urlscan.io logo urlscan.io
SecurityTrails logo

blog.heyday.xyz Open in urlscan Pro
162.159.152.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blog.usejournal.com/
Effective URL: https://blog.heyday.xyz/?gi=e22647bfb622
Submission: On October 13 via manual from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 162.159.152.4, located in and belongs to CLOUDFLARENET, US. The main domain is blog.heyday.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2021. Valid for: a year.
This is the only time blog.heyday.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.35.253.11 16509 (AMAZON-02)
2 5 162.159.152.4 13335 (CLOUDFLAR...)
1 4 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.66.97 16509 (AMAZON-02)
10 6
1    13.35.253.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-11.fra6.r.cloudfront.net
blog.usejournal.com
5    162.159.152.4 (None, )

ASN13335 (CLOUDFLARENET, US)
blog.heyday.xyz
4    2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)
medium.com
glyph.medium.com
cdn-static-1.medium.com
csp.medium.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
cdn.branch.io
Domain Requested by
5 blog.heyday.xyz 2 redirects blog.heyday.xyz
static.cloudflareinsights.com
1 csp.medium.com www.google-analytics.com
1 cdn.branch.io blog.heyday.xyz
1 static.cloudflareinsights.com blog.heyday.xyz
1 www.google-analytics.com blog.heyday.xyz
www.google-analytics.com
1 cdn-static-1.medium.com blog.heyday.xyz
1 glyph.medium.com blog.heyday.xyz
1 medium.com 1 redirects
1 blog.usejournal.com 1 redirects
10 9

This site contains links to these domains. Also see Links.

Domain
medium.com
Subject Issuer Validity Valid
blog.heyday.xyz
Cloudflare Inc ECC CA-3		 2021-08-18 -
2022-08-17		 a year crt.sh
medium.com
Cloudflare Inc ECC CA-3		 2021-09-01 -
2021-11-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://blog.heyday.xyz/?gi=e22647bfb622
Frame ID: 7759201DEF8C3F14EE1E4B43EA4E7FA3
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found – Medium

Page URL History Show full URLs

  1. http://blog.usejournal.com/ HTTP 301
    http://blog.heyday.xyz/ HTTP 301
    https://blog.heyday.xyz/ HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.heyday.xyz%2F HTTP 302
    https://blog.heyday.xyz/?gi=e22647bfb622 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

10
Requests

90 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

6
IPs

3
Countries

164 kB
Transfer

482 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blog.usejournal.com/ HTTP 301
    http://blog.heyday.xyz/ HTTP 301
    https://blog.heyday.xyz/ HTTP 307
    https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.heyday.xyz%2F HTTP 302
    https://blog.heyday.xyz/?gi=e22647bfb622 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.heyday.xyz/
Redirect Chain
  • http://blog.usejournal.com/
  • http://blog.heyday.xyz/
  • https://blog.heyday.xyz/
  • https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.heyday.xyz%2F
  • https://blog.heyday.xyz/?gi=e22647bfb622
9 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.heyday.xyz/?gi=e22647bfb622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
d446db47c9f1808a4b708c0b36c097620d6d686d4aac8bf8e63a050cef22c4c5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.heyday.xyz https://*.blog.heyday.xyz https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
blog.heyday.xyz
:scheme
https
:path
/?gi=e22647bfb622
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
__cfruid=bd2d60f2c578324f2872ee8317844524641f382a-1634144435
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Oct 2021 17:00:37 GMT
content-type
text/html; charset=utf-8
cf-ray
69da20088d88701c-FRA
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Thu, 09 Sep 1999 09:09:09 GMT
link
<https://medium.com/humans.txt>; rel="humans"
set-cookie
uid=lo_faa6bee9ca01; Path=/; Expires=Thu, 13 Oct 2022 17:00:36 GMT; HttpOnly; Secure; SameSite=None sid=1:66yQkB41w7WTUId8hgRMHDgyulaLvOlWnYuAe7jEUV9IJTMDFQQJhif5JBVxP9h7; Path=/; Expires=Thu, 13 Oct 2022 17:00:36 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_faa6bee9ca01; Path=/; Expires=Thu, 13 Oct 2022 17:00:36 GMT; Secure; SameSite=None
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.heyday.xyz https://*.blog.heyday.xyz https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by
edgy/5.1.4, valencia/main-20211011-154348-f913722d14
pragma
no-cache
x-content-type-options
nosniff
x-envoy-upstream-service-time
375
x-frame-options
x-obvious-info
20211012-1803-root,e570ae25
x-obvious-tid
1634144436707:115b91644856
x-opentracing
{"ot-tracer-spanid":"414524b3153026be","ot-tracer-traceid":"11a745e3ed7a4c76","ot-tracer-sampled":"true"}
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 13 Oct 2021 17:00:36 GMT
content-type
text/plain;charset=UTF-8
content-length
0
location
https://blog.heyday.xyz/?gi=e22647bfb622
cf-ray
69da20074b6fd6c9-FRA
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Thu, 09 Sep 1999 09:09:09 GMT
link
<https://medium.com/humans.txt>; rel="humans"
set-cookie
uid=lo_faa6bee9ca01; Path=/; Domain=medium.com; Expires=Thu, 13 Oct 2022 17:00:36 GMT; HttpOnly; Secure sid=1:mYPY/HAJtOndSN3cxBB8vNA8rHHT6H1Y+43LZ0EAmmqTfPrYo2L7+O5DNJ8aG/C9; Path=/; Domain=medium.com; Expires=Thu, 13 Oct 2022 17:00:36 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_faa6bee9ca01; Path=/; Domain=medium.com; Expires=Thu, 13 Oct 2022 17:00:36 GMT; Secure; SameSite=None __cfruid=a37d1c0367f629bad1aa96a3d00fbd8fa3bd6760-1634144436; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by
edgy/5.1.4, valencia/main-20211011-154348-f913722d14
pragma
no-cache
x-content-type-options
nosniff
x-envoy-upstream-service-time
53
x-frame-options
sameorigin
x-obvious-info
20211012-1803-root,e570ae25
x-obvious-tid
1634144436456:629fcc7dfae8
x-opentracing
{"ot-tracer-spanid":"5f42a8461eb56744","ot-tracer-traceid":"2f1ccbec6e38a4da","ot-tracer-sampled":"true"}
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
m2-unbound.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 		70 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound.css
Requested by
Host: blog.heyday.xyz
URL: https://blog.heyday.xyz/?gi=e22647bfb622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e05f0d468a5356dd4d8f9cd6eadedaf450d53b2de833dd97e98878e16127261
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.heyday.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1851
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200
access-control-allow-credentials
true
cf-ray
69da200bfacdd6c9-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Wed, 13 Oct 2021 19:00:37 GMT
standalone-base.4ltCP55ny886vMvTiaDNLg.css
cdn-static-1.medium.com/_/fp/css/ 		232 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-static-1.medium.com/_/fp/css/standalone-base.4ltCP55ny886vMvTiaDNLg.css
Requested by
Host: blog.heyday.xyz
URL: https://blog.heyday.xyz/?gi=e22647bfb622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79fca500e425c298aaa88bba2067ca1984f83c7ddeb665f06c5b48c791fdb3a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.heyday.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3686596
cf-ray
69da200bfaccd6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28025
x-amz-id-2
StH0p0ogbb3laLly5Lzldm+A7KbSsPr0aHtokvgwtab7zJ8WdBNkGOSpO2U3E4aDs9dbYGloOYE=
last-modified
Tue, 31 Aug 2021 23:56:07 GMT
server
cloudflare
etag
"b8bf1781cd9ab2387ae3f4bb9031a095"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
G0ANEJ84BVA44CKC
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
text/css
expires
Thu, 13 Oct 2022 17:00:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blog.heyday.xyz
URL: https://blog.heyday.xyz/?gi=e22647bfb622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.heyday.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
3571
date
Wed, 13 Oct 2021 16:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Wed, 13 Oct 2021 18:01:06 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: blog.heyday.xyz
URL: https://blog.heyday.xyz/?gi=e22647bfb622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.heyday.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:00:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
69da200c68a56958-FRA
stat
blog.heyday.xyz/_/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.heyday.xyz/_/stat?event=pixel.load&origin=https%3A%2F%2Fblog.heyday.xyz
Requested by
Host: blog.heyday.xyz
URL: https://blog.heyday.xyz/?gi=e22647bfb622
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_/stat?event=pixel.load&origin=https%3A%2F%2Fblog.heyday.xyz
pragma
no-cache
cookie
__cfruid=bd2d60f2c578324f2872ee8317844524641f382a-1634144435; uid=lo_faa6bee9ca01; sid=1:66yQkB41w7WTUId8hgRMHDgyulaLvOlWnYuAe7jEUV9IJTMDFQQJhif5JBVxP9h7; optimizelyEndUserId=lo_faa6bee9ca01
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.heyday.xyz
referer
https://blog.heyday.xyz/?gi=e22647bfb622
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.heyday.xyz/?gi=e22647bfb622
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:00:37 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/gif
vary
Accept-Encoding
medium-fulfilled-by
edgy/5.1.4, valencia/main-20211011-154348-f913722d14
x-envoy-upstream-service-time
40
cf-ray
69da200c4d305c9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3acaf5ba1b6124f7ab627fa090e29801fc1dca40133f095d64d2ca9393f6434e

Request headers

Referer
Origin
https://blog.heyday.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
949e49a591657fff8775b1b2f5a32dba7534f350837e69dac4f1e70fd6cd149e

Request headers

Referer
Origin
https://blog.heyday.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
font/opentype
branch-latest.min.js
cdn.branch.io/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: blog.heyday.xyz
URL: https://blog.heyday.xyz/?gi=e22647bfb622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.heyday.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 21:28:14 GMT
server
AmazonS3
age
245
etag
"494b4c270c41c5456742136e682b1007"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Wed, 13 Oct 2021 16:56:33 GMT
x-amz-cf-pop
FRA56-C1
content-length
23861
x-amz-cf-id
mIMi9f0OuHDOxEpqllaKji5HgTW1Hq5il0Rh73LMok7SYlHZPBMDNA==
/
csp.medium.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.medium.com/
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.heyday.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers
collect
www.google-analytics.com/j/ 		0
0
rum
blog.heyday.xyz/cdn-cgi/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.heyday.xyz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://blog.heyday.xyz
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__cfruid=bd2d60f2c578324f2872ee8317844524641f382a-1634144435; uid=lo_faa6bee9ca01; sid=1:66yQkB41w7WTUId8hgRMHDgyulaLvOlWnYuAe7jEUV9IJTMDFQQJhif5JBVxP9h7; optimizelyEndUserId=lo_faa6bee9ca01; _ga=GA1.2.532573809.1634144437; _gid=GA1.2.2135902325.1634144437; _gat=1
content-length
2781
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
blog.heyday.xyz
referer
https://blog.heyday.xyz/?gi=e22647bfb622
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://blog.heyday.xyz/?gi=e22647bfb622
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Oct 2021 17:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://blog.heyday.xyz
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
69da200d98845c9e-FRA
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=2126983995&t=pageview&_s=1&dl=https%3A%2F%2Fblog.heyday.xyz%2F%3Fgi%3De22647bfb622&ul=en-us&de=UTF-8&dt=Not%20Found%20%E2%80%93%20Medium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1746409943&gjid=490315288&cid=532573809.1634144437&tid=UA-24232453-2&_gid=2135902325.1634144437&_r=1&_slc=1&z=1915245762

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| perfMetrics number| OB_startTime object| OB_loadErrors function| _onerror function| _asyncScript function| _asyncStyles function| ga function| obvInit object| branch object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __cfBeacon

11 Cookies

Domain/Path Name / Value
.blog.heyday.xyz/ Name: __cfruid
Value: bd2d60f2c578324f2872ee8317844524641f382a-1634144435
.medium.com/ Name: uid
Value: lo_faa6bee9ca01
.medium.com/ Name: sid
Value: 1:mYPY/HAJtOndSN3cxBB8vNA8rHHT6H1Y+43LZ0EAmmqTfPrYo2L7+O5DNJ8aG/C9
.medium.com/ Name: optimizelyEndUserId
Value: lo_faa6bee9ca01
.medium.com/ Name: __cfruid
Value: a37d1c0367f629bad1aa96a3d00fbd8fa3bd6760-1634144436
blog.heyday.xyz/ Name: uid
Value: lo_faa6bee9ca01
blog.heyday.xyz/ Name: sid
Value: 1:66yQkB41w7WTUId8hgRMHDgyulaLvOlWnYuAe7jEUV9IJTMDFQQJhif5JBVxP9h7
blog.heyday.xyz/ Name: optimizelyEndUserId
Value: lo_faa6bee9ca01
.heyday.xyz/ Name: _ga
Value: GA1.2.532573809.1634144437
.heyday.xyz/ Name: _gid
Value: GA1.2.2135902325.1634144437
.heyday.xyz/ Name: _gat
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://blog.heyday.xyz/?gi=e22647bfb622
Message:
Failed to load resource: the server responded with a status of 410 ()
security error URL: https://www.google-analytics.com/analytics.js(Line 43)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j94&a=2126983995&t=pageview&_s=1&dl=https%3A%2F%2Fblog.heyday.xyz%2F%3Fgi%3De22647bfb622&ul=en-us&de=UTF-8&dt=Not%20Found%20%E2%80%93%20Medium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1746409943&gjid=490315288&cid=532573809.1634144437&tid=UA-24232453-2&_gid=2135902325.1634144437&_r=1&_slc=1&z=1915245762' because it violates the following Content Security Policy directive: "connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.heyday.xyz https://*.blog.heyday.xyz https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.heyday.xyz https://*.blog.heyday.xyz https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options
X-Xss-Protection 1; mode=block