Submitted URL: http://greenonions.com/
Effective URL: https://greenonions.com/?gi=1062ae68c34f
Submission: On October 29 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 52.1.173.203, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is greenonions.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 2nd 2024. Valid for: a year.
This is the only time greenonions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 52.1.173.203 14618 (AMAZON-AES)
7 11 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 13 162.159.153.4 13335 (CLOUDFLAR...)
1 162.159.152.4 13335 (CLOUDFLAR...)
1 108.138.26.116 16509 (AMAZON-02)
1 2600:9000:237... 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
27 10
Apex Domain
Subdomains
Transfer
27 medium.com
medium.com — Cisco Umbrella Rank: 12033
glyph.medium.com — Cisco Umbrella Rank: 24777
cdn-static-1.medium.com — Cisco Umbrella Rank: 224848
cdn-images-1.medium.com — Cisco Umbrella Rank: 62090
csp.medium.com Failed
miro.medium.com — Cisco Umbrella Rank: 16623
1 MB
4 greenonions.com
greenonions.com
32 KB
3 branch.io
cdn.branch.io — Cisco Umbrella Rank: 958
api2.branch.io — Cisco Umbrella Rank: 1350
24 KB
1 app.link
app.link — Cisco Umbrella Rank: 2197
669 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
27 5
Domain Requested by
18 cdn-images-1.medium.com 9 redirects greenonions.com
4 cdn-static-1.medium.com greenonions.com
cdn-static-1.medium.com
4 greenonions.com 1 redirects greenonions.com
cdn-static-1.medium.com
3 medium.com 1 redirects cdn-static-1.medium.com
2 api2.branch.io cdn.branch.io
1 miro.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io greenonions.com
1 www.google-analytics.com greenonions.com
www.google-analytics.com
1 glyph.medium.com greenonions.com
0 csp.medium.com Failed www.google-analytics.com
27 11

This site contains links to these domains. Also see Links.

Domain
policy.medium.com
medium.com
rsci.app.link
Subject Issuer Validity Valid
greenonions.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-02 -
2025-05-02
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2024-02-16 -
2024-12-31
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.branch.io
Amazon RSA 2048 M03
2024-08-11 -
2025-09-09
a year crt.sh
appipv4.link
Amazon RSA 2048 M03
2024-03-25 -
2025-04-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://greenonions.com/?gi=1062ae68c34f
Frame ID: E39AF3200CAF5A2FCCCFC6AAFEA3E16B
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Greenonions

Page URL History Show full URLs

  1. http://greenonions.com/ HTTP 307
    https://greenonions.com/ HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fgreenonions.com%2F HTTP 307
    https://greenonions.com/?gi=1062ae68c34f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

27
Requests

59 %
HTTPS

56 %
IPv6

5
Domains

11
Subdomains

10
IPs

3
Countries

1428 kB
Transfer

3521 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://greenonions.com/ HTTP 307
    https://greenonions.com/ HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fgreenonions.com%2F HTTP 307
    https://greenonions.com/?gi=1062ae68c34f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://cdn-images-1.medium.com/fit/c/72/72/1*4UCGRoxsPkfn7l3P-rk0OQ.jpeg HTTP 301
  • https://cdn-images-1.medium.com/v2/resize:fill:72:72/1*4UCGRoxsPkfn7l3P-rk0OQ.jpeg
Request Chain 4
  • https://cdn-images-1.medium.com/freeze/fit/t/60/18/1*IXpIt7Xep5-25KONGWmbmw.jpeg?q=20 HTTP 301
  • https://cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
Request Chain 5
  • https://cdn-images-1.medium.com/freeze/fit/t/60/18/1*34jSwQNNYTCyJzewqkBllA.jpeg?q=20 HTTP 301
  • https://cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg
Request Chain 10
  • https://cdn-images-1.medium.com/max/800/1*Xwdm5YASb_WLbkYWLjwBJQ.jpeg HTTP 301
  • https://cdn-images-1.medium.com/v2/resize:fit:800/1*Xwdm5YASb_WLbkYWLjwBJQ.jpeg
Request Chain 11
  • https://cdn-images-1.medium.com/max/800/1*xpyOgAIvKogcFl2t_7yw0w.png HTTP 301
  • https://cdn-images-1.medium.com/v2/resize:fit:800/1*xpyOgAIvKogcFl2t_7yw0w.png
Request Chain 12
  • https://cdn-images-1.medium.com/max/800/1*RJ1ddMmPeboMjcLiJWrh3g.png HTTP 301
  • https://cdn-images-1.medium.com/v2/resize:fit:800/1*RJ1ddMmPeboMjcLiJWrh3g.png
Request Chain 20
  • https://cdn-images-1.medium.com/fit/c/36/36/1*PIzI2hu6-HEqaPulKFn3vQ.png HTTP 301
  • https://cdn-images-1.medium.com/v2/resize:fill:36:36/1*PIzI2hu6-HEqaPulKFn3vQ.png
Request Chain 21
  • https://cdn-images-1.medium.com/fit/t/1600/480/1*IXpIt7Xep5-25KONGWmbmw.jpeg HTTP 301
  • https://cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
Request Chain 22
  • https://cdn-images-1.medium.com/fit/t/1600/480/1*34jSwQNNYTCyJzewqkBllA.jpeg HTTP 301
  • https://cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
greenonions.com/
Redirect Chain
  • http://greenonions.com/
  • https://greenonions.com/
  • https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fgreenonions.com%2F
  • https://greenonions.com/?gi=1062ae68c34f
163 KB
31 KB
Document
General
Full URL
https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-173-203.compute-1.amazonaws.com
Software
nginx / Medium
Resource Hash
2f638a8dfc90450236b36ee2384b27599b573af400e369a9134814b2f252441b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://greenonions.com https://*.greenonions.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://greenonions.com https://*.greenonions.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 02:26:44 GMT
expires
Thu, 09 Sep 1999 09:09:09 GMT
link
<https://medium.com/humans.txt>; rel="humans"
medium-fulfilled-by
valencia/main-20241028-183020-5e9fddbd57
pragma
no-cache
sepia-upstream
medium
server
nginx
x-content-type-options
nosniff
x-envoy-upstream-service-time
234
x-frame-options
sameorigin
x-obvious-info
20241028-1824-root,86e3e02c
x-obvious-tid
1730168804027:b5d8ab9cf39b
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d9fb8ee7d521cbf-FRA
content-length
0
content-type
text/plain;charset=UTF-8
date
Tue, 29 Oct 2024 02:26:43 GMT
location
https://greenonions.com/?gi=1062ae68c34f
medium-fulfilled-by
edgy/8.8.0, valencia/main-20241028-183020-5e9fddbd57
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
1
x-content-type-options
nosniff
x-envoy-upstream-service-time
21
m2-unbound-source-serif-pro.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/
56 KB
33 KB
Stylesheet
General
Full URL
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound-source-serif-pro.css
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f964a92907f08ce140759b837315622cae07842acb84a1067d99de257174b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

access-control-max-age
86400
content-encoding
gzip
cf-cache-status
HIT
age
3077
access-control-allow-methods
GET, POST, PUT, DELETE
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 04:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
text/css
vary
Accept-Encoding
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
x-envoy-upstream-service-time
92
access-control-allow-credentials
true
cf-ray
8d9fb8f3df242c25-FRA
access-control-allow-origin
*
server
cloudflare
main-branding-base.W9J-2zkF03j8TkriAGn1Tg.12.css
cdn-static-1.medium.com/_/fp/css/
466 KB
64 KB
Stylesheet
General
Full URL
https://cdn-static-1.medium.com/_/fp/css/main-branding-base.W9J-2zkF03j8TkriAGn1Tg.12.css
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e62c50d2b8035449b69fb70640a4609814dff9ecb22c2b75b081f564704762b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"30a758243a2da30a5f5e85bd75b2bef3"
age
2793850
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 17:18:46 GMT
vary
Accept-Encoding
x-amz-id-2
dUuQgfcFDGENlK1ac0eaCmQ173BlCpVHbASsRVYPyFVRsyVyAa0x4hvmd+mhdhhFPnScVcfDC5gc0X4YrYXphm3C2WidGl+9PKF5/K411AY=
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
KSAQK9PSWY5CZWWF
cf-ray
8d9fb8f3dfca1d96-FRA
accept-ranges
bytes
content-length
64491
server
cloudflare
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

content-encoding
gzip
age
3629
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 03:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
1*4UCGRoxsPkfn7l3P-rk0OQ.jpeg
cdn-images-1.medium.com/v2/resize:fill:72:72/
Redirect Chain
  • https://cdn-images-1.medium.com/fit/c/72/72/1*4UCGRoxsPkfn7l3P-rk0OQ.jpeg
  • https://cdn-images-1.medium.com/v2/resize:fill:72:72/1*4UCGRoxsPkfn7l3P-rk0OQ.jpeg
2 KB
3 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/resize:fill:72:72/1*4UCGRoxsPkfn7l3P-rk0OQ.jpeg
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H3
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1adf981552a99713691360f2a0e2557be10311d15dba49a8f3740c1fa9c340e9
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

x-request-id
24657697-7425-4c54-b878-ef0f550f4e0f
cf-bgj
h2pri
etag
"mlsrhd8IBhykkNhfIL62TwGocdKHcFu_szFiiI-tgsE/RImUxNDA4NjQ2OGM2YzNlNDdlN2VlNWRjZmZhYjkzNDM5Ig"
age
2410578
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
image/jpeg
content-disposition
inline; filename="1*4UCGRoxsPkfn7l3P-rk0OQ.jpg"
medium-fulfilled-by
miro-v2/main-20240226-230532-797fb80223
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
sepia-upstream
medium
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
91
cf-ray
8d9fb8f5aab74da2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2384
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fill:72:72/1*4UCGRoxsPkfn7l3P-rk0OQ.jpeg
cf-cache-status
HIT
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
cf-ray
8d9fb8f3c9d03642-FRA
expires
Tue, 29 Oct 2024 04:26:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:44 GMT
vary
Accept-Encoding
server
cloudflare
1*IXpIt7Xep5-25KONGWmbmw.jpeg
cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/
Redirect Chain
  • https://cdn-images-1.medium.com/freeze/fit/t/60/18/1*IXpIt7Xep5-25KONGWmbmw.jpeg?q=20
  • https://cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
1 KB
2 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H3
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9085596732b85b631854d7bdf6b186c0d2e5939707b8917d050878abb41a276
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

x-request-id
338414d2-04d6-9f98-982f-4993339af4e0
cf-bgj
h2pri
etag
"_uPAHpfmm-0YArd47iCb58PFHwdgoiYVK_Szzw_0fb4/RIjIxN2E0OGI3YjVkZWE3OWZiNmU0YTM4ZDE5Njk5YjliIg"
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
image/jpeg
content-disposition
inline; filename="1*IXpIt7Xep5-25KONGWmbmw.jpg"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
150
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
cf-ray
8d9fb8f5be791907-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1240
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
cf-cache-status
EXPIRED
x-envoy-upstream-service-time
1
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
x-content-type-options
nosniff
cf-ray
8d9fb8f3da188fd6-FRA
expires
Tue, 29 Oct 2024 04:26:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:44 GMT
vary
Accept-Encoding
server
cloudflare
1*34jSwQNNYTCyJzewqkBllA.jpeg
cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/
Redirect Chain
  • https://cdn-images-1.medium.com/freeze/fit/t/60/18/1*34jSwQNNYTCyJzewqkBllA.jpeg?q=20
  • https://cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg
928 B
1 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aeae8ab2981ef4c528b934ab90bb0f1b5d58f6cb0b9d47253cd8eeaef7f52d3
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

x-request-id
b7335eb4-2115-47c2-ac08-2ce33d99b984
cf-bgj
h2pri
etag
"_uPAHpfmm-0YArd47iCb58PFHwdgoiYVK_Szzw_0fb4/RImRmODhkMmMxMDM0ZDYxMzBiMjI3MzdiMGFhNDA2NTk0Ig"
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
image/jpeg
content-disposition
inline; filename="1*34jSwQNNYTCyJzewqkBllA.jpg"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
329
cf-ray
8d9fb8f52a638fd6-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
928
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/format:jpg/resize:fill:60:18/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg
cf-cache-status
EXPIRED
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
cf-ray
8d9fb8f44a368fd6-FRA
expires
Tue, 29 Oct 2024 04:26:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:44 GMT
vary
Accept-Encoding
server
cloudflare
main-base.bundle.1pEk5rS0vHqOpOxkzgNvgQ.12.js
cdn-static-1.medium.com/_/fp/gen-js/
1 MB
302 KB
Script
General
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.1pEk5rS0vHqOpOxkzgNvgQ.12.js
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
149f0d051ee9dee0361ee52822d6617db82e44c75a1d04d8a52214b0686a34f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"165f666d5dd83b5645f1d527f31e1a41"
age
1166728
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
application/javascript
last-modified
Tue, 15 Oct 2024 14:03:57 GMT
vary
Accept-Encoding
x-amz-id-2
4TRSAZDJeRUd8pt2KtVVTnDPOGLSxCqZEOnxM39cJKIj/I6eZn2UbfClu162haYpqK37dbysuJYbm6lFD1Z/kQJSd7QiGbANcElRuvdZWJI=
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
3GP5SR784KCZKM7Q
cf-ray
8d9fb8f44ff11d96-FRA
accept-ranges
bytes
content-length
308575
server
cloudflare
x-amz-server-side-encryption
AES256
stat
greenonions.com/_/
43 B
194 B
Image
General
Full URL
https://greenonions.com/_/stat?event=pixel.load&origin=https%3A%2F%2Fgreenonions.com
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-173-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

sepia-upstream
medium
content-length
43
date
Tue, 29 Oct 2024 02:26:44 GMT
x-envoy-upstream-service-time
41
content-type
image/gif
server
nginx
medium-fulfilled-by
valencia/main-20241028-183020-5e9fddbd57
branch-latest.min.js
cdn.branch.io/
75 KB
23 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

cache-control
max-age=300
content-encoding
gzip
x-amz-version-id
JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
etag
"f4ec9657a3dc111d088e2eca7b9796a4"
age
78
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
23431
x-amz-cf-id
lhoEdi87heCLEtHpClXA-ZNNE68OBDL331VMXJHSCkV5ag7Qlj0z3g==
date
Tue, 29 Oct 2024 02:25:27 GMT
content-type
text/javascript
last-modified
Wed, 10 Apr 2024 21:44:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ff08f9d04e13cf594c6ef8542bae73498e1ce01b8969c2cd275a72cbe2ff48a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://greenonions.com
Referer

Response headers

Content-Type
font/opentype
1*Xwdm5YASb_WLbkYWLjwBJQ.jpeg
cdn-images-1.medium.com/v2/resize:fit:800/
Redirect Chain
  • https://cdn-images-1.medium.com/max/800/1*Xwdm5YASb_WLbkYWLjwBJQ.jpeg
  • https://cdn-images-1.medium.com/v2/resize:fit:800/1*Xwdm5YASb_WLbkYWLjwBJQ.jpeg
44 KB
45 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/resize:fit:800/1*Xwdm5YASb_WLbkYWLjwBJQ.jpeg
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H3
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fff09baf037f1486377798ea4ed07b0a1deb349b0e163eae8e4f7b901e69ca1
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/

Response headers

x-request-id
c32e36d2-4cae-4371-99a3-d1e86006ce7a
cf-bgj
h2pri
etag
"GDaGwHs-RUT5Ax-stAuS-u0PJhh3XQBIr57rmGRtHhk/RIjVmMDc2NmU1ODAxMjZmZjU4YjZlNDYxNjJlM2MwMTI1Ig"
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
image/jpeg
content-disposition
inline; filename="1*Xwdm5YASb_WLbkYWLjwBJQ.jpg"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
211
cf-ray
8d9fb8f64b094da2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
45305
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fit:800/1*Xwdm5YASb_WLbkYWLjwBJQ.jpeg
cf-cache-status
HIT
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
cf-ray
8d9fb8f46a2b3642-FRA
expires
Tue, 29 Oct 2024 04:26:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:44 GMT
vary
Accept-Encoding
server
cloudflare
1*xpyOgAIvKogcFl2t_7yw0w.png
cdn-images-1.medium.com/v2/resize:fit:800/
Redirect Chain
  • https://cdn-images-1.medium.com/max/800/1*xpyOgAIvKogcFl2t_7yw0w.png
  • https://cdn-images-1.medium.com/v2/resize:fit:800/1*xpyOgAIvKogcFl2t_7yw0w.png
33 KB
33 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/resize:fit:800/1*xpyOgAIvKogcFl2t_7yw0w.png
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H3
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb5ca3fcdfed0b2f95d28ac8b9e31cd1eee6dc8cd8dda0b7d5fc63fbc21fe07
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/

Response headers

x-request-id
14a70eb9-1a1d-4ab7-b57b-d4030f8403b9
cf-cache-status
HIT
etag
"GDaGwHs-RUT5Ax-stAuS-u0PJhh3XQBIr57rmGRtHhk/RImM2OWM4ZTgwMDIyZjJhODgxYzE2NWRhZGZmYmNiMGQzIg"
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
image/png
content-disposition
inline; filename="1*xpyOgAIvKogcFl2t_7yw0w.png"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
83
cf-ray
8d9fb8f52a844da2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
33400
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fit:800/1*xpyOgAIvKogcFl2t_7yw0w.png
cf-cache-status
HIT
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
x-content-type-options
nosniff
cf-ray
8d9fb8f46a2e3642-FRA
expires
Tue, 29 Oct 2024 04:26:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:44 GMT
vary
Accept-Encoding
server
cloudflare
1*RJ1ddMmPeboMjcLiJWrh3g.png
cdn-images-1.medium.com/v2/resize:fit:800/
Redirect Chain
  • https://cdn-images-1.medium.com/max/800/1*RJ1ddMmPeboMjcLiJWrh3g.png
  • https://cdn-images-1.medium.com/v2/resize:fit:800/1*RJ1ddMmPeboMjcLiJWrh3g.png
511 KB
511 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/resize:fit:800/1*RJ1ddMmPeboMjcLiJWrh3g.png
Requested by
Host: greenonions.com
URL: https://greenonions.com/?gi=1062ae68c34f
Protocol
H3
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bdeb3de084817db11b1e666416ba9da51d7e2bb45cb1d98388fdcd332690bc2
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/

Response headers

x-request-id
ab6dec65-7f54-4d35-b196-6bf65d5c713b
cf-cache-status
HIT
etag
"GDaGwHs-RUT5Ax-stAuS-u0PJhh3XQBIr57rmGRtHhk/RIjQ0OWQ1ZDc0Yzk4Zjc5YmEwYzhkYzJlMjI1NmFlMWRlIg"
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:45 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
image/png
content-disposition
inline; filename="1*RJ1ddMmPeboMjcLiJWrh3g.png"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
295
cf-ray
8d9fb8f63afe4da2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
522777
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fit:800/1*RJ1ddMmPeboMjcLiJWrh3g.png
cf-cache-status
HIT
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
cf-ray
8d9fb8f46a313642-FRA
expires
Tue, 29 Oct 2024 04:26:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:44 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dfde2e1717f35237e54956b340ea30003e76d054d48bee0b149d51e81fc26a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://greenonions.com
Referer

Response headers

Content-Type
font/opentype
truncated
/
12 KB
12 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cb0607a963a4d571ab612d010e4c124c2bb4cc0fd27048efa5f92eedab98ebe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://greenonions.com
Referer

Response headers

Content-Type
font/opentype
_r
app.link/
91 B
669 B
Script
General
Full URL
https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:b000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
231b136964eea0275d2340ae18d031d7d0150c0db3f63e6df685efd5b7aad112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
etag
W/"5b-Edq/nqZm36QPL3yy2FlKf5yRanM"
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
91
x-amz-cf-id
3-PSvutR6AZq5pcwAlAp4U6NArKgWbRqtymk5B6IYYX0dfXGU0SMAg==
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
text/javascript; charset=utf-8
x-amz-cf-pop
MUC50-P2
server
openresty
main-common-async.bundle.iVHXBmq01uhHi5aKtJ3ygw.12.js
cdn-static-1.medium.com/_/fp/gen-js/
726 KB
199 KB
Script
General
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-common-async.bundle.iVHXBmq01uhHi5aKtJ3ygw.12.js
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.1pEk5rS0vHqOpOxkzgNvgQ.12.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8012cfe4d2a2401ed91896cda1527f07fb90925d8516305097e114d3a1ddc95d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"cca0a110b0d91668c74ad33888de37df"
age
1166257
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
application/javascript
last-modified
Tue, 15 Oct 2024 14:03:57 GMT
vary
Accept-Encoding
x-amz-id-2
6/Tzr6HioWFGZWhqvli8+pOs6IpYMO5qqCPvKmXLjZaI7Tzs/2KxIBwRBGeeWLa6JuwcaFLHPEg=
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
H8EV7ZPJG0X1QSC6
cf-ray
8d9fb8f56a9f4da2-FRA
accept-ranges
bytes
content-length
203256
server
cloudflare
x-amz-server-side-encryption
AES256
/
csp.medium.com/
0
0

collect
www.google-analytics.com/j/
0
0

main-home-screens.bundle._4lFVWEV5BB2UliwUIBZkA.12.js
cdn-static-1.medium.com/_/fp/gen-js/
4 KB
2 KB
Script
General
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-home-screens.bundle._4lFVWEV5BB2UliwUIBZkA.12.js
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.1pEk5rS0vHqOpOxkzgNvgQ.12.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd9ff7dea292a0de0d7655fc77d95bd3f25fc7900e816d907fd10726c0616b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/?gi=1062ae68c34f

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"de55f61e1f6e5342b26bfbae43121d7f"
age
611932
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:44 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:44 GMT
content-type
application/javascript
last-modified
Tue, 15 Oct 2024 14:03:57 GMT
vary
Accept-Encoding
x-amz-id-2
d/LhA3+IO9EmVXuUcdAeiL0smUDSvTd77tbhuuwMpcVG/9Vlpp5R+qBw/cEbLlIBFnNsTmW4GnF+B/b2/jXRpivqF0z1nDqZ+qwuijAqyiM=
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
2DCTKAC3H61YJ5T2
cf-ray
8d9fb8f64b084da2-FRA
accept-ranges
bytes
content-length
1612
server
cloudflare
x-amz-server-side-encryption
AES256
1*PIzI2hu6-HEqaPulKFn3vQ.png
cdn-images-1.medium.com/v2/resize:fill:36:36/
Redirect Chain
  • https://cdn-images-1.medium.com/fit/c/36/36/1*PIzI2hu6-HEqaPulKFn3vQ.png
  • https://cdn-images-1.medium.com/v2/resize:fill:36:36/1*PIzI2hu6-HEqaPulKFn3vQ.png
3 KB
4 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/resize:fill:36:36/1*PIzI2hu6-HEqaPulKFn3vQ.png
Requested by
Host: greenonions.com
URL: https://greenonions.com/
Protocol
H3
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62af06585d39156e5ba2566f68aa50055955a37a9cea36979d02e0b466789b29
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/

Response headers

x-request-id
64fedb52-0509-48e4-823c-57705ac4c8f7
cf-cache-status
HIT
etag
"jSFXnKaSKV8lr9Err_ICCnBz9MXw_7U_65s374ZFxjw/RIjNjOGNjOGRhMWJiYWY4NzEyYTY4ZmJhNTI4NTlmN2JkIg"
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:45 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
image/png
content-disposition
inline; filename="1*PIzI2hu6-HEqaPulKFn3vQ.png"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
64
cf-ray
8d9fb8f7cb924da2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3208
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fill:36:36/1*PIzI2hu6-HEqaPulKFn3vQ.png
cf-cache-status
EXPIRED
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
cf-ray
8d9fb8f6eb3c4da2-FRA
expires
Tue, 29 Oct 2024 04:26:45 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:45 GMT
vary
Accept-Encoding
server
cloudflare
1*IXpIt7Xep5-25KONGWmbmw.jpeg
cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/
Redirect Chain
  • https://cdn-images-1.medium.com/fit/t/1600/480/1*IXpIt7Xep5-25KONGWmbmw.jpeg
  • https://cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
67 KB
67 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
Requested by
Host: greenonions.com
URL: https://greenonions.com/
Protocol
H3
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400c54f5272e08895cbd214c23a71f2f08089d390a27ce6d6837f9e76522eb0f
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/

Response headers

x-request-id
86fbebed-6295-4fa5-ba52-9159965c7dd8
cf-bgj
h2pri
etag
"Gko9zIqhDNTQxrPS2uTz_w6cx7RHat8kpgWfzGMCo-8/RIjIxN2E0OGI3YjVkZWE3OWZiNmU0YTM4ZDE5Njk5YjliIg"
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:45 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
image/jpeg
content-disposition
inline; filename="1*IXpIt7Xep5-25KONGWmbmw.jpg"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
396
cf-ray
8d9fb8f8cbec4da2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
68131
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*IXpIt7Xep5-25KONGWmbmw.jpeg
cf-cache-status
EXPIRED
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
cf-ray
8d9fb8f6eb3d4da2-FRA
expires
Tue, 29 Oct 2024 04:26:45 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:45 GMT
vary
Accept-Encoding
server
cloudflare
1*34jSwQNNYTCyJzewqkBllA.jpeg
cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/
Redirect Chain
  • https://cdn-images-1.medium.com/fit/t/1600/480/1*34jSwQNNYTCyJzewqkBllA.jpeg
  • https://cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg
50 KB
50 KB
Image
General
Full URL
https://cdn-images-1.medium.com/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg
Requested by
Host: greenonions.com
URL: https://greenonions.com/
Protocol
H3
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f50934a52f504fb0cbc7c2776b9da0dff7cd9e9faeca88eabc3f2a23fac0495
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/

Response headers

x-request-id
4bab1cd5-79f1-4b40-a4ea-adabf7a34b58
cf-bgj
h2pri
etag
"Gko9zIqhDNTQxrPS2uTz_w6cx7RHat8kpgWfzGMCo-8/RImRmODhkMmMxMDM0ZDYxMzBiMjI3MzdiMGFhNDA2NTk0Ig"
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:45 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
image/jpeg
content-disposition
inline; filename="1*34jSwQNNYTCyJzewqkBllA.jpg"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
388
cf-ray
8d9fb8f7cb934da2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
50990
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fill:1600:480/gravity:fp:0.5:0.4/1*34jSwQNNYTCyJzewqkBllA.jpeg
cf-cache-status
EXPIRED
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
x-content-type-options
nosniff
cf-ray
8d9fb8f6eb3e4da2-FRA
expires
Tue, 29 Oct 2024 04:26:45 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 02:26:45 GMT
vary
Accept-Encoding
server
cloudflare
open
api2.branch.io/v1/
316 B
708 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
d68fc03255a112dbc6deda7818c4ce595c8be5d15b3974bcd6281627058c94ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://greenonions.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
DjcTtUcRychbku3kLS-BlFBN2NXQoI41TjNjbAdu8_-EAN2-78TrSg==
cache-control
no-cache
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
316
x-branch-request-id
634a727f-906a-4ec2-8fc6-964dc7b90a11-2024102902
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
stream
medium.com/_/api/collections/f593fb5628d6/
5 KB
2 KB
XHR
General
Full URL
https://medium.com/_/api/collections/f593fb5628d6/stream?to=1574873148716&page=3
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.1pEk5rS0vHqOpOxkzgNvgQ.12.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
9a74e3f0b30bab8c8d0fb5ab27672b25735fc014b4e3c1e22f0a4e863273e933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-Token
1
Referer
https://greenonions.com/
X-Client-Date
1730168805186
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
X-Obvious-CID
web

Response headers

access-control-expose-headers
X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, traceparent
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
x-obvious-info
20241028-1824-root,86e3e02c
expires
Thu, 09 Sep 1999 09:09:09 GMT
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=edge, Chrome=1
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
medium-fulfilled-by
edgy/8.8.0, valencia/main-20241028-183020-5e9fddbd57
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://medium.com/humans.txt>; rel="humans"
cache-control
no-cache, no-store, max-age=0, must-revalidate
worker-missing-cookies
0
pragma
no-cache
x-envoy-upstream-service-time
58
x-obvious-tid
1730168805412:f315f580db86
access-control-allow-credentials
true
cf-ray
8d9fb8f94c1a4da2-FRA
access-control-allow-origin
https://greenonions.com
x-xss-protection
1; mode=block
x-powered-by
Medium
server
cloudflare
stream
medium.com/_/api/collections/f593fb5628d6/
0
0
Preflight
General
Full URL
https://medium.com/_/api/collections/f593fb5628d6/stream?to=1574873148716&page=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-date,x-obvious-cid,x-xsrf-token
Access-Control-Request-Method
GET
Origin
https://greenonions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, traceparent
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-allow-origin
https://greenonions.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d9fb8f87b1a8fd6-FRA
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
date
Tue, 29 Oct 2024 02:26:45 GMT
link
<https://medium.com/humans.txt>; rel="humans"
medium-fulfilled-by
edgy/8.8.0, valencia/main-20241028-183020-5e9fddbd57
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
1
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
x-frame-options
sameorigin
x-obvious-info
20241028-1824-root,86e3e02c
x-obvious-tid
1730168805259:577338df2ad8
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block
pageview
api2.branch.io/v1/
28 B
350 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://greenonions.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
28
x-amz-cf-id
TpjZHUJOvoKaAh1xr4N51OR9vTC7WUPR-7WqcIutW_jYscEmKtY_dw==
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19
miro.medium.com/v2/
1 KB
2 KB
Other
General
Full URL
https://miro.medium.com/v2/5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9411b4c73533eca5265a7da90e4e6fcb7352082368b11f0470d1f2a43ca4904
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://greenonions.com/

Response headers

x-request-id
19ac0f37-09ba-4bef-bc34-609aec60446c
cf-cache-status
HIT
etag
"yj0WO6sFU4GCciYUBWjzvvfqrBh869doeOC2Pp5EI1Y/RIjI2M2E1NThhOTdjN2U0YzEwNjFlZGI0NjBjODU4Mjk0Ig"
age
529356
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 02:26:45 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 02:26:45 GMT
content-type
image/png
content-disposition
inline; filename="5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19.png"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
82
cf-ray
8d9fb8fa59702c25-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1037
server
cloudflare
batch
greenonions.com/_/
24 B
268 B
XHR
General
Full URL
https://greenonions.com/_/batch
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.1pEk5rS0vHqOpOxkzgNvgQ.12.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.173.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-173-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a2d7229fed40e53774254adcf39d0cd21e4a7c7de4512c32b189b79ea88a2d5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-XSRF-Token
1
Referer
https://greenonions.com/
X-Client-Date
1730168809695
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
X-Obvious-CID
web

Response headers

sepia-upstream
medium
x-envoy-upstream-service-time
17
x-content-type-options
nosniff
x-envoy-decorator-operation
valencia.valencia-production.svc.cluster.local:80/*
content-length
24
date
Tue, 29 Oct 2024 02:26:49 GMT
content-type
text/plain; charset=utf-8
server
nginx
medium-fulfilled-by
valencia/main-20241028-183020-5e9fddbd57

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.medium.com
URL
https://csp.medium.com/
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=448880782&t=pageview&_s=1&dl=https%3A%2F%2Fgreenonions.com%2F%3Fgi%3D1062ae68c34f&ul=de-de&de=UTF-8&dt=Greenonions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=35052270&gjid=1719173629&cid=1068716107.1730168805&tid=G-7JY7T788PK&_gid=1649448487.1730168805&_r=1&_slc=1&z=495387384

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| perfMetrics number| OB_startTime object| OB_loadErrors function| _onerror function| _asyncScript function| _asyncStyles function| ga function| obvInit object| GLOBALS object| branch object| _mdm object| PLOVR_MODULE_INFO object| PLOVR_MODULE_URIS function| _resizeIframe object| __obv object| google_tag_data object| gaplugins object| gaGlobal object| gaData

12 Cookies

Domain/Path Name / Value
.medium.com/ Name: uid
Value: lo_747312809b6c
.medium.com/ Name: sid
Value: 1:MaQqx26EqdmL6rkcZcQGiKKnFjtjuNUJlPMUUI+BBIQ2kMae8cJquLi8GBkb3eQq
greenonions.com/ Name: uid
Value: lo_747312809b6c
greenonions.com/ Name: sid
Value: 1:XgCadTVuglh2DRGUeycSlr+QjcRlkaUpo7++Oy4LOctdAhAtYPgIBAu6qsSQzvA1
greenonions.com/ Name: sz
Value: 1600
greenonions.com/ Name: pr
Value: 1
greenonions.com/ Name: tz
Value: -60
.greenonions.com/ Name: _ga
Value: GA1.2.1068716107.1730168805
.greenonions.com/ Name: _gid
Value: GA1.2.1649448487.1730168805
.greenonions.com/ Name: _gat
Value: 1
.app.link/ Name: _s
Value: lLMf2a1ijkyPRASwYr6iZlJjugv04%2FLl9uS%2BerUaGzIJ%2FmMHMHQXIfrhzzwTVR2G
.medium.com/ Name: _cfuvid
Value: mdH4glja2VtrR_xnCqF_V8_IYhhrTklTXwVv7.__PAg-1730168805519-0.0.1.1-604800000

4 Console Messages

Source Level URL
Text
security error URL: https://greenonions.com/?gi=1062ae68c34f
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://${LIGHTSTEP_HOST}'. It will be ignored.
security warning URL: https://greenonions.com/?gi=1062ae68c34f
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security error URL: https://www.google-analytics.com/analytics.js(Line 35)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=448880782&t=pageview&_s=1&dl=https%3A%2F%2Fgreenonions.com%2F%3Fgi%3D1062ae68c34f&ul=de-de&de=UTF-8&dt=Greenonions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=35052270&gjid=1719173629&cid=1068716107.1730168805&tid=G-7JY7T788PK&_gid=1649448487.1730168805&_r=1&_slc=1&z=495387384' because it violates the following Content Security Policy directive: "connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://greenonions.com https://*.greenonions.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'".
network error URL: https://greenonions.com/_/batch
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://greenonions.com https://*.greenonions.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-images-1.medium.com
cdn-static-1.medium.com
cdn.branch.io
csp.medium.com
glyph.medium.com
greenonions.com
medium.com
miro.medium.com
www.google-analytics.com
csp.medium.com
www.google-analytics.com
108.138.26.116
162.159.152.4
162.159.153.4
2600:9000:237d:b000:19:9934:6a80:93a1
2600:9000:2491:7600:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2a00:1450:4001:81d::200e
52.1.173.203
0e62c50d2b8035449b69fb70640a4609814dff9ecb22c2b75b081f564704762b
149f0d051ee9dee0361ee52822d6617db82e44c75a1d04d8a52214b0686a34f8
1adf981552a99713691360f2a0e2557be10311d15dba49a8f3740c1fa9c340e9
231b136964eea0275d2340ae18d031d7d0150c0db3f63e6df685efd5b7aad112
2f638a8dfc90450236b36ee2384b27599b573af400e369a9134814b2f252441b
2ff08f9d04e13cf594c6ef8542bae73498e1ce01b8969c2cd275a72cbe2ff48a
2fff09baf037f1486377798ea4ed07b0a1deb349b0e163eae8e4f7b901e69ca1
3bdeb3de084817db11b1e666416ba9da51d7e2bb45cb1d98388fdcd332690bc2
400c54f5272e08895cbd214c23a71f2f08089d390a27ce6d6837f9e76522eb0f
4f50934a52f504fb0cbc7c2776b9da0dff7cd9e9faeca88eabc3f2a23fac0495
62af06585d39156e5ba2566f68aa50055955a37a9cea36979d02e0b466789b29
67f964a92907f08ce140759b837315622cae07842acb84a1067d99de257174b5
6fd9ff7dea292a0de0d7655fc77d95bd3f25fc7900e816d907fd10726c0616b1
7cb0607a963a4d571ab612d010e4c124c2bb4cc0fd27048efa5f92eedab98ebe
8012cfe4d2a2401ed91896cda1527f07fb90925d8516305097e114d3a1ddc95d
9a74e3f0b30bab8c8d0fb5ab27672b25735fc014b4e3c1e22f0a4e863273e933
9aeae8ab2981ef4c528b934ab90bb0f1b5d58f6cb0b9d47253cd8eeaef7f52d3
9dfde2e1717f35237e54956b340ea30003e76d054d48bee0b149d51e81fc26a3
9fb5ca3fcdfed0b2f95d28ac8b9e31cd1eee6dc8cd8dda0b7d5fc63fbc21fe07
a2d7229fed40e53774254adcf39d0cd21e4a7c7de4512c32b189b79ea88a2d5f
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d68fc03255a112dbc6deda7818c4ce595c8be5d15b3974bcd6281627058c94ac
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
d9085596732b85b631854d7bdf6b186c0d2e5939707b8917d050878abb41a276
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e9411b4c73533eca5265a7da90e4e6fcb7352082368b11f0470d1f2a43ca4904