labs.guard.io Open in urlscan Pro
162.159.153.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5a...
Effective URL:
https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5a...
Submission: On March 28 via api (March 28th 2024, 2:11:49 am UTC) from TR — Scanned from DE

Summary HTTP 81 Redirects Links 86 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 81 HTTP transactions. The main IP is 162.159.153.4, located in and belongs to CLOUDFLARENET, US. The main domain is labs.guard.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 14th 2023. Valid for: a year.

This is the only time labs.guard.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	162.159.153.4 162.159.153.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 38	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.26.116 108.138.26.116	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:e000:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:d000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
81	8

37 162.159.153.4 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

labs.guard.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-116.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:e000:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:d000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 10860 glyph.medium.com — Cisco Umbrella Rank: 21012 cdn-client.medium.com — Cisco Umbrella Rank: 21874 miro.medium.com — Cisco Umbrella Rank: 14690	1 MB
18	guard.io 1 redirects labs.guard.io	54 KB
4	branch.io cdn.branch.io — Cisco Umbrella Rank: 1112 api2.branch.io — Cisco Umbrella Rank: 1134	25 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2042	252 B
1	app.link app.link — Cisco Umbrella Rank: 2422	630 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	90 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 813	7 KB
81	7

	Domain	Requested by
37	cdn-client.medium.com	labs.guard.io cdn-client.medium.com
18	labs.guard.io	1 redirects cdn-client.medium.com
14	glyph.medium.com	glyph.medium.com
5	miro.medium.com	labs.guard.io
3	api2.branch.io	cdn-client.medium.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.link	cdn.branch.io
1	cdn.branch.io	labs.guard.io
1	www.googletagmanager.com	cdn-client.medium.com
1	static.cloudflareinsights.com	labs.guard.io
1	medium.com	1 redirects
81	11

This site contains links to these domains. Also see Links.

Domain
rsci.app.link
medium.com
www.linkedin.com
www.guard.io
bing.com
microsoft.com
msrc.microsoft.com
www.cve.org
source.chromium.org
github.com
guard.io
vivek-ghinaiya.medium.com
blog.stackademic.com
justincox.medium.com
khaledyassen.medium.com
infosecwriteups.com
help.medium.com
medium.statuspage.io
blog.medium.com
policy.medium.com
speechify.com

Subject Issuer	Validity	Valid
labs.guard.io Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2024-02-16` - `2024-12-31`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-09-11` - `2024-10-09`	a year	crt.sh
appipv4.link Amazon RSA 2048 M03	`2024-03-25` - `2025-04-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
Frame ID: 10419BC2468D70CCDE2E62E84DBC04A5
Requests: 81 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation | by Guardio | Mar, 2024 | Medium

Page URL History Show full URLs

https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-... HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388... HTTP 307
https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

81
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1439 kB
Transfer

3547 kB
Size

8
Cookies

86 Outgoing links

These are links going to different origins than the main page.

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F879fe5ad35ca&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderUser&source=---two_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign up

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---two_column_layout_nav-----------------------new_post_topnav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F6a038e71ff0f&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&user=Guardio&userId=6a038e71ff0f&source=post_page-6a038e71ff0f----879fe5ad35ca---------------------post_header-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F879fe5ad35ca&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&user=Guardio&userId=6a038e71ff0f&source=-----879fe5ad35ca---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F879fe5ad35ca&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&source=-----879fe5ad35ca---------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D879fe5ad35ca&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&source=-----879fe5ad35ca---------------------post_audio_button-----------
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/oleg-zaytsev-rd/
Title: Oleg Zaytsev

Search URL Search Domain Scan URL

URL: http://www.guard.io/
Title: Guardio Labs

Search URL Search Domain Scan URL

URL: https://www.guard.io/
Title: Guardio Labs

Search URL Search Domain Scan URL

URL: http://bing.com/
Title: bing.com

Search URL Search Domain Scan URL

URL: http://microsoft.com/
Title: microsoft.com

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21388
Title: security patch

Search URL Search Domain Scan URL

URL: https://www.cve.org/CVERecord?id=CVE-2024-21388
Title: CVE

Search URL Search Domain Scan URL

URL: https://source.chromium.org/chromium/chromium/src/+/main:chrome/common/extensions/api/_api_features.json
Title: Chromium open-source project

Search URL Search Domain Scan URL

URL: https://source.chromium.org/chromium/chromium/src/+/main:chrome/common/extensions/api/_features.md
Title: various contexts

Search URL Search Domain Scan URL

URL: https://github.com/myfreeer/chrome-pak-customizer
Title: chrome-pak-customizer

Search URL Search Domain Scan URL

URL: https://guard.io/
Title: Guardio

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&source=---post_footer_upsell--879fe5ad35ca---------------------lo_non_moc_upsell-----------
Title: Sign up for free

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fplans&source=---post_footer_upsell--879fe5ad35ca---------------------lo_non_moc_upsell-----------
Title: Try for $5/month

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----879fe5ad35ca---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/tag/exploitation?source=post_page-----879fe5ad35ca---------------exploitation-----------------
Title: Exploitation

Search URL Search Domain Scan URL

URL: https://medium.com/tag/vulnerability?source=post_page-----879fe5ad35ca---------------vulnerability-----------------
Title: Vulnerability

Search URL Search Domain Scan URL

URL: https://medium.com/tag/browsers?source=post_page-----879fe5ad35ca---------------browsers-----------------
Title: Browsers

Search URL Search Domain Scan URL

URL: https://medium.com/tag/browser-extension?source=post_page-----879fe5ad35ca---------------browser_extension-----------------
Title: Browser Extension

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Ff776b280f31b&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&newsletterV3=6a038e71ff0f&newsletterV3Id=f776b280f31b&user=Guardio&userId=6a038e71ff0f&source=-----879fe5ad35ca---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fa5e5fb892935&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&user=Guardio&userId=6a038e71ff0f&source=-----a5e5fb892935----0-----------------clap_footer----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa5e5fb892935&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fsubdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935&source=-----879fe5ad35ca----0-----------------bookmark_preview----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fa2225e51898e&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fscammers-paradise-exploring-telegrams-dark-markets-breeding-ground-for-modern-phishing-a2225e51898e&user=Guardio&userId=6a038e71ff0f&source=-----a2225e51898e----1-----------------clap_footer----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa2225e51898e&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fscammers-paradise-exploring-telegrams-dark-markets-breeding-ground-for-modern-phishing-a2225e51898e&source=-----879fe5ad35ca----1-----------------bookmark_preview----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F32024ad4b5fa&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fphishforce-vulnerability-uncovered-in-salesforces-email-services-exploited-for-phishing-32024ad4b5fa&user=Guardio&userId=6a038e71ff0f&source=-----32024ad4b5fa----2-----------------clap_footer----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F32024ad4b5fa&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fphishforce-vulnerability-uncovered-in-salesforces-email-services-exploited-for-phishing-32024ad4b5fa&source=-----879fe5ad35ca----2-----------------bookmark_preview----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F3182cfb12f4d&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fmrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d&user=Guardio&userId=6a038e71ff0f&source=-----3182cfb12f4d----3-----------------clap_footer----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F3182cfb12f4d&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fmrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d&source=-----879fe5ad35ca----3-----------------bookmark_preview----b5aedef4_4045_467f_aa07_1bef7950c458-------

Search URL Search Domain Scan URL

URL: https://vivek-ghinaiya.medium.com/?source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://blog.stackademic.com/?source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: Stackademic

Search URL Search Domain Scan URL

URL: https://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: Hunting JavaScript File for Bug HuntersHello Everyone,

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fstackademic%2Fe8b278a1306a&operation=register&redirect=https%3A%2F%2Fblog.stackademic.com%2Fhunting-javascript-file-for-bug-hunters-e8b278a1306a&user=Vivek+Ghinaiya&userId=1b50caf9038f&source=-----e8b278a1306a----0-----------------clap_footer----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: 3

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fe8b278a1306a&operation=register&redirect=https%3A%2F%2Fblog.stackademic.com%2Fhunting-javascript-file-for-bug-hunters-e8b278a1306a&source=-----879fe5ad35ca----0-----------------bookmark_preview----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@hacktheplanet?source=read_next_recirc-----879fe5ad35ca----1---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=read_next_recirc-----879fe5ad35ca----1---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: Bug Bounty Platforms are a Scam [Mostly]I know the title of this blog post may sound vitriolic or even bombastic. However, I do feel that it’s justified — stick with me for a few…

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fea53fe54c53d&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40hacktheplanet%2Fbug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d&user=HackthePlanet&userId=4f1513a9e0f7&source=-----ea53fe54c53d----1-----------------clap_footer----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----879fe5ad35ca----1---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: 16

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fea53fe54c53d&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40hacktheplanet%2Fbug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d&source=-----879fe5ad35ca----1-----------------bookmark_preview----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@wearedelicious/list/tech-tools-541154dfb3ae?source=read_next_recirc-----879fe5ad35ca--------------------------------
Title: Tech & Tools16 stories·190 saves

Search URL Search Domain Scan URL

URL: https://justincox.medium.com/list/best-of-the-writing-cooperative-9fe477bf6581?source=read_next_recirc-----879fe5ad35ca--------------------------------
Title: Best of The Writing Cooperative67 stories·245 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumStaff/list/mediums-huge-list-of-publications-accepting-submissions-7c0ec8037e61?source=read_next_recirc-----879fe5ad35ca--------------------------------
Title: Medium's Huge List of Publications Accepting Submissions281 stories·2298 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumStaff/list/staff-picks-c7bc6e1ee00f?source=read_next_recirc-----879fe5ad35ca--------------------------------
Title: Staff Picks607 stories·861 saves

Search URL Search Domain Scan URL

URL: https://khaledyassen.medium.com/?source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://infosecwriteups.com/?source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: InfoSec Write-ups

Search URL Search Domain Scan URL

URL: https://khaledyassen.medium.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: How I Found Multiple XSS Vulnerabilities Using Unknown TechniquesHello, everyone. I hope you are well.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fbugbountywriteup%2F74f8e705ea0d&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fhow-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d&user=Khaledyassen&userId=180ba8c4ad77&source=-----74f8e705ea0d----0-----------------clap_footer----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://khaledyassen.medium.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----879fe5ad35ca----0---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: 19

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F74f8e705ea0d&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fhow-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d&source=-----879fe5ad35ca----0-----------------bookmark_preview----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@hncaga?source=read_next_recirc-----879fe5ad35ca----1---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=read_next_recirc-----879fe5ad35ca----1---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame RecognitionIntroduction:

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F694a9c18684a&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40hncaga%2Fhacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a&user=Henry+N.+Caga+%28hncaga%29&userId=63389f75e1a6&source=-----694a9c18684a----1-----------------clap_footer----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----879fe5ad35ca----1---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: 4

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F694a9c18684a&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40hncaga%2Fhacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a&source=-----879fe5ad35ca----1-----------------bookmark_preview----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@0xSnowmn?source=read_next_recirc-----879fe5ad35ca----2---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=read_next_recirc-----879fe5ad35ca----2---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: 0 Click Account Takeover Via reset password weird behaviorاللهم صلي على محمد

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F026846e5f850&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%400xSnowmn%2F0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850&user=Snow+Mars&userId=9f950ddad68b&source=-----026846e5f850----2-----------------clap_footer----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----879fe5ad35ca----2---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: 6

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F026846e5f850&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%400xSnowmn%2F0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850&source=-----879fe5ad35ca----2-----------------bookmark_preview----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@HX007?source=read_next_recirc-----879fe5ad35ca----3---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=read_next_recirc-----879fe5ad35ca----3---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: Subdomain Fuzzing worth 35k bounty!

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2Fdaebcb56d9bc&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40HX007%2Fsubdomain-fuzzing-worth-35k-bounty-daebcb56d9bc&user=HX007&userId=ba7a2fdc9474&source=-----daebcb56d9bc----3-----------------clap_footer----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?responsesOpen=true&sortBy=REVERSE_CHRON&source=read_next_recirc-----879fe5ad35ca----3---------------------cad65aa2_58ab_44a6_9841_47eab1b7aef3-------
Title: 12

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fdaebcb56d9bc&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40HX007%2Fsubdomain-fuzzing-worth-35k-bounty-daebcb56d9bc&source=-----879fe5ad35ca----3-----------------bookmark_preview----cad65aa2_58ab_44a6_9841_47eab1b7aef3-------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----879fe5ad35ca--------------------------------
Title: See more recommendations

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----879fe5ad35ca--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=post_page-----879fe5ad35ca--------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----879fe5ad35ca--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=post_page-----879fe5ad35ca--------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=post_page-----879fe5ad35ca--------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----879fe5ad35ca--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----879fe5ad35ca--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://speechify.com/medium?source=post_page-----879fe5ad35ca--------------------------------
Title: Text to speech

Search URL Search Domain Scan URL

URL: https://medium.com/business?source=post_page-----879fe5ad35ca--------------------------------
Title: Teams

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca HTTP 307
https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Show response
labs.guard.io/
Redirect Chain

https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

185 KB
43 KB

578ms
577ms

Document
text/html

162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc6fdfbd3f509ad2b55eac98b2c8946300b82d4cf1688dc5ea67b5fa1fd34e01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86b4173dcac058d8-TXL
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 02:11:40 GMT
link: <https://glyph.medium.com/css/unbound.css>; as="style"; rel="preload"
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, lite/main-20240327-151902-28121bf5d1, rito/main-20240327-151902-28121bf5d1, tutu/main-20240327-095217-349170df74
medium-missing-time: 213
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 341
x-request-received-at: 1711591899922

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86b4173ca815915e-FRA
content-length: 0
content-type: text/plain;charset=UTF-8
date: Thu, 28 Mar 2024 02:11:39 GMT
location: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 20

GET
H2 200 unbound.css
glyph.medium.com/css/ 19 KB
1 KB 52ms
50ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1911
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417417a3590fa-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 28 Mar 2024 04:11:40 GMT

GET
H2 200 manifest.aa3177a7.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 107ms
94ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.aa3177a7.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

149845ad1ce2088a71d4019979c6b4192d8a77d5e310f6f3b7411c72225637b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: MQCKgocczUR.jB5uxgn3JSJ8sNe2iaCS
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QAAV46YKNYBKND24
age: 107381
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eFHmEEio6WGCzwd6iP+DG5H7HJTDqW/64offPLCnddqUrb8cN7cjfqHyCezS/XWeGd298uhvmaQ=
last-modified: Tue, 26 Mar 2024 17:36:49 GMT
server: cloudflare
etag: W/"228464d6d00853ca8d61e70b8a5f565f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6990fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 3057.5e22bbb0.js Show response
cdn-client.medium.com/lite/static/js/ 659 KB
207 KB 129ms
117ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d4cacc612c452bdcc10a085e37f00f77d8863cb1e8fe669ca02c1156f2cb712

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: 8U1kFgMJlUNmH8qkZNp1xniyDYQNS3lm
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZGDCJN5V5GJC38XJ
age: 422379
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VSmYt5YKd8NCsoN1Fgbgor/JlUVlolvqmSvep6GIb2wExVldM64YEShk74SP/0otxz1PwJyfbpI=
last-modified: Thu, 19 Oct 2023 20:38:07 GMT
server: cloudflare
etag: W/"5cf73b47b8f9468e48683b2d39073bf2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6790fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 main.e3408074.js Show response
cdn-client.medium.com/lite/static/js/ 768 KB
182 KB 128ms
116ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.e3408074.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e83c8c5a1bd848dbca2b2d3094e5df3a68eed3a86ab76409ce9024190f1c3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: eRA4BYDTUF0SXsMmvPisPRn5MrvAMGL9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QAAJ8C6ZX3CRM3MT
age: 107381
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GTD6kK9r+a1xqGBfcgC+8I/ZNrgfRoxsm0eajwBxKIGoUKEmr4Etj+mgIyrli59p6bjsjEy1qJw=
last-modified: Tue, 26 Mar 2024 20:06:23 GMT
server: cloudflare
etag: W/"5d2c30c9a06b7bbd1cc1360d61580f71"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6590fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 instrumentation.5e7f2981.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 126ms
115ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.5e7f2981.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46fe37d3a946ad84252e7b64ef3f4122a9cd989d042254306a67d0cca0ec7c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: VW4YdUyNXKIuV1mxsX3KJaGiCWs0FD62
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: D67BMZHANDGN20DG
age: 34134
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9JcZEnCANevjS5Az9wyUegkCAMYU+4wBfzjgP5JTArOpBbvtTKBeNNUiU7Fsf3ep2gd1sR3pDlU=
last-modified: Mon, 11 Mar 2024 11:06:28 GMT
server: cloudflare
etag: W/"519b9357b2806447252d9bfb550afb7e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6890fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 reporting.2021fe63.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
906 B 126ms
115ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.2021fe63.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: EAFtMMjOBNpoIMOAp_mjLfH0fLlmjqvd
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GV4RFK8T778MPWRB
age: 29492
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5O9oMi95fSwEDWCCoW/zAbpOECZr9PABcx2Hl854ytyXkFtFOiINgxMvNUEYKVN/c30Ona2aU9I=
last-modified: Fri, 23 Jun 2023 16:13:42 GMT
server: cloudflare
etag: W/"4f45b39c86a2eb9ca7068099b34d3af6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6490fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 4398.db4d4378.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 127ms
116ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4398.db4d4378.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25b283a69fdffec5aed19ca2a40b67f490744d4e28d1b41b14f78c7c3ca85304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: nD1Ekxpw41hmPZGu8aCR69Fn6l56BS19
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 710GYJMZMX9T7NGZ
age: 34133
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sjqpdMVqjBfESWRs5xhG/mIWiF7BOMIkvwN/mtgjm/eW0hArhYoO6C+eqOMXw5Mx3WX33F6rPgg=
last-modified: Wed, 10 Jan 2024 23:43:40 GMT
server: cloudflare
etag: W/"2a9a8cc3a5c7456e93ac9fd0734d8562"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6390fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 7883.0e445e04.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
10 KB 127ms
116ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7883.0e445e04.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e45ce783ff6f2159c09545f4a3a53cfd8aa6588e53ab2e3dc894b69048128e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: Xo3CN7D2L9evtWunaTa_wVLneZe0Q4Yq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8KYM4MHTQKDCMD9W
age: 343879
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fNZkOgaWJrlpH87uGAnN1GiWmY4r91pQ73zYpJWJeXH9JNggIbCrlNcDD1CLQdZ0wr9pFg8HI5M=
last-modified: Mon, 05 Feb 2024 14:32:27 GMT
server: cloudflare
etag: W/"ff460fdd31cf043a5b0c5480db3156c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6c90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 6733.1d85727b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
5 KB 128ms
117ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6733.1d85727b.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d3e598ba737be043c5d785d54f858660c4dd4d22805b22a550876b017830f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: 2fJFQUTf2u12vcW9GWlwyqCzuRzGu243
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Z11FF91V4M2BCFBZ
age: 38324
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9ziG9CVVIZyQdzZY1xMarTk3Ku1fSXjirMiZpLCOMrTv+fVjKCdj96icu4JPL2y+6Zf63XHreak=
last-modified: Thu, 19 Oct 2023 20:38:12 GMT
server: cloudflare
etag: W/"637f2748bb252f63c1746748e78f94ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6e90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 4711.043615ac.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 125ms
114ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4711.043615ac.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36958875136eaa028381ba1b7c0169a46c0a3a80b12a2be773ec5e30479e3e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: qnKQzk0b9urC.8imJsDQEceRC7r1d.6v
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Z61N02GG08QYGQQG
age: 24636
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TDzbgSsTQzWgXfPlSZ0VwVui8lCvcFiGQ8xRjvdtZuQYxaivYa5JC3NI/c1sA7BJ0zWkwTff7AIFSGOaGC6AGwbcYORYmGAbj7M++aatLqo=
last-modified: Thu, 19 Oct 2023 20:38:09 GMT
server: cloudflare
etag: W/"fa8866965099e179b25da758eb62a2da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6b90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 8695.9065ba3d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 126ms
115ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8695.9065ba3d.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd07e6dfe1b3b06e631fd76b882dc0d991490f743ecb96d8c7d347a401abb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: PoVfd4I0l3fwucjKH2.q5JIL4OE__rj9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1AY36N08HT2W4N9C
age: 6886
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ofL846FaW3WHPOcK0BbXo1j2QIdgc9sQUdfdTSPafEqAIsQaigJ1g/J795zqB4vRv3lAsttMJpDjuA+z8xvyYKuuRVz+TNVDjSHugKGbOlA=
last-modified: Fri, 23 Feb 2024 16:04:19 GMT
server: cloudflare
etag: W/"da903c2586fa559f0b9b307164c98403"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5f90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 4341.e697d2a1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 41 KB
10 KB 124ms
114ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4341.e697d2a1.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a13833533c830de737dc8b245fa9f45199dcef87c1bd0172b63d9da0e9fea577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: ePN3RSeIvvXVZ7Qe4JusRtAdJHrk_Rrl
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: WQ7SZ0FXVS9N7A2P
age: 24636
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lEiIihPR9DZ4pXBabZH4hZKoq4+MfEGjcVnI26Jr5WpxBikue9PoRJhn7jX8wGIDVVVNy5p2sUDfKy1EAbb85gfJIkmsRc+mSo5KBiCkoog=
last-modified: Mon, 12 Feb 2024 20:37:53 GMT
server: cloudflare
etag: W/"1fb8c1985abfbffe9d85fedbfe4c56e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6090fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 5971.c8339d3b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
6 KB 100ms
90ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5971.c8339d3b.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0a325be88b972585013651fda18724a2ff7469f00d0f6f4b53df397d6524b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: 9xT.k4EToFvLChIzt.__M4euWjGiADkT
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2DKR7R1N3HJ9DWZF
age: 724159
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b4UYdI+Qr5Ueb5QDGqU9F7+mduQQAoqfdmoE/O/hYwdFBXC63RrPDHhlQj9Br9I83U6nmJ7WnJw=
last-modified: Tue, 19 Mar 2024 16:48:04 GMT
server: cloudflare
etag: W/"d3d3819de10e10439898ca3d243d8db4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5e90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 5203.e7a22052.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 17 KB
4 KB 105ms
96ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5203.e7a22052.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e758010f351793913ddca875cd4d6b107e4fe8b263b352c1da5b2f3d151021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: sYZi_T_vovpyjHR0HCCODg8UWAAlZCKC
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 63N071EFB80F3Q3N
age: 34131
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wsIMol361SwpzhL62NU6gVciEWAS1hyAcb0XagIZ8uNUusU9DHZFnHE9w7Fd8TOqqZ/GL2CPMcU=
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"4b2a2b012f01bcd5a7880043af3823bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5d90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 7222.a06e9442.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 28 KB
7 KB 108ms
98ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7222.a06e9442.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ccb39eaeff90e53846e38ceae9b69357c7bad82102e48585b94b70f28f6bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: YSpyDxR8ulg0CqTvsNB08zwb6h.5rUt5
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2DKZYWTX8B4M9ST2
age: 724159
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IWBv7KYi9AlI3e0zL6w3d0FRRJRffcDBlG+b6SDro1PNt+qkUZWlAUMPs+wkyOeIbGXbwCyXCNbmBVGEwoKZgQ==
last-modified: Tue, 19 Mar 2024 16:48:05 GMT
server: cloudflare
etag: W/"502f2bdaf8f5eecb393f116171366b5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5a90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 6487.09cd8beb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 68 KB
17 KB 126ms
117ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6487.09cd8beb.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd7a7e2100b68ef9839698909824aacc4d5fc541699a5d5465ce344c6ab811f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: yqgp4qbXHwpI_PPN3HWERNCZEXziy7lj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2N2A09TS1SDCTTVB
age: 556126
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eyIXQn77shnpTsY39UdhFFLmw9lzorU9Aw9v/5hG1O7E/p9UapOL+6tXkHS7kM4tCNdNeVTGpUQ=
last-modified: Thu, 21 Mar 2024 15:24:39 GMT
server: cloudflare
etag: W/"7bdc16bd082ec98ee4f78c997479c9ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5c90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 5459.7b1218fd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
9 KB 124ms
115ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5459.7b1218fd.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

151e5dfb2adce763505535daa8b90bddb7b5a5672db0c19686e811af27a6cbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: 9N.HyQ.Plye9vNfPMnuHDXV6zIYM9Xbn
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AH4BQCXPS07ZAMQ4
age: 476936
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7yLjEoYM9MhNcvYBIFFr1cZUkRZX+uVHU+gmS6TK/Qj8kooRCAjy+WcWInTohD7Sm7+GZ7Xfkbw=
last-modified: Thu, 07 Mar 2024 18:57:38 GMT
server: cloudflare
etag: W/"58e9c50934415ddfb113d67e8875862a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5b90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 6804.2cda7ee2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
3 KB 124ms
116ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6804.2cda7ee2.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f6846ab4a02e8b678dbaf57c1a0e0f113b67c1c9971e1bf92fc4715b4c52fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: QZdjipCna6Z_yJngz6EOjihwQqejuAzP
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F670C9M6XSX7GV51
age: 38320
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 91V9eBGI53WzlLvEz7qfaATBv75bBzuajVW7qhcskiBi7mq6WiX0d2Y//CZclyHfQuBNnsLhdhO+iKDcHkT84P4Ep9Ep7ej06CQm2s+wbOA=
last-modified: Wed, 21 Feb 2024 21:44:27 GMT
server: cloudflare
etag: W/"0b538753d87377f783847b0976df0390"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5990fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 1711.b70f1a35.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
6 KB 124ms
115ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1711.b70f1a35.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93efcb5760c80b2b05a06369f841dec8894aec84f393f473d4a98c97d753637c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: an7lZshTbeizT4YvZ.H_UfpGSLFLVp6K
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J178EJGERS581XHJ
age: 29497
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1I0RZFqis3VUg39l18/zzES9x70K/pwfl3YWM9quPJZkzqvAzZXymSFOZhptZBXkE89qOgs7zSg=
last-modified: Tue, 12 Dec 2023 20:16:53 GMT
server: cloudflare
etag: W/"be9a7f1d16e66912ad5aca0b77f43879"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5790fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 7652.f5b06845.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 102ms
93ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7652.f5b06845.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86271c093b0257f9d53dc5e215a090d8091cf484e4a3266c0a049a7220c5aac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: uDWos8RRVl.a3BNQ5d9WFIhDfiaC0xIM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7BE6KW8BMERVZ4XG
age: 34131
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ryl/U4lcNwLaBdOPC2f6LyJwW0enei+pRzSfMLpnMxu7Z5Zgfyy/7OOyK3jjtpKlwoDrW0bMT9M=
last-modified: Fri, 01 Mar 2024 20:34:52 GMT
server: cloudflare
etag: W/"3eafe0aa330d430ff4cf875629790633"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5890fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 2462.0589a8d7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 123ms
115ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2462.0589a8d7.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2d9e98ed3ad1802ecfcb1d3912ebbc1666f333f92ce1d11b21c56db24570c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: WPjuR.n_E4IKJAPYTH0oscJIKN_KmPHx
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AH4156VKF9W2DNKZ
age: 476936
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5ZuQ+Xu5ioAUHezktl86zkAJgVE/+Ni26W5RwMfqOuwKdOvkVpZ+WVGpTc9n3mrb1xYKAbZ1EA8=
last-modified: Thu, 14 Mar 2024 01:36:46 GMT
server: cloudflare
etag: W/"da5d84b6cf9da78652bca2f043679aa9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5690fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 9174.24f568ee.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 107 KB
27 KB 68ms
60ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9174.24f568ee.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39602c4951ecb841fb70f050e4f7d8d816f7b286e50305a8e296c287d42e986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: WjLEyYRWgbUyH7UQcFalI9HiYfhdVUXQ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8KYX4ZZRN4R9CB4C
age: 422379
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vMvf8jHP3o6VfCUQJXgVR8jl0x1yqM9TFQso2V4eoC3ETO5MS5sb5sQWpwM8K3g1JPP31fQahqQ=
last-modified: Tue, 20 Feb 2024 18:37:15 GMT
server: cloudflare
etag: W/"4c3d585afe79410fa16c87d8447031d4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a4590fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 1128.cb861fd1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 27 KB
7 KB 121ms
114ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1128.cb861fd1.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f5d488deaa7df4041514937ac1683711b5ca1ef255639d2bd5c6d2a7f1c78d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: Cn479qlMhpdnE3hK15k2UOo102zgsuZo
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HDEMV7MAKWM2YYAW
age: 473133
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8UUvaX6v0S2kqY+fG0oJ2OTRLOjwtwapozeX7xh0AlO68d5ckaLHdjKOcfA4oXFrdyLFFyVSVQk=
last-modified: Fri, 22 Mar 2024 14:09:34 GMT
server: cloudflare
etag: W/"80f3474ca668b06f6f59d9e78101d1b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca5590fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 4129.ee8ae2c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 65ms
57ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4129.ee8ae2c8.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a92f6f729051d8f507d8e2102fb6ff65523e1cac9a02c5cf73f1503b446dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: GKCEAjCz9C3rq4gDy5D41ahGcAUvJYws
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PWDNCQK4WMBE7F1Z
age: 34131
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EcQAKMs6t5o+is4/7NZilCOlxaa/HHYHbpIpqEm0M/wymTarspYDrwL0NBGJI//WFGJZTvz4H24=
last-modified: Tue, 31 Oct 2023 13:31:10 GMT
server: cloudflare
etag: W/"c63ba7334aaaa7c433116323b85dddd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a4390fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 8580.feeb2549.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
2 KB 60ms
53ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8580.feeb2549.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: zzAbVdzU1EHaoBWemZXYawSAaPKOliQq
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: H640F1WX2K4HNYP3
age: 24636
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6kqWjlzUNxp0sNBltN3k/Was3r31eGSvCH6F3MIJtBJ7/oQ5ovbwgM2P0m30W7PjWMMtbtF1ShWEc46p0E8njw==
last-modified: Thu, 19 Oct 2023 20:38:14 GMT
server: cloudflare
etag: W/"807d78fe3a15361dfb7d56b056c4ff12"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a4290fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 8883.c8b03d13.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
10 KB 66ms
59ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8883.c8b03d13.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6371dbf8600466f6a05a06c3372f54b5df5ea4ce7e2145571a7f72886d61d879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: rqCBYLKOv.8NNDtk1ZWJs0i2M.e6fYOU
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: A5KCZS907K5DFF0J
age: 29494
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RJVkotYaB2FyGbXmgxrtRavmwdovW3HtDFYuf8SuY2B9bmi1SXDVFFKcTWrxzS7KCiXxKz6mLCs=
last-modified: Wed, 01 Nov 2023 19:54:54 GMT
server: cloudflare
etag: W/"db9f4f034f186af2c5d3eb5b06d84be1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a4190fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 4078.da7800a7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 61ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4078.da7800a7.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e365238b8f3b49688bb6f1344496c0e25a3ebe4302c859856e937f18f403d6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: rrQLGST4J4fLi10qQKaFEEGE2uCdLnIB
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 449KG7PBSJGZC01G
age: 24636
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ko8g5TRpaaJuMF3kj7RpTbSpnKQf/Toi0fRdIQ165XbAECplCvgs/h1QHuZjsQitsIsvW+5BsVA=
last-modified: Thu, 19 Oct 2023 20:38:08 GMT
server: cloudflare
etag: W/"6fe9bb13da7ba28df60248af83559170"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a4090fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 9408.3df4db57.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 60ms
54ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9408.3df4db57.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf68d21ee2fb4d8aea0b355db9cf2cfd21d240b04fb8c9a182194a1b6f9c40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: 0lZtKjK.Quzle8JDP2rE2oWTjDI1Nb1P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8KYVJ493874MFBSQ
age: 342119
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Jt8LpP4dRMWpbUKVEutO6a7bU/QUlQbpxQ4eX+/qs0LtUMfOhodpWGAdl/ssgnfa7iIftKEEaE8=
last-modified: Thu, 22 Feb 2024 21:36:57 GMT
server: cloudflare
etag: W/"cf9a2139eb847d4a111a514690bc9fc3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a3e90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 9150.42fafb2e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
2 KB 61ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9150.42fafb2e.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df22782693c9af50722c8e68c3bd5f0f2248d53b79cd278c2f0953d7b9d4571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: Juh7s6eqIR5VpuEFNUcPQ7B8LwsnUpKw
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0QRFP0BKXTWP6AGT
age: 34130
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pSo/QhkESdCrNQ6VlH4KFLsL/35qJBkaHdpskIEw31xcP+HzRMJb9qKXEFpvb0jD7v8wfQM8oPg=
last-modified: Thu, 19 Oct 2023 20:38:15 GMT
server: cloudflare
etag: W/"78132c40ece3187924f4251503c0fe2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a3f90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 5005.b5d4a37c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 31 KB
3 KB 60ms
54ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5005.b5d4a37c.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed871cdd5c0d8def9f024a161b7b8e8cef778a47955c05a27fbdcf023b9fa4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: RisC25ILXQZI5zUiv0YF80pfrgqVmer.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Z0Y07R58YWMQW50Z
age: 29494
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7PW/pjzEGueGCPO0Li0mOCM5qhxlkqxa/Kbqr31WLbsmjab9otLxceOeph8opDquakI/Iqnnenc=
last-modified: Thu, 19 Oct 2023 20:38:10 GMT
server: cloudflare
etag: W/"a72dda426ce4412cf5cdf2bd365c57c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a3d90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 6605.6978809c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 57ms
51ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6605.6978809c.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76822f80108f80e86b92c0834e670d0eb5918ebf7ae03c0a2233e0621465964d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: 3zJBb6TnWF6WrCW8byOW5.OskEguwNls
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AH4FR5WX1AKJKS5Z
age: 476936
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lnuD+LkZL/l9sWFfX9TIcTFlvcVcqj8Vw+YEjBOA8esVcEUfel8hA2Cwp+P3X81zEt4gOR32zV4=
last-modified: Thu, 14 Mar 2024 17:51:17 GMT
server: cloudflare
etag: W/"e9e1fa3bb781e009ab0e2b72484f4a41"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b417418a3c90fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 2393.aaa1ee6d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 45 KB
16 KB 122ms
116ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2393.aaa1ee6d.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee2df72cdc4936863ec36571e34a5bd94d8c559d5ca23978f14442bcd882921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: AlWKDh_1BOSXs_FWTHnebHpsTk2Tzq0D
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HGY4QEDTTR3MFR9C
age: 38321
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bO6jGEKi9Jj7e6P4uWw9fZLeBEgDXNdZVcrI1xr5a+Xx6efwJ5WOvbjdPkr+LfJnzhoRpxvuo5M508yu0Kg/418jprOaQ63J
last-modified: Tue, 20 Feb 2024 18:37:08 GMT
server: cloudflare
etag: W/"14558e00e00c94114784967440735b94"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca7090fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 2211.706ab0f5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
7 KB 120ms
114ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2211.706ab0f5.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade6273bd485e3fe853219534880d83799ea2b75d1db214efc7a0255a527deda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: B6kP9.8RVerphUFyT.nGoGfeA6SG5G.t
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CCR5JQT3KR49G3HS
age: 38320
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dGpLfIzZOop88ZaD9v3FWh/6hDNKGkG+ckKMgrKC5427TEZvrFckcISSjdHoQyS6YAp0t18yL6A=
last-modified: Wed, 14 Feb 2024 19:59:41 GMT
server: cloudflare
etag: W/"d4ff97682dc6e96f64e56231cccc64fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6290fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 PostPage.MainContent.0377a67c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 192 KB
45 KB 121ms
116ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.0377a67c.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54522716a9f338ad9be8731ab3f0755572e94388524b3d7e669b5bf1cf762f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
x-amz-version-id: OLBS0Bthi5XypRf2NFSTs4s47DYtC5Lr
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7RXAKHVF99180SQM
age: 633425
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HbTRrY5a6PF6y4NEBN0D/xXjlFteClwXDD6a2PurvoVA0Hcd3aicCKFMBpT00nt9AWTvgnH25WQ=
last-modified: Wed, 20 Mar 2024 17:58:06 GMT
server: cloudflare
etag: W/"a056ef77447484fb766e40fc6d4c03bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41741ca6190fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 163ms
77ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 86b417422af765da-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 227ms
194ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10633117
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b9958de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 219ms
187ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10876221
x-envoy-upstream-service-time: 38
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b9858de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 219ms
187ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10975194
x-envoy-upstream-service-time: 71
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b9758de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 218ms
186ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10880610
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b9658de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 74ms
43ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10800384
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b9258de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-serif-pro-700-italic.woff
glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 214ms
185ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10890533
x-envoy-upstream-service-time: 64
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b9458de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 213ms
185ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10880525
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b9158de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 186ms
158ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10966573
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b8f58de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 55 KB
55 KB 148ms
132ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2dcb49178e613d7c504bf451d47354109e9dbd3cf5ad3c9e87896005398878

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10780068
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b8d58de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 7 KB
7 KB 142ms
131ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3bd49b7/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-code-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

703da51d1379c90aa4f05f52a98539b407f7ab5add1ec4f62f3228d5b1d0c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10892413
x-envoy-upstream-service-time: 14
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b8c58de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 57 KB
57 KB 64ms
56ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8c5141a45860f1cf10629c45600c1c98754d05e3254d586950d9ec0f060b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1116193
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b417420b8a58de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ 1 KB
2 KB 89ms
76ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 34131
x-envoy-upstream-service-time: 51
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc: h3=":443"; ma=86400
content-length: 1310
x-request-id: 716855b3-79a7-4e20-9124-a7052843c164
sepia-upstream: medium
server: cloudflare
etag: "qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240226-230532-797fb80223
accept-ranges: bytes
cf-ray: 86b417422aa590fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 1*s7SJaF9dODo7rWqa2rFQ6Q.png
miro.medium.com/v2/resize:fill:88:88/ 6 KB
6 KB 69ms
57ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:88:88/1*s7SJaF9dODo7rWqa2rFQ6Q.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3177c0013737d38f7a9fc5f06b3e7ba3d6d7ea0d02406d8c5beb176d26b701ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 399685
x-envoy-upstream-service-time: 143
content-disposition: inline; filename="1*s7SJaF9dODo7rWqa2rFQ6Q.png"
alt-svc: h3=":443"; ma=86400
content-length: 5653
x-request-id: a1285143-42ea-4f7b-8952-f28017af2357
sepia-upstream: medium
server: cloudflare
etag: "9ivaNyhTKaKecaYmZr68Fn9V98S0df7YQu7TMR33mwc/RImIzYjQ4OTY4NWY1ZDM4M2EzYmFkNmE5YWRhYjE1MGU5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240314-123229-93307f36f5
accept-ranges: bytes
cf-ray: 86b417422aa490fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

GET
H2 200 1*31mr96MIMr8XD6fCOzLOrA.png
miro.medium.com/v2/resize:fit:720/format:webp/ 27 KB
28 KB 88ms
76ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*31mr96MIMr8XD6fCOzLOrA.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cf8581073cefc547aa5d82942d750df6ebb6cc16f49a2fdb17b304456bb6899

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:40 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 44637
x-envoy-upstream-service-time: 310
content-disposition: inline; filename="1*31mr96MIMr8XD6fCOzLOrA.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28114
x-request-id: 67d7b44c-df78-4180-abdd-63c8b62657a6
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RImRmNTlhYmY3YTMwODMyYmYxNzBmYTdjMjNiMzJjZWFjIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20240314-123229-93307f36f5
accept-ranges: bytes
cf-ray: 86b417422aa690fa-FRA
expires: Fri, 28 Mar 2025 02:11:40 GMT

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 2781ms
2781ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.e3408074.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
Medium-Clientele-Client: lite
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, clientele/main-20240314-123229-93307f36f5
x-envoy-upstream-service-time: 14
cf-ray: 86b41746abb92681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 2230.c546f16c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 54ms
53ms Script
application/javascript 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2230.c546f16c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.aa3177a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:41 GMT
x-amz-version-id: xWJf__tEGtfK6SYsYt3.b.Ctl1FYrL2e
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NWQA4V69B6R8CXEC
age: 1043019
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YpocriCW8Y4fQGU/OIaMp0zZkBtCqHFtQKKf20MwZhFDFCTGB8/FCcpPV8nbpA1C7mqspJLXPUUThBby4hZxPtjI2TRsg3xy
last-modified: Thu, 19 Oct 2023 20:38:05 GMT
server: cloudflare
etag: W/"5b5ebdea4bda0086b419f1dc8ca91a75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41746baed44f2-TXL
expires: Fri, 28 Mar 2025 02:11:41 GMT

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 2769ms
2769ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.e3408074.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
Medium-Clientele-Client: lite
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, clientele/main-20240314-123229-93307f36f5
x-envoy-upstream-service-time: 12
cf-ray: 86b41746cbc82681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 GiveTipButton.7844a2d2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 2700ms
2699ms Script
application/javascript 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/GiveTipButton.7844a2d2.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.aa3177a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:43 GMT
x-amz-version-id: 5wxFaPBbZuXVEH4zg8t9Fz46CDAnJYq7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CJ62WD4Q898WG2EE
age: 1118115
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IVrWCYWvwXUgDj1tmKZOMMZcJjtCthP1H7NnYiTCimppg9Qh9Ql3gbG9sRFoViGi7SUAprzsTug=
last-modified: Thu, 19 Oct 2023 20:38:24 GMT
server: cloudflare
etag: W/"c9d3c6b5a486ea6dcc919c927917cf19"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41757cbe344f2-TXL
expires: Fri, 28 Mar 2025 02:11:43 GMT

GET
H3 200 gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 2661ms
2661ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/gt-super-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10633078
x-envoy-upstream-service-time: 114
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b41757cf0958de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 2854ms
48ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98f7f540434416a4971d1c34981805c878b71e68f2cf4a9c102e76043609b7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92153
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Mar 2024 02:11:44 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 74 KB
23 KB 2848ms
45ms Script
text/javascript 108.138.26.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e05e2939b5b791cf4accd8146146cb9bc11d79f24cfd74292b6e0f7a133564db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qUNF9UneW4jvvX1Y5.pUYa4MM3z58hxe
content-encoding: gzip
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
date: Thu, 28 Mar 2024 02:07:47 GMT
last-modified: Wed, 28 Feb 2024 16:35:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 237
etag: "9aaa511375e7965f25b8d573e1cd2cef"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 23363
x-amz-cf-id: E7NWxDW8CrDeoQ5ORgTWHegCuKn5i1JsRG3RFOyzTQc--tWKsVnPiQ==

GET
H3 200 5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/da:true/resize:fit:0/ 300 KB
300 KB 2649ms
2649ms Image
image/png 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/da:true/resize:fit:0/5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:43 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 524599
x-envoy-upstream-service-time: 200
content-disposition: inline; filename="5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74.png"
alt-svc: h3=":443"; ma=86400
content-length: 306868
x-request-id: 78d6a68b-8900-44cf-9475-0baae262d9b1
sepia-upstream: medium
server: cloudflare
etag: "_89iZTbMWFrDAXoszgLV1LA1pq4J7sBwEDXleeW4l1U/RIjIwZDEwN2Y4NjUyZGRjYWYzMDBkNGYxNjllNjMwODQ5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231120-091327-e2dd1b4066
accept-ranges: bytes
cf-ray: 86b41757cbe644f2-TXL
expires: Fri, 28 Mar 2025 02:11:43 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 129 B
497 B 2691ms
2690ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54e0cc4a576ebb344559c9c19a04991bebc9cf908ce909164bba59ab49ff338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"81-C7/ApDdv8ZTNkiHqrkJGfSlp+/w"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1
cf-ray: 86b41757c9ea2681-TXL
x-request-received-at: 1711591904062

POST
H3 200 graphql Show response
labs.guard.io/_/ 80 B
475 B 2689ms
2689ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: AvatarMenuQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 37
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"50-uwdNQiS1cauYvMsRotgPVGuGSSE"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1
cf-ray: 86b41757c9ec2681-TXL
x-request-received-at: 1711591904056

POST
H3 200 graphql Show response
labs.guard.io/_/ 806 B
787 B 2722ms
2722ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1e838835df309232f2278c51de56049b31eabce4a99ae7018096867ad5e84dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 67
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"326-84LXbXkeAldNopwcmSO7TVimwo4"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1, tutu/main-20240327-175209-28121bf5d1
cf-ray: 86b41757c9ed2681-TXL
x-request-received-at: 1711591904058

POST
H3 200 graphql Show response
labs.guard.io/_/ 210 B
558 B 2722ms
2722ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d0cd84a574633aa0332f73ee613055e904e205feee3fcd4a957e032aae0f6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 65
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d2-IFeuSsx2xUyD044q/z4lp3L2FYM"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1, tutu/main-20240327-175209-28121bf5d1
cf-ray: 86b41757c9ef2681-TXL
x-request-received-at: 1711591904060

POST
H3 200 graphql Show response
labs.guard.io/_/ 24 KB
6 KB 3041ms
3034ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e37a7fcaa1cde533c88ce79e2b3bb07756736fe33e325693bdfd4e620e6379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: MoreFromMediumRecircQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 274
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"617a-SCZSa/6fQK327DgI4+LS7PYsx6E"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1, tutu/main-20240326-180741-7aa1a96ecf
cf-ray: 86b41757c9f02681-TXL
x-request-received-at: 1711591904067

POST
H3 200 graphql Show response
labs.guard.io/_/ 27 B
399 B 2770ms
2764ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: ViewerQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 108
alt-svc: h3=":443"; ma=86400
content-length: 27
x-xss-protection: 0
server: cloudflare
etag: W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1
cf-ray: 86b41757c9f32681-TXL
x-request-received-at: 1711591904104

POST
H3 200 graphql Show response
labs.guard.io/_/ 79 B
471 B 2682ms
2677ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52d25ab4a53674b721be8fa2983c6b0f2b6821618f6d4fbc3472fec02b5e67d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: LogGateExposure
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"4f-PyDyq/vz3tkRgbZXHMnLXcJrsR4"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1
cf-ray: 86b41757c9f52681-TXL
x-request-received-at: 1711591904058

POST
H3 200 graphql Show response
labs.guard.io/_/ 79 B
471 B 2678ms
2673ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52d25ab4a53674b721be8fa2983c6b0f2b6821618f6d4fbc3472fec02b5e67d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: LogGateExposure
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"4f-PyDyq/vz3tkRgbZXHMnLXcJrsR4"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1
cf-ray: 86b41757c9f62681-TXL
x-request-received-at: 1711591904057

POST
H3 200 graphql Show response
labs.guard.io/_/ 96 B
512 B 2709ms
2703ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c876a796f07fa229579387ef309d2e7ad73635bafdf0b884459bd536c6dcf62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"60-QJzwws4ZxLnnfB2LX5KPDh9h3sE"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1, tutu/main-20240327-175209-28121bf5d1
cf-ray: 86b41757c9f82681-TXL
x-request-received-at: 1711591904062

GET
H3 200 4447.522494b1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 585 B
870 B 2645ms
2644ms Script
application/javascript 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4447.522494b1.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.aa3177a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

350ef7178db5ff2a768549534aae3e3bf38bfb39676d2cca01edd4fb56d5f083

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:43 GMT
x-amz-version-id: dAFOGeWEtaZNKIF4.GoogPcfjcVQVBDy
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: G3ED09SF3HEY91KW
age: 1107419
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BDMlFA6BzBRuib1ZB9B74Pvv8zwrZ2cInDNE8wpZw4X2s7/HM5ixIpE0365FpN2jFw8NIJ3VdJN/lkfRuJ71t7QWKrcO1PsF0nI/LceiQWM=
last-modified: Fri, 14 Oct 2022 16:15:40 GMT
server: cloudflare
etag: W/"924f3328cb65c1eadb5d181d3a199290"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41757cbec44f2-TXL
expires: Fri, 28 Mar 2025 02:11:43 GMT

GET
H3 200 9410.b062161c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 2645ms
2645ms Script
application/javascript 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9410.b062161c.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.aa3177a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce351425bb6109d954f3b438e525b265e5778be71a8ea8158164cc44f898d0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:43 GMT
x-amz-version-id: zl4lWK0kCqXlmfeHXZ80CLwtta5jwHr9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ABQAQASPE4P4XG9C
age: 78773
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KKqE/IU3POsN4b+wDg5TKSSdlPS6krvRYI3Qu8PH7c6reMkPpCW4RgeXsC31Yq/GhBBBMoUeL9c=
last-modified: Thu, 19 Oct 2023 20:38:15 GMT
server: cloudflare
etag: W/"e1fc64020a28a336e0693693158b3c4f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86b41757cbee44f2-TXL
expires: Fri, 28 Mar 2025 02:11:43 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 81 B
476 B 204ms
203ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 60
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"51-hbfNDSGVO0/XLJV9LgsKsOBLP4E"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1
cf-ray: 86b417586a922681-TXL
x-request-received-at: 1711591904150

GET
H2 200 _r Show response
app.link/ 91 B
630 B 290ms
192ms Script
text/javascript 2600:9000:206f:e000:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.84.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:e000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

012d124423590bd358730b30dab2f86b8a550a0d8d26dda56909583d6c7420da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: FRA56-C1
etag: W/"5b-14RKuVZer4JjAA2ACyAdZ1fHSs4"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: kYTEGW_p0HC2CwMugwQaatQ8oFruORJhk8vdFCbY91YbwbfgfB2BQg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 139ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JY7T788PK&gtm=45je43p0v9123887712za200&_p=1711591901347&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2044226215.1711591904&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711591904&sct=1&seg=0&dl=https%3A%2F%2Flabs.guard.io%2Fcve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca&dt=%E2%80%9CCVE-2024-21388%E2%80%9D-%20Microsoft%20Edge%E2%80%99s%20Marketing%20API%20Exploited%20for%20Covert%20Extension%20Installation%20%7C%20by%20Guardio%20%7C%20Mar%2C%202024%20%7C%20Medium&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5096
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 02:11:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://labs.guard.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 48ms
47ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10780156
x-envoy-upstream-service-time: 27
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 86b4175c6b6958de-TXL
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 28 Mar 2025 02:11:44 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 3 KB
851 B 346ms
309ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29d071bc4fd7752b225452ff5095536d27267184435c37f0ba38fef5878110f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
medium-frontend-route: post
accept-language: de-DE,de;q=0.9
sec-ch-ua-platform: "Win32"
apollographql-client-name: lite
ot-tracer-sampled: true
sec-ch-ua-mobile: ?0
ot-tracer-traceid: 5929fe24aa5b1dfd
medium-frontend-path: /cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
medium-frontend-app: lite/main-20240327-151902-28121bf5d1
apollographql-client-version: main-20240327-151902-28121bf5d1
ot-tracer-spanid: 7bf6ae2619dce9a2

Response headers

date: Thu, 28 Mar 2024 02:11:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 151
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d99-KnZ5NCd2hVG5uloP34PXd84hs6c"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, rito/main-20240327-151902-28121bf5d1, tutu/main-20240327-175209-28121bf5d1
cf-ray: 86b4175c8e2d2681-TXL
x-request-received-at: 1711591904848

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
708 B 287ms
194ms XHR
application/json 2600:9000:2491:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

06d3cad4654e91a4d501a8e617bd0546329d9b51a138c8212a296e2a46cffa3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 75f4cc34-cdf3-4b27-b9b6-a2e8ac6bde18-2024032802
content-length: 316
x-amz-cf-id: KMNhEBWgSCPhTW04QvcH1tkPVjvfXLKIwmlQep1_gj6Rhl7-B9qpGQ==

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 176ms
175ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.e3408074.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
Medium-Clientele-Client: lite
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885, clientele/main-20240314-123229-93307f36f5
x-envoy-upstream-service-time: 20
cf-ray: 86b4175cce6a2681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 rum Show response
labs.guard.io/cdn-cgi/ 0
139 B 82ms
28ms XHR
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://labs.guard.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 86b4175cde752681-TXL

GET
H3 200 1*m-R_BkNf1Qjr1YbyOIJY2w.png
miro.medium.com/v2/ 737 B
1 KB 51ms
50ms Other
image/png 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://miro.medium.com/v2/1*m-R_BkNf1Qjr1YbyOIJY2w.png

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c615bd22b74f1ea5bc75e4f06ca7f877e3d76f15b98beb36af76909b7e25d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:44 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 604031
x-envoy-upstream-service-time: 25
content-disposition: inline; filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
alt-svc: h3=":443"; ma=86400
content-length: 737
x-request-id: 7b217bd1-eaf1-4f4d-bf2a-429a9160bacc
sepia-upstream: medium
server: cloudflare
etag: "yj0WO6sFU4GCciYUBWjzvvfqrBh869doeOC2Pp5EI1Y/RIjliZTQ3ZjA2NDM1ZmQ1MDhlYmQ1ODZmMjM4ODI1OGRiIg"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231012-152649-b8092c91fb
accept-ranges: bytes
cf-ray: 86b4175cd90644f2-TXL
expires: Fri, 28 Mar 2025 02:11:44 GMT

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
349 B 354ms
354ms XHR
application/json 2600:9000:2491:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Mar 2024 02:11:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: j5tu5bLU9Sb9O8N2wagGkLRi3QRwKINimqaH_RQLko5dmxVVSHuOsw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
349 B 202ms
201ms XHR
application/json 2600:9000:2491:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/3057.5e22bbb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Mar 2024 02:11:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: rpWo7cqXBfmY8v_vaV74reADjfOCEpLMWqElPWoIwWi_96M9HYbtpA==

POST
H3 200 batch Show response
labs.guard.io/_/ 17 B
277 B 372ms
372ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.e3408074.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:11:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json
medium-fulfilled-by: edgy/8.7.1, valencia/main-20240326-104307-26e4a6d885
x-envoy-upstream-service-time: 188
cf-ray: 86b41765edb02681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 17

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.com/	1970-01-21 05:02:31	Name: uid Value: lo_a570f0872080
.medium.com/	1970-01-21 05:02:31	Name: sid Value: 1:06E2YuK9cdKBf5+oB1PuY0KruAPAFtKT8nBsqnsE7SEt4LhaHZgr4tNkS23p02rg
labs.guard.io/	1970-01-21 05:02:31	Name: sid Value: 1:TC3GKHwMS8VNDzhl6HXTJlhUsC2MrRqK+mpbgFe9lMgZ2gTYAk0mjAAdRL6Bkwdb
labs.guard.io/	1970-01-21 05:02:31	Name: uid Value: lo_a570f0872080
labs.guard.io/	1970-01-20 19:26:32	Name: _dd_s Value: rum=0&expire=1711592801230
.guard.io/	1970-01-21 05:02:31	Name: _ga_7JY7T788PK Value: GS1.1.1711591904.1.0.1711591904.0.0.0
.guard.io/	1970-01-21 05:02:31	Name: _ga Value: GA1.1.2044226215.1711591904
.app.link/	1970-01-21 04:12:07	Name: _s Value: e9iBMp0rBAOtdjC7qWLlu2HvULzbg5pLi0cjzudcmL9i891Ly1n8LUATToBvAgHo

90 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: about:blank Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: about:blank Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9(Line 41) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca?gi=f2d126ccb4e9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca(Line 71) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca(Line 71) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
labs.guard.io
medium.com
miro.medium.com
region1.google-analytics.com
static.cloudflareinsights.com
www.googletagmanager.com
108.138.26.116
162.159.153.4
2001:4860:4802:32::36
2600:9000:206f:e000:19:9934:6a80:93a1
2600:9000:2491:d000:11:f728:3040:93a1
2606:4700:7::a29f:9904
2606:4700::6810:4f49
2a00:1450:4001:80b::2008
012d124423590bd358730b30dab2f86b8a550a0d8d26dda56909583d6c7420da
06d3cad4654e91a4d501a8e617bd0546329d9b51a138c8212a296e2a46cffa3c
07e37a7fcaa1cde533c88ce79e2b3bb07756736fe33e325693bdfd4e620e6379
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0ee2df72cdc4936863ec36571e34a5bd94d8c559d5ca23978f14442bcd882921
0f5d488deaa7df4041514937ac1683711b5ca1ef255639d2bd5c6d2a7f1c78d7
14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e
149845ad1ce2088a71d4019979c6b4192d8a77d5e310f6f3b7411c72225637b4
151e5dfb2adce763505535daa8b90bddb7b5a5672db0c19686e811af27a6cbcc
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1cf8581073cefc547aa5d82942d750df6ebb6cc16f49a2fdb17b304456bb6899
1d0cd84a574633aa0332f73ee613055e904e205feee3fcd4a957e032aae0f6f4
22c615bd22b74f1ea5bc75e4f06ca7f877e3d76f15b98beb36af76909b7e25d7
25b283a69fdffec5aed19ca2a40b67f490744d4e28d1b41b14f78c7c3ca85304
29d071bc4fd7752b225452ff5095536d27267184435c37f0ba38fef5878110f0
3177c0013737d38f7a9fc5f06b3e7ba3d6d7ea0d02406d8c5beb176d26b701ab
350ef7178db5ff2a768549534aae3e3bf38bfb39676d2cca01edd4fb56d5f083
36958875136eaa028381ba1b7c0169a46c0a3a80b12a2be773ec5e30479e3e87
37a92f6f729051d8f507d8e2102fb6ff65523e1cac9a02c5cf73f1503b446dfc
3df22782693c9af50722c8e68c3bd5f0f2248d53b79cd278c2f0953d7b9d4571
3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e
46e758010f351793913ddca875cd4d6b107e4fe8b263b352c1da5b2f3d151021
46fe37d3a946ad84252e7b64ef3f4122a9cd989d042254306a67d0cca0ec7c3a
4e8c5141a45860f1cf10629c45600c1c98754d05e3254d586950d9ec0f060b14
52d25ab4a53674b721be8fa2983c6b0f2b6821618f6d4fbc3472fec02b5e67d0
54522716a9f338ad9be8731ab3f0755572e94388524b3d7e669b5bf1cf762f5a
5e45ce783ff6f2159c09545f4a3a53cfd8aa6588e53ab2e3dc894b69048128e3
5f6846ab4a02e8b678dbaf57c1a0e0f113b67c1c9971e1bf92fc4715b4c52fa6
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6371dbf8600466f6a05a06c3372f54b5df5ea4ce7e2145571a7f72886d61d879
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
6e83c8c5a1bd848dbca2b2d3094e5df3a68eed3a86ab76409ce9024190f1c3e8
703da51d1379c90aa4f05f52a98539b407f7ab5add1ec4f62f3228d5b1d0c67c
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
76822f80108f80e86b92c0834e670d0eb5918ebf7ae03c0a2233e0621465964d
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
7c876a796f07fa229579387ef309d2e7ad73635bafdf0b884459bd536c6dcf62
86271c093b0257f9d53dc5e215a090d8091cf484e4a3266c0a049a7220c5aac0
8bf68d21ee2fb4d8aea0b355db9cf2cfd21d240b04fb8c9a182194a1b6f9c40a
8d3e598ba737be043c5d785d54f858660c4dd4d22805b22a550876b017830f6b
93efcb5760c80b2b05a06369f841dec8894aec84f393f473d4a98c97d753637c
98f7f540434416a4971d1c34981805c878b71e68f2cf4a9c102e76043609b7c6
9d4cacc612c452bdcc10a085e37f00f77d8863cb1e8fe669ca02c1156f2cb712
a0a325be88b972585013651fda18724a2ff7469f00d0f6f4b53df397d6524b7f
a13833533c830de737dc8b245fa9f45199dcef87c1bd0172b63d9da0e9fea577
a1e838835df309232f2278c51de56049b31eabce4a99ae7018096867ad5e84dc
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aa2dcb49178e613d7c504bf451d47354109e9dbd3cf5ad3c9e87896005398878
ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d
ade6273bd485e3fe853219534880d83799ea2b75d1db214efc7a0255a527deda
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0ccb39eaeff90e53846e38ceae9b69357c7bad82102e48585b94b70f28f6bed
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b39602c4951ecb841fb70f050e4f7d8d816f7b286e50305a8e296c287d42e986
bc2d9e98ed3ad1802ecfcb1d3912ebbc1666f333f92ce1d11b21c56db24570c4
bc6fdfbd3f509ad2b55eac98b2c8946300b82d4cf1688dc5ea67b5fa1fd34e01
bd7a7e2100b68ef9839698909824aacc4d5fc541699a5d5465ce344c6ab811f2
c54e0cc4a576ebb344559c9c19a04991bebc9cf908ce909164bba59ab49ff338
ce351425bb6109d954f3b438e525b265e5778be71a8ea8158164cc44f898d0cd
cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0
e05e2939b5b791cf4accd8146146cb9bc11d79f24cfd74292b6e0f7a133564db
e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991
e365238b8f3b49688bb6f1344496c0e25a3ebe4302c859856e937f18f403d6a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed871cdd5c0d8def9f024a161b7b8e8cef778a47955c05a27fbdcf023b9fa4b1
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
fdd07e6dfe1b3b06e631fd76b882dc0d991490f743ecb96d8c7d347a401abb47

labs.guard.io Open in urlscan Pro 162.159.153.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

75 %IPv6

7 Domains

11 Subdomains

8 IPs

3 Countries

1439 kBTransfer

3547 kBSize

8 Cookies

86 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

labs.guard.io Open in urlscan Pro
162.159.153.4 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1439 kB
Transfer

3547 kB
Size

8
Cookies

81 HTTP transactions
0 data transactions