=6a038e71ff0f&source=-----099361a808ab----2-----------------clap_footer----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F099361a808ab&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fmyflaw-cross-platform-0-day-rce-vulnerability-discovered-in-operas-browsers-099361a808ab&source=-----a5e5fb892935----2-----------------bookmark_preview----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F65ea78efad16&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fetherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16&user=Guardio&userId=6a038e71ff0f&source=-----65ea78efad16----3-----------------clap_footer----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F65ea78efad16&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fetherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16&source=-----a5e5fb892935----3-----------------bookmark_preview----0997cdd2_8433_4ec4_b47d_74ca652bb894-------

Search URL Search Domain Scan URL

URL: https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=read_next_recirc-----a5e5fb892935----0---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@ratnadip1998?source=read_next_recirc-----a5e5fb892935----0---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F853338770d8c&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40ratnadip1998%2Fmy-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c&user=Ratnadip+Gajbhiye&userId=cc3a6fcb89be&source=-----853338770d8c----0-----------------clap_footer----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----a5e5fb892935----0---------------------a0604a98_8230_4312_b578_9f38e734239a-------
Title: 2

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F853338770d8c&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40ratnadip1998%2Fmy-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c&source=-----a5e5fb892935----0-----------------bookmark_preview----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@wearedelicious/list/tech-tools-541154dfb3ae?source=read_next_recirc-----a5e5fb892935--------------------------------
Title: Tech & Tools16 stories·157 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumStaff/list/mediums-huge-list-of-publications-accepting-submissions-7c0ec8037e61?source=read_next_recirc-----a5e5fb892935--------------------------------
Title: Medium's Huge List of Publications Accepting Submissions262 stories·2013 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumStaff/list/staff-picks-c7bc6e1ee00f?source=read_next_recirc-----a5e5fb892935--------------------------------
Title: Staff Picks587 stories·778 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@AMGAS14/list/natural-language-processing-0a856388a93a?source=read_next_recirc-----a5e5fb892935--------------------------------
Title: Natural Language Processing1228 stories·714 saves

Search URL Search Domain Scan URL

URL: https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=read_next_recirc-----a5e5fb892935----0---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://vijetareigns.medium.com/?source=read_next_recirc-----a5e5fb892935----0---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fd6c09719d307&operation=register&redirect=https%3A%2F%2Fvijetareigns.medium.com%2Fhow-automation-detected-default-admin-credential-worth-500-d6c09719d307&user=the_unlucky_guy&userId=f27249443369&source=-----d6c09719d307----0-----------------clap_footer----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----a5e5fb892935----0---------------------a0604a98_8230_4312_b578_9f38e734239a-------
Title: 4

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fd6c09719d307&operation=register&redirect=https%3A%2F%2Fvijetareigns.medium.com%2Fhow-automation-detected-default-admin-credential-worth-500-d6c09719d307&source=-----a5e5fb892935----0-----------------bookmark_preview----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=read_next_recirc-----a5e5fb892935----1---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://xelkomy.medium.com/?source=read_next_recirc-----a5e5fb892935----1---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F597dc435fd82&operation=register&redirect=https%3A%2F%2Fxelkomy.medium.com%2Ffrom-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82&user=Khaled+Mohamed&userId=c307b65701dc&source=-----597dc435fd82----1-----------------clap_footer----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----a5e5fb892935----1---------------------a0604a98_8230_4312_b578_9f38e734239a-------
Title: 1

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F597dc435fd82&operation=register&redirect=https%3A%2F%2Fxelkomy.medium.com%2Ffrom-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82&source=-----a5e5fb892935----1-----------------bookmark_preview----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://erickfernandox.medium.com/how-i-found-a-critical-0-click-ato-using-only-information-from-waybackurls-15c32e490db8?source=read_next_recirc-----a5e5fb892935----2---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://erickfernandox.medium.com/?source=read_next_recirc-----a5e5fb892935----2---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F15c32e490db8&operation=register&redirect=https%3A%2F%2Ferickfernandox.medium.com%2Fhow-i-found-a-critical-0-click-ato-using-only-information-from-waybackurls-15c32e490db8&user=Erick+Fernando&userId=ed80467efe9d&source=-----15c32e490db8----2-----------------clap_footer----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://erickfernandox.medium.com/how-i-found-a-critical-0-click-ato-using-only-information-from-waybackurls-15c32e490db8?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----a5e5fb892935----2---------------------a0604a98_8230_4312_b578_9f38e734239a-------
Title: 2

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F15c32e490db8&operation=register&redirect=https%3A%2F%2Ferickfernandox.medium.com%2Fhow-i-found-a-critical-0-click-ato-using-only-information-from-waybackurls-15c32e490db8&source=-----a5e5fb892935----2-----------------bookmark_preview----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=read_next_recirc-----a5e5fb892935----3---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@daniel1895?source=read_next_recirc-----a5e5fb892935----3---------------------a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fce6a6f4eb21c&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40daniel1895%2Fa-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c&user=Daniel1895&userId=2cc32da6c49f&source=-----ce6a6f4eb21c----3-----------------clap_footer----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----a5e5fb892935----3---------------------a0604a98_8230_4312_b578_9f38e734239a-------
Title: 1

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fce6a6f4eb21c&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40daniel1895%2Fa-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c&source=-----a5e5fb892935----3-----------------bookmark_preview----a0604a98_8230_4312_b578_9f38e734239a-------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----a5e5fb892935--------------------------------
Title: See more recommendations

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----a5e5fb892935--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=post_page-----a5e5fb892935--------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----a5e5fb892935--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=post_page-----a5e5fb892935--------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=post_page-----a5e5fb892935--------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----a5e5fb892935--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----a5e5fb892935--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://speechify.com/medium?source=post_page-----a5e5fb892935--------------------------------
Title: Text to speech

Search URL Search Domain Scan URL

URL: https://medium.com/business?source=post_page-----a5e5fb892935--------------------------------
Title: Teams

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 HTTP 307
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Show response
labs.guard.io/
Redirect Chain

https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

254 KB
52 KB

584ms
583ms

Document
text/html

162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9576b1c20103cdeaad8043a06a612ebb0ccf498b410eb1784021d44240d54ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85bce9f2cb8c2c42-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Tue, 27 Feb 2024 02:14:22 GMT
link: <https://glyph.medium.com/css/unbound.css>; as="style"; rel="preload"
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, lite/main-20240226-181048-210faa0661, rito/main-20240226-214044-fc2c63cde3, tutu/main-20240226-215419-fc2c63cde3
medium-missing-time: 229
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 456
x-request-received-at: 1709000061981

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85bce9f1ec2b4d89-FRA
content-length: 0
content-type: text/plain;charset=UTF-8
date: Tue, 27 Feb 2024 02:14:21 GMT
location: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 16

GET
H2 200 unbound.css
glyph.medium.com/css/ 18 KB
1 KB 19ms
18ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3529
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f67d4b4d89-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 27 Feb 2024 04:14:22 GMT

GET
H2 200 1*Oc7wDkDuNDY3nRKbaye2pw.png
miro.medium.com/v2/resize:fit:720/format:webp/ 15 KB
15 KB 27ms
24ms Image
image/webp 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*Oc7wDkDuNDY3nRKbaye2pw.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e29d7abb733d36df6535f18e5a92499f0b99fcdbfbf437ccf0804ea4d6e7068a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 40322
x-envoy-upstream-service-time: 331
content-disposition: inline; filename="1*Oc7wDkDuNDY3nRKbaye2pw.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15224
x-request-id: 6eccf1df-3fa7-422e-a0b3-8ef2793e208f
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjM5Y2VmMDBlNDBlZTM0MzYzNzlkMTI5YjZiMjdiNmE3Ig"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240212-082148-28c8d39d66
accept-ranges: bytes
cf-ray: 85bce9f68d574d89-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H2 200 manifest.f4827de3.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 39ms
36ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.f4827de3.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a10ce3fb90fcb582c498d4a08e72e4db9e11362a847dd0597f2f364d57c1215

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: NoXRFLQJ8zrzj5pnTNn6KkQ9ZF8axGst
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N1WH55Z1BNG3VYMW
age: 28011
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: X9TTHSiA6PomqjUWfZy/TSBgBiLD1PEFUBM49bGZu6/Pcrir+yF/UfMwf39CSOMC/2bxc+8EsCE=
last-modified: Mon, 26 Feb 2024 18:18:07 GMT
server: cloudflare
etag: W/"3207cb05ee0d44935b0871b57b482ed7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f68d534d89-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H2 200 3057.5e22bbb0.js Show response
cdn-client.medium.com/lite/static/js/ 659 KB
207 KB 38ms
35ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d4cacc612c452bdcc10a085e37f00f77d8863cb1e8fe669ca02c1156f2cb712

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: 8U1kFgMJlUNmH8qkZNp1xniyDYQNS3lm
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZGDCJN5V5GJC38XJ
age: 512578
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VSmYt5YKd8NCsoN1Fgbgor/JlUVlolvqmSvep6GIb2wExVldM64YEShk74SP/0otxz1PwJyfbpI=
last-modified: Thu, 19 Oct 2023 20:38:07 GMT
server: cloudflare
etag: W/"5cf73b47b8f9468e48683b2d39073bf2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f68d524d89-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H2 200 main.547286bf.js Show response
cdn-client.medium.com/lite/static/js/ 760 KB
180 KB 25ms
23ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.547286bf.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb93480eb7de3be60da5eb1a8a87d0880d9f6f4ec937da8ef3673d8defca5566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: MrKxu8DPAPHUl5gONWohwz5bh4.Cu9ph
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N1WRVYVW0HK8BXK8
age: 27699
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IEYpLUF17BHUE6fhJ3BANnOMv3tbOXSlvU71HXT8/XzIdYdHE9+sHI4K9mwYZS6GGa2/5gd6Cco=
last-modified: Mon, 26 Feb 2024 18:17:40 GMT
server: cloudflare
etag: W/"b1f7ac1abdac80fb30233ce3daed55a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f68d564d89-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H2 200 instrumentation.7c58a71f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 25ms
22ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.7c58a71f.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d40ba6bcffd2d51735ad266bbcea130205c2560e34f60d204feed40bce804cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: UX__5BGcNKiUoyDiu_x5KKgrlZdf_eFZ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: RZS96G6D305HFWCJ
age: 474279
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZMit9sZ1d6taGwFOE7ZT7tuMc/Te4leGtiX2A03cEV21WixO7paCt3GOiliFS4z/KjRaWHrvRUA=
last-modified: Tue, 06 Feb 2024 14:42:19 GMT
server: cloudflare
etag: W/"88ef7fedb2a5e4fc8f183b27a7395553"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f68d554d89-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H2 200 reporting.2021fe63.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1022 B 23ms
21ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.2021fe63.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: EAFtMMjOBNpoIMOAp_mjLfH0fLlmjqvd
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VGFNZ7CY395RBD1K
age: 1116782
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: UsxPcnWIPeG8Qtif978t591tt12v6gVkOW87c/cpun0sa9LX6r826tsN9XF2emlwdALyzwpBJ48=
last-modified: Fri, 23 Jun 2023 16:13:42 GMT
server: cloudflare
etag: W/"4f45b39c86a2eb9ca7068099b34d3af6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f68d544d89-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H2 200 4398.db4d4378.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 25ms
23ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4398.db4d4378.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25b283a69fdffec5aed19ca2a40b67f490744d4e28d1b41b14f78c7c3ca85304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: nD1Ekxpw41hmPZGu8aCR69Fn6l56BS19
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 710GYJMZMX9T7NGZ
age: 286168
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sjqpdMVqjBfESWRs5xhG/mIWiF7BOMIkvwN/mtgjm/eW0hArhYoO6C+eqOMXw5Mx3WX33F6rPgg=
last-modified: Wed, 10 Jan 2024 23:43:40 GMT
server: cloudflare
etag: W/"2a9a8cc3a5c7456e93ac9fd0734d8562"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f68d594d89-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 7883.0e445e04.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
10 KB 33ms
31ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7883.0e445e04.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e45ce783ff6f2159c09545f4a3a53cfd8aa6588e53ab2e3dc894b69048128e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: Xo3CN7D2L9evtWunaTa_wVLneZe0Q4Yq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: SACK8Q284PX7P1V2
age: 623451
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 67ywPv5YyD9zsVly8e1VcBiH8iiSGioLpKMQkm7v57DqwwvU4COOClkIdD6jwCL6XjaXwkONehGOMgztCvymqQ==
last-modified: Mon, 05 Feb 2024 14:32:27 GMT
server: cloudflare
etag: W/"ff460fdd31cf043a5b0c5480db3156c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bac32be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 6733.1d85727b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 38ms
36ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6733.1d85727b.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d3e598ba737be043c5d785d54f858660c4dd4d22805b22a550876b017830f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: 2fJFQUTf2u12vcW9GWlwyqCzuRzGu243
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: C677NQY5WTQZ3MXW
age: 513656
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tsp6ibadELIHxIyTa7q5r/Q2EQo8hNXZR1PcY4M9YfqGfV70oRNFM9mkT0f+0gLUoE8mwUn3qk0=
last-modified: Thu, 19 Oct 2023 20:38:12 GMT
server: cloudflare
etag: W/"637f2748bb252f63c1746748e78f94ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bac42be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 4711.043615ac.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4711.043615ac.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36958875136eaa028381ba1b7c0169a46c0a3a80b12a2be773ec5e30479e3e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: qnKQzk0b9urC.8imJsDQEceRC7r1d.6v
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Z61N02GG08QYGQQG
age: 1094431
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TDzbgSsTQzWgXfPlSZ0VwVui8lCvcFiGQ8xRjvdtZuQYxaivYa5JC3NI/c1sA7BJ0zWkwTff7AIFSGOaGC6AGwbcYORYmGAbj7M++aatLqo=
last-modified: Thu, 19 Oct 2023 20:38:09 GMT
server: cloudflare
etag: W/"fa8866965099e179b25da758eb62a2da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bac52be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 8695.9065ba3d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 30ms
28ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8695.9065ba3d.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd07e6dfe1b3b06e631fd76b882dc0d991490f743ecb96d8c7d347a401abb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: PoVfd4I0l3fwucjKH2.q5JIL4OE__rj9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GBRAT929NB0BJT20
age: 289416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AM3cHcECDZyxI9ilpnFcrFCmromKLwkanrsS4/V0ii6s5vEMTksJj4tdMv4B8TIX9uFIJU8pmNE=
last-modified: Fri, 23 Feb 2024 16:04:19 GMT
server: cloudflare
etag: W/"da903c2586fa559f0b9b307164c98403"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bac62be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 4341.e697d2a1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 41 KB
10 KB 33ms
32ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4341.e697d2a1.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a13833533c830de737dc8b245fa9f45199dcef87c1bd0172b63d9da0e9fea577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: ePN3RSeIvvXVZ7Qe4JusRtAdJHrk_Rrl
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: WQ7SZ0FXVS9N7A2P
age: 1077392
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lEiIihPR9DZ4pXBabZH4hZKoq4+MfEGjcVnI26Jr5WpxBikue9PoRJhn7jX8wGIDVVVNy5p2sUDfKy1EAbb85gfJIkmsRc+mSo5KBiCkoog=
last-modified: Mon, 12 Feb 2024 20:37:53 GMT
server: cloudflare
etag: W/"1fb8c1985abfbffe9d85fedbfe4c56e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bac72be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 5971.2c86ab13.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
6 KB 23ms
21ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5971.2c86ab13.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c05236a4fb84e6508b49781849e0d5f1fe2c5af9f8cc4132e1a92d848c5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: dIlyTRW9mg38tXUGmths.pFEW0YVvJzY
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HGY8EPAZSVPT7H68
age: 470031
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eFs0WlAGDKbLTHGu5SRc1azYocOg/7P4TKQgL5wy8E+rQrrN5Zm0YEhM8uEmnp0Dp86SqS7d/3joQhABHTKIehMurPSr064s
last-modified: Tue, 20 Feb 2024 18:37:12 GMT
server: cloudflare
etag: W/"2ee48b98138b086d9ce726222a7cc9ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bac82be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 5203.e7a22052.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
4 KB 32ms
30ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5203.e7a22052.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e758010f351793913ddca875cd4d6b107e4fe8b263b352c1da5b2f3d151021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: sYZi_T_vovpyjHR0HCCODg8UWAAlZCKC
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4G41DBY3KYNQX9MD
age: 513678
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hjUGm8MKzsmi3mkpcyxVF250ZoZi/eTMgnFDsjhhwRDoDDOvQtxbVG9a8TT+TtztvpcQlLGA70tB9JciD/fIWZr+k0YmBhsG
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"4b2a2b012f01bcd5a7880043af3823bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bac92be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 5465.248bcf72.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 28 KB
7 KB 25ms
23ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5465.248bcf72.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d0a019db396af240ae83cb32ade7911c98134c0025d060737432945d376ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: f6RFIJvmiUBKdmd0lZEavVrIuWPTaHKE
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DBRWSH6292QGWXMR
age: 298750
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5jdIfLPp+DiiVKEBw/PmD4lW50JhhiOFsM7JopbN9KYqZ7YCJ8PnAbYSiVeE9t1+qkby5amMfNY=
last-modified: Thu, 22 Feb 2024 21:36:52 GMT
server: cloudflare
etag: W/"3cdcb969cd20a6ab0bfcb2663a697803"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6baca2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 6487.ae5ff7c0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 64 KB
16 KB 39ms
37ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6487.ae5ff7c0.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06939d14a9a58529dff6dbd2e6483311d3aac1d75f9af43f97fe1e9c34193d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: lUrGzMtEUq9W0QQdOm9SF9_tyNYHzpgW
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7E28GKPR150D0X5B
age: 38836
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ARQE1p8iabPaZRg1s5j85WQzC7s7AGO/0EMTNm1G3uuf8GYnN/ItCxOruDbji9/jqChpOFoNihVxCZN6aUhEhLjfMEa7EMTA
last-modified: Mon, 26 Feb 2024 15:02:22 GMT
server: cloudflare
etag: W/"c4be10113201aa1b55dd5c432e9b282e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bacb2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 1711.b70f1a35.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
7 KB 39ms
38ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1711.b70f1a35.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93efcb5760c80b2b05a06369f841dec8894aec84f393f473d4a98c97d753637c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: an7lZshTbeizT4YvZ.H_UfpGSLFLVp6K
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J178EJGERS581XHJ
age: 534882
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1I0RZFqis3VUg39l18/zzES9x70K/pwfl3YWM9quPJZkzqvAzZXymSFOZhptZBXkE89qOgs7zSg=
last-modified: Tue, 12 Dec 2023 20:16:53 GMT
server: cloudflare
etag: W/"be9a7f1d16e66912ad5aca0b77f43879"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bacd2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 5459.80a6ee18.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
9 KB 44ms
43ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5459.80a6ee18.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dfdb6f5b4806f1c38df4fe8759a9de97db51013d581eab964f30e0168c63824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: Xo5Pr3Ij5Cgw5oTeyQue1xJQ0yv8JEXg
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5SCWCF2BFJVAEDN2
age: 503541
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wEG42IkuOdW/JSBhPM6qNeTr3sRi8FqmOp1gCTVCseEB3gto97maHH708Ll1Ttvl0w6WO6sQOIM=
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"6e1344575b07708a7b94c40d88f89dce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bace2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 3701.ff199b61.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 40ms
38ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3701.ff199b61.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b305a685b754704bf56f1c8f95bf1b787bc2d46a100573dbd6d8f7fb6253b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: 0.udorf8Dt9QlwpNPnkhH3jvK.ytUC3H
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HGYD0T7BQ3GMP3X6
age: 470230
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +jA4sp90NeNbHF6J+lvewAD9sScIzQhbbmjkWLUcTyTsGjNxAJ1KZWYoEtcrHqotjuOfWTswDouINWprToH+CbJrQbF7VBwm
last-modified: Tue, 20 Feb 2024 18:37:10 GMT
server: cloudflare
etag: W/"71dd609a285842e1feb8fde7f341b29a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bacf2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 6804.2cda7ee2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 41ms
39ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6804.2cda7ee2.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f6846ab4a02e8b678dbaf57c1a0e0f113b67c1c9971e1bf92fc4715b4c52fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: QZdjipCna6Z_yJngz6EOjihwQqejuAzP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F670C9M6XSX7GV51
age: 384433
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 91V9eBGI53WzlLvEz7qfaATBv75bBzuajVW7qhcskiBi7mq6WiX0d2Y//CZclyHfQuBNnsLhdhO+iKDcHkT84P4Ep9Ep7ej06CQm2s+wbOA=
last-modified: Wed, 21 Feb 2024 21:44:27 GMT
server: cloudflare
etag: W/"0b538753d87377f783847b0976df0390"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad02be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 9174.24f568ee.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 107 KB
27 KB 45ms
44ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9174.24f568ee.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39602c4951ecb841fb70f050e4f7d8d816f7b286e50305a8e296c287d42e986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: WjLEyYRWgbUyH7UQcFalI9HiYfhdVUXQ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HGYE21G3CQV0STG4
age: 470031
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wcFAKeQeeTx6+y1rM+T5f0x5QHUg7DfJdVkE6HZE47RHWb5NbO/a3yOlXsK62WLm4e+UUt+iQ7g=
last-modified: Tue, 20 Feb 2024 18:37:15 GMT
server: cloudflare
etag: W/"4c3d585afe79410fa16c87d8447031d4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad12be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 7185.34588763.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
6 KB 46ms
44ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7185.34588763.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc789bb90c19fa508640c725b99591c293233d366f42a67c93614bb65a7caa4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: RL8qtPXVZGnCUcmD.7IlrOre91XPOpQj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GBRDMMZ84EG2QFJA
age: 289416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +aOK9wY+QTDPpqViMTWYkbQdbJ/YzEyFh0o13Q2tLRwlwAtwOnn8oyDkh0pfYFt2LML0wZDDXaY=
last-modified: Fri, 23 Feb 2024 17:36:50 GMT
server: cloudflare
etag: W/"a06fccda9416e0b6409f7ef0436f38c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad22be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 4129.ee8ae2c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 46ms
45ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4129.ee8ae2c8.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a92f6f729051d8f507d8e2102fb6ff65523e1cac9a02c5cf73f1503b446dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: GKCEAjCz9C3rq4gDy5D41ahGcAUvJYws
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MT269DYJ93D7FQ65
age: 508035
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cusI7iSSJCBsd666xA9WgOKQaUZuVRaxOg4MroP7ROiIDH9vQ6XHZEamcKo+qjjznfVGfpv8iSnks0g4r9Pjzjac+/VZOAWVo4ewSrht4zc=
last-modified: Tue, 31 Oct 2023 13:31:10 GMT
server: cloudflare
etag: W/"c63ba7334aaaa7c433116323b85dddd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad32be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 2550.dc6554d7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 49ms
47ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2550.dc6554d7.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5da9fed8945149320a2d1df9bee9253ac600175e390d0fb828b94e79fca1f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: t4O9RgFnfLa.Gd1Oot9c4ERg9TxWx6lu
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GBR4JQ5GVTWZSHGX
age: 289416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nFxoUJUd39CBAs5XtQZbGIQxzkarGefrN++MikeUMpk6Gh/S/f9jmuObLNmF8yOILFbz8hN2Pjg=
last-modified: Fri, 23 Feb 2024 15:08:01 GMT
server: cloudflare
etag: W/"779d21e0433197e6c13e306822e1c506"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad42be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 8580.feeb2549.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
2 KB 50ms
48ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8580.feeb2549.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: zzAbVdzU1EHaoBWemZXYawSAaPKOliQq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Y65FVQ7NTEJBXQ6Y
age: 417346
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cZohDeNRwUgaONTLit+xJE3dfHFvPeoV85c+KqhEP6x9pyiEj9eN5SLHPyGrwvD8EB0RQ7cMwU0=
last-modified: Thu, 19 Oct 2023 20:38:14 GMT
server: cloudflare
etag: W/"807d78fe3a15361dfb7d56b056c4ff12"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad52be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 8883.c8b03d13.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
10 KB 51ms
49ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8883.c8b03d13.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6371dbf8600466f6a05a06c3372f54b5df5ea4ce7e2145571a7f72886d61d879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: rqCBYLKOv.8NNDtk1ZWJs0i2M.e6fYOU
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A5KCZS907K5DFF0J
age: 401902
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RJVkotYaB2FyGbXmgxrtRavmwdovW3HtDFYuf8SuY2B9bmi1SXDVFFKcTWrxzS7KCiXxKz6mLCs=
last-modified: Wed, 01 Nov 2023 19:54:54 GMT
server: cloudflare
etag: W/"db9f4f034f186af2c5d3eb5b06d84be1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad62be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 4078.da7800a7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
2 KB 51ms
50ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4078.da7800a7.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e365238b8f3b49688bb6f1344496c0e25a3ebe4302c859856e937f18f403d6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: rrQLGST4J4fLi10qQKaFEEGE2uCdLnIB
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 449KG7PBSJGZC01G
age: 422040
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ko8g5TRpaaJuMF3kj7RpTbSpnKQf/Toi0fRdIQ165XbAECplCvgs/h1QHuZjsQitsIsvW+5BsVA=
last-modified: Thu, 19 Oct 2023 20:38:08 GMT
server: cloudflare
etag: W/"6fe9bb13da7ba28df60248af83559170"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad72be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 9408.3df4db57.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 52ms
50ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9408.3df4db57.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf68d21ee2fb4d8aea0b355db9cf2cfd21d240b04fb8c9a182194a1b6f9c40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: 0lZtKjK.Quzle8JDP2rE2oWTjDI1Nb1P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DBRS3H7HWZ8XQ6KF
age: 298890
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ebTIwmwKiT+goVHHbC+kmX8uZd/yJFb5VpzzmPSFD4oveiYcqeaf9AzlyMLMpGYTtjir+jnD8nM=
last-modified: Thu, 22 Feb 2024 21:36:57 GMT
server: cloudflare
etag: W/"cf9a2139eb847d4a111a514690bc9fc3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad82be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 9150.42fafb2e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
2 KB 53ms
51ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9150.42fafb2e.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df22782693c9af50722c8e68c3bd5f0f2248d53b79cd278c2f0953d7b9d4571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: Juh7s6eqIR5VpuEFNUcPQ7B8LwsnUpKw
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: RN7HXARNCBXX8B4K
age: 588644
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JdEWkQYV5f8lXbdQuVjf4Ny8CryboZNimKTWaKr5gu64oXoUcCZKfYTDEEee4o0MurDa9dtzit4=
last-modified: Thu, 19 Oct 2023 20:38:15 GMT
server: cloudflare
etag: W/"78132c40ece3187924f4251503c0fe2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bad92be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 5005.b5d4a37c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 31 KB
3 KB 57ms
55ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5005.b5d4a37c.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed871cdd5c0d8def9f024a161b7b8e8cef778a47955c05a27fbdcf023b9fa4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: RisC25ILXQZI5zUiv0YF80pfrgqVmer.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NEESR8DSNFTRDXX8
age: 592728
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gDwQxxkhjYaqXGZpDeHuM/5206TkQdKZjAI80x8uyXp+PySrrr7QAvKdE31wzprOOt+qteOAvKnB/kENdCZAkw==
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"a72dda426ce4412cf5cdf2bd365c57c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6bada2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 6605.80950b86.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 57ms
56ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6605.80950b86.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6872b27c767b3b294f8efd2631092d6f91b2c784b277ed0809ae00aaedb19b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: nMKIoK1_avzeKqi5gfAyORakxNKdqrIj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GBR449S65B3E6VZT
age: 289416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wW6q2Fomxjb/lUoHgpukDr+h9GRwnuFHXi9R3NaDH4GzHAh+cr5SzwLpt17K4bXqi86IbeCblxg=
last-modified: Fri, 23 Feb 2024 16:04:18 GMT
server: cloudflare
etag: W/"676d3d5169ab0b7047f613ccf8f7e21a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6badb2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 2393.aaa1ee6d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 45 KB
16 KB 58ms
57ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2393.aaa1ee6d.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee2df72cdc4936863ec36571e34a5bd94d8c559d5ca23978f14442bcd882921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: AlWKDh_1BOSXs_FWTHnebHpsTk2Tzq0D
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HGY4QEDTTR3MFR9C
age: 470031
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bO6jGEKi9Jj7e6P4uWw9fZLeBEgDXNdZVcrI1xr5a+Xx6efwJ5WOvbjdPkr+LfJnzhoRpxvuo5M508yu0Kg/418jprOaQ63J
last-modified: Tue, 20 Feb 2024 18:37:08 GMT
server: cloudflare
etag: W/"14558e00e00c94114784967440735b94"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6badc2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 2211.706ab0f5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
8 KB 59ms
57ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2211.706ab0f5.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade6273bd485e3fe853219534880d83799ea2b75d1db214efc7a0255a527deda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: B6kP9.8RVerphUFyT.nGoGfeA6SG5G.t
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E55NYKCZT4T11X0C
age: 987668
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WZDCRddHQni0jOCCSX3/j/Y57HKqIoOl0TIfuIP8RrhZtadXLlJrsazQbn02J3Y9ioilEuOG1v2lL9ZftIAJbg==
last-modified: Wed, 14 Feb 2024 19:59:41 GMT
server: cloudflare
etag: W/"d4ff97682dc6e96f64e56231cccc64fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6badd2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 PostPage.MainContent.9f04ea44.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 192 KB
46 KB 59ms
58ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.9f04ea44.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93f3b2fbf4e745fc89d6e52e43626a7a38b6071edc96ccdd501679464727deb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: 13Iz_66zcIPM_Qnro.pJh9SrId75aHnQ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DBRNS2VC9A5HYYS7
age: 298890
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6kBL2GhoarogaejXvYJGah9M+rWkFV5olUU6tP3u+BbkxAbK82bgRFc7mwt4r3Sh4WTMIo42u40Q1S3hfITsK+IhzxHuNvip
last-modified: Thu, 22 Feb 2024 21:37:08 GMT
server: cloudflare
etag: W/"87b9834bccbf39fa659d113ae6f9fbb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f6badf2be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 57ms
41ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85bce9f6adf83a94-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 45ms
35ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7684882
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd8418b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 49ms
40ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7770218
x-envoy-upstream-service-time: 38
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd8518b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 36ms
27ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7769939
x-envoy-upstream-service-time: 71
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd7e18b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 35ms
26ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 9420148
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd7d18b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 28ms
19ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 9146984
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd7f18b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 source-serif-pro-700-italic.woff
glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 43ms
34ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 9420038
x-envoy-upstream-service-time: 64
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd8218b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 43ms
35ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7777120
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd8318b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 source-code-pro-700-normal.woff
glyph.medium.com/font/a9cd261/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 54ms
46ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/a9cd261/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee9c955374d5d86d091dae6e36d5388cd821013351ef5878cab82f694f52395

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7586935
x-envoy-upstream-service-time: 35
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd8618b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 55ms
47ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2150771
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6cd8718b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 57 KB
57 KB 38ms
38ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8c5141a45860f1cf10629c45600c1c98754d05e3254d586950d9ec0f060b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 9150179
x-envoy-upstream-service-time: 70
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f6dd8c18b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ 1 KB
2 KB 42ms
42ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 583972
x-envoy-upstream-service-time: 41
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc: h3=":443"; ma=86400
content-length: 1310
x-request-id: 42078363-7cd1-4609-9711-60f2b7886811
sepia-upstream: medium
server: cloudflare
etag: "qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231120-091327-e2dd1b4066
accept-ranges: bytes
cf-ray: 85bce9f6dae12be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 1*s7SJaF9dODo7rWqa2rFQ6Q.png
miro.medium.com/v2/resize:fill:88:88/ 6 KB
6 KB 43ms
42ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:88:88/1*s7SJaF9dODo7rWqa2rFQ6Q.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3177c0013737d38f7a9fc5f06b3e7ba3d6d7ea0d02406d8c5beb176d26b701ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 16538
x-envoy-upstream-service-time: 131
content-disposition: inline; filename="1*s7SJaF9dODo7rWqa2rFQ6Q.png"
alt-svc: h3=":443"; ma=86400
content-length: 5653
x-request-id: d08de12a-0782-4ea0-9b6c-22d8e9d65fbc
sepia-upstream: medium
server: cloudflare
etag: "9ivaNyhTKaKecaYmZr68Fn9V98S0df7YQu7TMR33mwc/RImIzYjQ4OTY4NWY1ZDM4M2EzYmFkNmE5YWRhYjE1MGU5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240212-082148-28c8d39d66
accept-ranges: bytes
cf-ray: 85bce9f6dae32be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 1*BQHNn2oiNTibaC4WR_g6Og.png
miro.medium.com/v2/resize:fit:720/format:webp/ 30 KB
31 KB 397ms
397ms Image
image/webp 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*BQHNn2oiNTibaC4WR_g6Og.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ab7ac83bcd33ceb7d185afd74ae7ca2ed078f2cd59348b4039273a3a76bd2cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 336
content-disposition: inline; filename="1*BQHNn2oiNTibaC4WR_g6Og.webp"
alt-svc: h3=":443"; ma=86400
content-length: 31014
x-request-id: 295a2d20-39b1-4127-b8ca-1b989992fc5d
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjA1MDFjZDlmNmEyMjM1Mzg5YjY4MmUxNjQ3ZjgzYTNhIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240212-082148-28c8d39d66
accept-ranges: bytes
cf-ray: 85bce9f6dae42be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 1*MRIrmdXEkj1mrVapjEcmgA.png
miro.medium.com/v2/resize:fit:720/format:webp/ 41 KB
41 KB 121ms
121ms Image
image/webp 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*MRIrmdXEkj1mrVapjEcmgA.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe1f70e93fd7a6333d47de906a4bf34010a0ba4a955eb53ad2b734d5232f0fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 1018
content-disposition: inline; filename="1*MRIrmdXEkj1mrVapjEcmgA.webp"
alt-svc: h3=":443"; ma=86400
content-length: 41764
x-request-id: 1d38a519-2d24-40fd-b8c8-14bf0d666515
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjMxMTIyYjk5ZDVjNDkyM2Q2NmFkNTZhOThjNDcyNjgwIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240212-082148-28c8d39d66
accept-ranges: bytes
cf-ray: 85bce9f6dae52be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 1*3YNT7e8H5-0hZ_abrjgQPA.png
miro.medium.com/v2/resize:fit:720/format:webp/ 29 KB
29 KB 154ms
154ms Image
image/webp 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*3YNT7e8H5-0hZ_abrjgQPA.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e19efb0c61761af984403c5db09907f5e81a5851e2054d9b8f4dacb87b7c83

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time: 557
content-disposition: inline; filename="1*3YNT7e8H5-0hZ_abrjgQPA.webp"
alt-svc: h3=":443"; ma=86400
content-length: 29322
x-request-id: fd4f1fbe-d430-405e-92ad-44b72bf08d7e
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RImRkODM1M2VkZWYwN2U3ZWQyMTY3ZjY5YmFlMzgxMDNjIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240212-082148-28c8d39d66
accept-ranges: bytes
cf-ray: 85bce9f6dae62be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 136ms
136ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.547286bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, clientele/main-20240226-230532-797fb80223
x-envoy-upstream-service-time: 10
cf-ray: 85bce9f938e03730-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 2230.c546f16c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 19ms
19ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2230.c546f16c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.f4827de3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: xWJf__tEGtfK6SYsYt3.b.Ctl1FYrL2e
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NWQA4V69B6R8CXEC
age: 594824
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YpocriCW8Y4fQGU/OIaMp0zZkBtCqHFtQKKf20MwZhFDFCTGB8/FCcpPV8nbpA1C7mqspJLXPUUThBby4hZxPtjI2TRsg3xy
last-modified: Thu, 19 Oct 2023 20:38:05 GMT
server: cloudflare
etag: W/"5b5ebdea4bda0086b419f1dc8ca91a75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f93ba92be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 140ms
140ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.547286bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, clientele/main-20240226-230532-797fb80223
x-envoy-upstream-service-time: 22
cf-ray: 85bce9f938e43730-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 GiveTipButton.7844a2d2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 20ms
20ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/GiveTipButton.7844a2d2.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.f4827de3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:22 GMT
x-amz-version-id: 5wxFaPBbZuXVEH4zg8t9Fz46CDAnJYq7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CJ62WD4Q898WG2EE
age: 598075
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IVrWCYWvwXUgDj1tmKZOMMZcJjtCthP1H7NnYiTCimppg9Qh9Ql3gbG9sRFoViGi7SUAprzsTug=
last-modified: Thu, 19 Oct 2023 20:38:24 GMT
server: cloudflare
etag: W/"c9d3c6b5a486ea6dcc919c927917cf19"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9f9abd22be9-FRA
expires: Wed, 26 Feb 2025 02:14:22 GMT

GET
H3 200 gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 18ms
18ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/gt-super-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2150770
x-envoy-upstream-service-time: 29
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9f9beac18b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 35ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9d12f0094bfbe430fa983cde126dc43c6da01bc061bbac5da4161cba857ea2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86424
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 02:14:23 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 74 KB
23 KB 36ms
6ms Script
text/javascript 108.138.26.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c44b0bbcf81f73997a5177fccd4a2216a94c0090f4761c8fda5e4438cc8fe9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: L2nOma9TH2IpdTlMoU0XJTIa8fDe60A3
content-encoding: gzip
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
date: Tue, 27 Feb 2024 02:12:25 GMT
last-modified: Thu, 15 Feb 2024 23:40:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 119
etag: "ee3f91be95d06966964c4dd5157fe1a3"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 23285
x-amz-cf-id: RSdMFLhDhMxD7TP6Y-TVdqtL8lBJyBJlDvGPkBsxzeZ-Ha3gC5X17w==

GET
H3 200 5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/da:true/resize:fit:0/ 300 KB
300 KB 19ms
19ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/da:true/resize:fit:0/5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 512539
x-envoy-upstream-service-time: 206
content-disposition: inline; filename="5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74.png"
alt-svc: h3=":443"; ma=86400
content-length: 306868
x-request-id: 055333f1-90c3-40cd-a8ed-a375113a7b0a
sepia-upstream: medium
server: cloudflare
etag: "_89iZTbMWFrDAXoszgLV1LA1pq4J7sBwEDXleeW4l1U/RIjIwZDEwN2Y4NjUyZGRjYWYzMDBkNGYxNjllNjMwODQ5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231127-173346-ccfb11c0ce
accept-ranges: bytes
cf-ray: 85bce9f9bbdb2be9-FRA
expires: Wed, 26 Feb 2025 02:14:23 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 129 B
497 B 201ms
201ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74dcd1d98cf17c2a6253e2257d1cd8db515d134217bf40f7669d94795e532f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 79
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"81-pvf3hXwZt/O9TQdBaWfiZkKI6XQ"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3
cf-ray: 85bce9fa39553730-FRA
x-request-received-at: 1709000063212

POST
H3 200 graphql Show response
labs.guard.io/_/ 80 B
475 B 144ms
143ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: AvatarMenuQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"50-uwdNQiS1cauYvMsRotgPVGuGSSE"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3
cf-ray: 85bce9fa39563730-FRA
x-request-received-at: 1709000063155

POST
H3 200 graphql Show response
labs.guard.io/_/ 807 B
797 B 181ms
181ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e772201fb8abbe814b9e1b7c30b3786e96df52b7c5723eff917bfc307a1f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"327-hjeqOIsVUABQjHET8oXJFxg35As"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3, tutu/main-20240226-215419-fc2c63cde3
cf-ray: 85bce9fa39573730-FRA
x-request-received-at: 1709000063156

POST
H3 200 graphql Show response
labs.guard.io/_/ 210 B
560 B 168ms
168ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e7a862db87ab983a78ec3e089e478f2ba25d55d9f238ea985bae9eabb908a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d2-cJE+3IOzKmiUdUOhA75yEbmX0EQ"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3, tutu/main-20240226-215419-fc2c63cde3
cf-ray: 85bce9fa39583730-FRA
x-request-received-at: 1709000063154

POST
H3 200 graphql Show response
labs.guard.io/_/ 23 KB
5 KB 449ms
446ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2dac8909b829e7876df5494ba8d2ee523047e8da6e05ec9df1602465fc6e09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: MoreFromMediumRecircQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 311
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"5c7a-OtNdF6eHtUIr77EvSWrDyD4hFYo"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3, tutu/main-20240226-152654-e982c79fee
cf-ray: 85bce9fa39593730-FRA
x-request-received-at: 1709000063175

POST
H3 200 graphql Show response
labs.guard.io/_/ 27 B
399 B 152ms
150ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: ViewerQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400
content-length: 27
x-xss-protection: 0
server: cloudflare
etag: W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3
cf-ray: 85bce9fa395a3730-FRA
x-request-received-at: 1709000063166

POST
H3 200 graphql Show response
labs.guard.io/_/ 96 B
512 B 167ms
165ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f421f5a630be185121c58a5e416c0a820e3a44149b5f367dd004aac8861f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"60-RpywbqJ43r8uJVoYYpIqPZjbCFE"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3, tutu/main-20240226-215419-fc2c63cde3
cf-ray: 85bce9fa395d3730-FRA
x-request-received-at: 1709000063163

GET
H2 200 _r Show response
app.link/ 91 B
629 B 204ms
160ms Script
text/javascript 2600:9000:2057:4a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.82.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

ec80a92e0d067b5609d8c00d1408f42a12194d36da74f60043532060ab1b6e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: FRA6-C1
etag: W/"5b-gQAy2tKeSEo/n2ScI5FtDxU6dYg"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: a4b34sfvTYE7qULcl7gFgAfE3a_aVD7hWiJYZUv8oaV5LBqwi1DFzQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JY7T788PK&gtm=45je42q0v9123887712za200&_p=1709000062994&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1315811230.1709000063&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709000063&sct=1&seg=0&dl=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&dt=%E2%80%9CSubdoMailing%E2%80%9D%20%E2%80%94%20Thousands%20of%20Hijacked%20Major-Brand%20Subdomains%20Found%20Bombarding%20Users%20With%20Millions%20of%20Malicious%20Emails%20%7C%20by%20Guardio%20%7C%20Feb%2C%202024%20%7C%20Medium&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1589
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 02:14:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://labs.guard.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5631.363b8e36.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5631.363b8e36.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.f4827de3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def45fa58f8bc78c17b10baae0d06f4663296ea201622a373458f4e4cfc5e0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
x-amz-version-id: N8qjUqjdrHWkGS7iagIHvvSrmiUvLNpd
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W1B6EPH7N71YJFK7
age: 591127
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: m9I2g01Zj8j65l7kTtL4SzoMGy9lO0RKU/gP1rBYxgK0ufIWpalxcD6Jv2onLLRpsM7/jotSu2g=
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"c9e0833239afe5dd8ae5c82f0c6c04fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85bce9faac1e2be9-FRA
expires: Wed, 26 Feb 2025 02:14:23 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 81 B
476 B 158ms
158ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"51-hbfNDSGVO0/XLJV9LgsKsOBLP4E"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3
cf-ray: 85bce9fac9863730-FRA
x-request-received-at: 1709000063247

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
690 B 404ms
311ms XHR
application/json 2600:9000:2491:9800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:9800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b544e13f0b6b4590eea9fbffdaf0b629672c0a0d0f0965aae6075afd8f0febf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: fd0586de-e827-4d9b-9d18-f8fa1eb0526d-2024022702
content-length: 316
x-amz-cf-id: sEakeETxd3nHRTBRfTKr04yMq04YaUNipJGtaLGw7ruo52p-62woFQ==

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 131ms
130ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.547286bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, clientele/main-20240226-230532-797fb80223
x-envoy-upstream-service-time: 14
cf-ray: 85bce9fc09f33730-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 rum Show response
labs.guard.io/cdn-cgi/ 0
139 B 9ms
9ms XHR
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://labs.guard.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85bce9fc09f43730-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 19ms
19ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2150683
x-envoy-upstream-service-time: 75
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9fdeff118b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:23 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 18ms
18ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7770541
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 85bce9fdeff218b5-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 26 Feb 2025 02:14:23 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 3 KB
825 B 298ms
298ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65df6c050c3013b56910c0d917653b2884cedce737b4e87823aaf8325045a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 62ce7300d690ffcc
medium-frontend-path: /subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
medium-frontend-app: lite/main-20240226-181048-210faa0661
apollographql-client-version: main-20240226-181048-210faa0661
ot-tracer-spanid: 1868d5e27c4200dd

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 170
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"c3a-UxpEZxPKlFwrjjttyfqd3v014fQ"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240226-230532-797fb80223, rito/main-20240226-214044-fc2c63cde3, tutu/main-20240226-215419-fc2c63cde3
cf-ray: 85bce9fe1ab13730-FRA
x-request-received-at: 1709000063773

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
435 B 183ms
183ms XHR
application/json 2600:9000:2491:9800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:9800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f2f624a747c248f8be6572f5c948a48a-2024022702
content-length: 28
x-amz-cf-id: RrFfWhTbksGycGGQu76a4iYcZlOxZMTV9j5ML9eDLzqFVP0EfXhtpw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
435 B 184ms
184ms XHR
application/json 2600:9000:2491:9800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:9800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Feb 2024 02:14:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: b242e78d044440699439625f78dbb23f-2024022702
content-length: 28
x-amz-cf-id: Zpbx657b8N7QhyAC27BwvKBW9rvQRq1Es3o-B_NB4VZSM0K2gOd3ew==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.com/	1970-01-21 04:19:20	Name: uid Value: lo_b15909710737
.medium.com/	1970-01-21 04:19:20	Name: sid Value: 1:bjrSGLGj+RxPtvyew43DYHhQyxkTiSLN0KAq7Y0aSDfLrttq1HG/NpR1/gqXMEOn
labs.guard.io/	1970-01-21 04:19:20	Name: uid Value: lo_b15909710737
labs.guard.io/	1970-01-21 04:19:20	Name: sid Value: 1:Yka54v9MD8GTxkboBGR9+vkRWW+vCp0lof91YKzp2vXzqkvgboQNiVJPTWAAvQ4S
labs.guard.io/	1970-01-20 18:43:20	Name: _dd_s Value: rum=0&expire=1709000962916
.guard.io/	1970-01-21 04:19:20	Name: _ga_7JY7T788PK Value: GS1.1.1709000063.1.0.1709000063.0.0.0
.guard.io/	1970-01-21 04:19:20	Name: _ga Value: GA1.1.1315811230.1709000063
.app.link/	1970-01-21 03:28:56	Name: _s Value: l9oZcGkchfujoEAJpyIe7XKUBZNii14f1AdRJGG6KR1sqSGTrXNeXa6zZj0f90Jh

90 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 41) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 70) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 70) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 70) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935?gi=f925eb25d2a9(Line 70) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935(Line 71) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935(Line 71) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935(Line 71) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935(Line 71) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
labs.guard.io
medium.com
miro.medium.com
region1.google-analytics.com
static.cloudflareinsights.com
www.googletagmanager.com
108.138.26.87
162.159.152.4
2001:4860:4802:34::36
2600:9000:2057:4a00:19:9934:6a80:93a1
2600:9000:2491:9800:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700::6810:3865
2a00:1450:4001:813::2008
06939d14a9a58529dff6dbd2e6483311d3aac1d75f9af43f97fe1e9c34193d16
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0ee2df72cdc4936863ec36571e34a5bd94d8c559d5ca23978f14442bcd882921
14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1d40ba6bcffd2d51735ad266bbcea130205c2560e34f60d204feed40bce804cb
25b283a69fdffec5aed19ca2a40b67f490744d4e28d1b41b14f78c7c3ca85304
2a10ce3fb90fcb582c498d4a08e72e4db9e11362a847dd0597f2f364d57c1215
3177c0013737d38f7a9fc5f06b3e7ba3d6d7ea0d02406d8c5beb176d26b701ab
36958875136eaa028381ba1b7c0169a46c0a3a80b12a2be773ec5e30479e3e87
37a92f6f729051d8f507d8e2102fb6ff65523e1cac9a02c5cf73f1503b446dfc
3df22782693c9af50722c8e68c3bd5f0f2248d53b79cd278c2f0953d7b9d4571
3dfdb6f5b4806f1c38df4fe8759a9de97db51013d581eab964f30e0168c63824
3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
41d0a019db396af240ae83cb32ade7911c98134c0025d060737432945d376ad6
46e758010f351793913ddca875cd4d6b107e4fe8b263b352c1da5b2f3d151021
4e8c5141a45860f1cf10629c45600c1c98754d05e3254d586950d9ec0f060b14
5e45ce783ff6f2159c09545f4a3a53cfd8aa6588e53ab2e3dc894b69048128e3
5e7a862db87ab983a78ec3e089e478f2ba25d55d9f238ea985bae9eabb908a42
5f6846ab4a02e8b678dbaf57c1a0e0f113b67c1c9971e1bf92fc4715b4c52fa6
5fe1f70e93fd7a6333d47de906a4bf34010a0ba4a955eb53ad2b734d5232f0fc
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6371dbf8600466f6a05a06c3372f54b5df5ea4ce7e2145571a7f72886d61d879
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
6872b27c767b3b294f8efd2631092d6f91b2c784b277ed0809ae00aaedb19b6c
6ab7ac83bcd33ceb7d185afd74ae7ca2ed078f2cd59348b4039273a3a76bd2cc
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
74dcd1d98cf17c2a6253e2257d1cd8db515d134217bf40f7669d94795e532f30
76c05236a4fb84e6508b49781849e0d5f1fe2c5af9f8cc4132e1a92d848c5204
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
88f421f5a630be185121c58a5e416c0a820e3a44149b5f367dd004aac8861f30
8bf68d21ee2fb4d8aea0b355db9cf2cfd21d240b04fb8c9a182194a1b6f9c40a
8d3e598ba737be043c5d785d54f858660c4dd4d22805b22a550876b017830f6b
91e772201fb8abbe814b9e1b7c30b3786e96df52b7c5723eff917bfc307a1f7e
93efcb5760c80b2b05a06369f841dec8894aec84f393f473d4a98c97d753637c
93f3b2fbf4e745fc89d6e52e43626a7a38b6071edc96ccdd501679464727deb3
9d4cacc612c452bdcc10a085e37f00f77d8863cb1e8fe669ca02c1156f2cb712
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
9ee9c955374d5d86d091dae6e36d5388cd821013351ef5878cab82f694f52395
a13833533c830de737dc8b245fa9f45199dcef87c1bd0172b63d9da0e9fea577
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d
ade6273bd485e3fe853219534880d83799ea2b75d1db214efc7a0255a527deda
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b39602c4951ecb841fb70f050e4f7d8d816f7b286e50305a8e296c287d42e986
b544e13f0b6b4590eea9fbffdaf0b629672c0a0d0f0965aae6075afd8f0febf0
b9d12f0094bfbe430fa983cde126dc43c6da01bc061bbac5da4161cba857ea2f
c44b0bbcf81f73997a5177fccd4a2216a94c0090f4761c8fda5e4438cc8fe9e2
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
cb93480eb7de3be60da5eb1a8a87d0880d9f6f4ec937da8ef3673d8defca5566
cc789bb90c19fa508640c725b99591c293233d366f42a67c93614bb65a7caa4a
cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
d9b305a685b754704bf56f1c8f95bf1b787bc2d46a100573dbd6d8f7fb6253b6
dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0
def45fa58f8bc78c17b10baae0d06f4663296ea201622a373458f4e4cfc5e0d3
e29d7abb733d36df6535f18e5a92499f0b99fcdbfbf437ccf0804ea4d6e7068a
e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991
e2dac8909b829e7876df5494ba8d2ee523047e8da6e05ec9df1602465fc6e09d
e365238b8f3b49688bb6f1344496c0e25a3ebe4302c859856e937f18f403d6a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65df6c050c3013b56910c0d917653b2884cedce737b4e87823aaf8325045a58
e6e19efb0c61761af984403c5db09907f5e81a5851e2054d9b8f4dacb87b7c83
ec80a92e0d067b5609d8c00d1408f42a12194d36da74f60043532060ab1b6e9b
ed871cdd5c0d8def9f024a161b7b8e8cef778a47955c05a27fbdcf023b9fa4b1
f5da9fed8945149320a2d1df9bee9253ac600175e390d0fb828b94e79fca1f58
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
f9576b1c20103cdeaad8043a06a612ebb0ccf498b410eb1784021d44240d54ec
fdd07e6dfe1b3b06e631fd76b882dc0d991490f743ecb96d8c7d347a401abb47

labs.guard.io Open in urlscan Pro 162.159.152.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

75 %IPv6

7 Domains

11 Subdomains

8 IPs

3 Countries

1501 kBTransfer

3638 kBSize

8 Cookies

83 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

labs.guard.io Open in urlscan Pro
162.159.152.4 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1501 kB
Transfer

3638 kB
Size

8
Cookies

79 HTTP transactions
0 data transactions