medium.datadriveninvestor.com Open in urlscan Pro
162.159.152.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
Effective URL:
https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
Submission: On July 27 via manual (July 27th 2022, 2:17:14 pm UTC) from US — Scanned from DE

Summary HTTP 143 Redirects Links 84 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 143 HTTP transactions. The main IP is 162.159.152.4, located in and belongs to CLOUDFLARENET, US. The main domain is medium.datadriveninvestor.com. The Cisco Umbrella rank of the primary domain is 501373.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 21st 2022. Valid for: a year.

This is the only time medium.datadriveninvestor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	162.159.152.4 162.159.152.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 21	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
98	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.240.96 99.86.240.96	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:1a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:224... 2600:9000:2240:ee00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
143	8

17 162.159.152.4 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.datadriveninvestor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

98 2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-96.vie50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:1a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2240:ee00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
119	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 9316 glyph.medium.com — Cisco Umbrella Rank: 18821 miro.medium.com — Cisco Umbrella Rank: 13881 cdn-client.medium.com — Cisco Umbrella Rank: 19250	2 MB
17	datadriveninvestor.com 1 redirects medium.datadriveninvestor.com — Cisco Umbrella Rank: 501373	58 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 994 api2.branch.io — Cisco Umbrella Rank: 638	25 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	app.link app.link — Cisco Umbrella Rank: 1598	595 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1311	5 KB
143	6

	Domain	Requested by
69	miro.medium.com	medium.datadriveninvestor.com
41	cdn-client.medium.com	medium.datadriveninvestor.com cdn-client.medium.com
17	medium.datadriveninvestor.com	1 redirects cdn-client.medium.com
8	glyph.medium.com	medium.datadriveninvestor.com glyph.medium.com
4	api2.branch.io	cdn-client.medium.com
2	www.google-analytics.com	medium.datadriveninvestor.com cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	medium.datadriveninvestor.com
1	static.cloudflareinsights.com	medium.datadriveninvestor.com
1	medium.com	1 redirects
143	10

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
saumyaprakashrana-51250.medium.com
www.datadriveninvestor.com
www.getpostman.com
portswigger.net
jwt.io
www.owasp.org
in.linkedin.com
jkatzaman.medium.com
andrea8787.medium.com
alphanmaina.medium.com
kymidd.medium.com
blog.hawk-tech.io
cleverchocolate.medium.com
anakkendali.medium.com
vikramguptavit.medium.com
adalite.medium.com
sibeeshvenu.medium.com
b2c-infosolutions.medium.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com
yuiltripathee.medium.com
habibiefaried.com
medium.statuspage.io
about.medium.com
blog.medium.com
knowable.fyi

Subject Issuer	Validity	Valid
medium.datadriveninvestor.com Cloudflare Inc ECC CA-3	`2022-01-21` - `2023-01-21`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-06-26` - `2022-09-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
Frame ID: D881B000F3E4E7BB4CB64920FEAF37D1
Requests: 143 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

API Security Testing(Part 1). All the information mentioned in this… | by Saumya Prakash Rana | DataDrivenInvestor

Page URL History Show full URLs

https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fmedium.datadriveninvestor.com%2F... HTTP 302
https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653 Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

143
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

10
Subdomains

8
IPs

3
Countries

1649 kB
Transfer

3744 kB
Size

11
Cookies

84 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?$canonical_url=https%3A%2F%2Fmedium.com/p/b0fc38228b93&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&source=post_page--------------------------nav_reg-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&source=post_page--------------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fnotifications&source=--------------------------notifications_sidenav-----------
Title: Notifications

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Flists&source=--------------------------lists_sidenav-----------
Title: Lists

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fme%2Fstories%2Fdrafts&source=--------------------------stories_sidenav-----------
Title: Stories

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=--------------------------new_post_sidenav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://saumyaprakashrana-51250.medium.com/?source=post_page-----b0fc38228b93--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fedbdb8aee3e7&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&user=Saumya+Prakash+Rana&userId=edbdb8aee3e7&source=post_page-edbdb8aee3e7----b0fc38228b93---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fb0fc38228b93&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&source=--------------------------bookmark_header-----------

Search URL Search Domain Scan URL

URL: https://www.datadriveninvestor.com/2019/02/25/6-alternatives-to-the-yahoo-finance-api/
Title: 6 Alternatives to the Yahoo Finance API | Data Driven InvestorThe Yahoo Finance API has long been a reliable tool for many of the data-driven investors. Many have relied on their…www.datadriveninvestor.com

Search URL Search Domain Scan URL

URL: https://www.getpostman.com/downloads/
Title: https://www.getpostman.com/downloads/

Search URL Search Domain Scan URL

URL: https://portswigger.net/burp
Title: https://portswigger.net/burp

Search URL Search Domain Scan URL

URL: https://jwt.io/
Title: https://jwt.io/

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/Command_Injection
Title: OWASP wiki

Search URL Search Domain Scan URL

URL: https://in.linkedin.com/in/saumya-prakash-rana-4287b990
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fdatadriveninvestor%2Fb0fc38228b93&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&user=Saumya+Prakash+Rana&userId=edbdb8aee3e7&source=-----b0fc38228b93---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fdatadriveninvestor%2Fb0fc38228b93&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&collection=DataDrivenInvestor&collectionId=32881626c9c9&source=post_page-----b0fc38228b93---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://jkatzaman.medium.com/?source=post_page-----b0fc38228b93----0----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/social-media?source=post_page-----b0fc38228b93---------------social_media-----------------
Title: Social Media

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F100340a4541d&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fvr-tentatively-peers-into-social-networks-100340a4541d&source=-----b0fc38228b93----0-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page_footer_cta_write-------------------------------------
Title: Write on Medium

Search URL Search Domain Scan URL

URL: https://andrea8787.medium.com/?source=post_page-----b0fc38228b93----1----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/programming?source=post_page-----b0fc38228b93---------------programming-----------------
Title: Programming

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F6eaf16a374cf&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fwhy-you-should-learn-programming-even-if-you-are-an-artist-6eaf16a374cf&source=-----b0fc38228b93----1-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://alphanmaina.medium.com/?source=post_page-----b0fc38228b93----2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/artificial-intelligence?source=post_page-----b0fc38228b93---------------artificial_intelligence-----------------
Title: Artificial Intelligence

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc73aa3fe09d6&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fbenefits-of-artificial-intelligence-in-digital-marketing-c73aa3fe09d6&source=-----b0fc38228b93----2-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://kymidd.medium.com/?source=post_page-----b0fc38228b93----3----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cloud-computing?source=post_page-----b0fc38228b93---------------cloud_computing-----------------
Title: Cloud Computing

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F86649af45afa&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fnetwork-engineering-is-dying-except-at-cloud-providers-86649af45afa&source=-----b0fc38228b93----3-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://kymidd.medium.com/?source=post_page-----b0fc38228b93----4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/devops?source=post_page-----b0fc38228b93---------------devops-----------------
Title: Dev Ops

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F456d2dd7902b&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fcloud-devops-in-defense-of-doing-it-wrong-456d2dd7902b&source=-----b0fc38228b93----4-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://blog.hawk-tech.io/graceful-shutdown-using-simple-sytems-manager-and-terraform-on-aws-f11deb6a4e24?source=post_internal_links---------0----------------------------
Title: Paul LeclercqinHawk | Engineering blogGraceful shutdown using Simple Sytems Manager and Terraform on AWS

Search URL Search Domain Scan URL

URL: https://medium.com/@polomarcus?source=post_internal_links---------0----------------------------

Search URL Search Domain Scan URL

URL: https://blog.hawk-tech.io/?source=post_internal_links---------0----------------------------
Title: Hawk | Engineering blog

Search URL Search Domain Scan URL

URL: https://cleverchocolate.medium.com/receive-window-auto-tuning-level-options-af8c21346246?source=post_internal_links---------1----------------------------
Title: cleverchocolateReceive Window Auto-tuning Level Options

Search URL Search Domain Scan URL

URL: https://cleverchocolate.medium.com/?source=post_internal_links---------1----------------------------

Search URL Search Domain Scan URL

URL: https://anakkendali.medium.com/tutorial-fuzzy-logic-mamdani-for-arduino-c049eff59347?source=post_internal_links---------2----------------------------
Title: Anak KendaliTutorial Fuzzy Logic Mamdani for Arduino

Search URL Search Domain Scan URL

URL: https://anakkendali.medium.com/?source=post_internal_links---------2----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/javarevisited/runnable-vs-callable-in-java-multithreading-3782f2c3c35?source=post_internal_links---------3----------------------------
Title: Vikram GuptainJavarevisitedRunnable vs Callable in Java MultiThreading

Search URL Search Domain Scan URL

URL: https://vikramguptavit.medium.com/?source=post_internal_links---------3----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/javarevisited?source=post_internal_links---------3----------------------------
Title: Javarevisited

Search URL Search Domain Scan URL

URL: https://adalite.medium.com/catalyst-voting-registration-on-adalite-71d975f75755?source=post_internal_links---------4----------------------------
Title: AdaLite walletCatalyst voting registration on Adalite

Search URL Search Domain Scan URL

URL: https://adalite.medium.com/?source=post_internal_links---------4----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/makers-byte/how-to-configure-the-viewport-9dadf34e62b5?source=post_internal_links---------5----------------------------
Title: Shahzaib KhaninMakers ByteHow to configure the viewport?

Search URL Search Domain Scan URL

URL: https://medium.com/@skhans?source=post_internal_links---------5----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/makers-byte?source=post_internal_links---------5----------------------------
Title: Makers Byte

Search URL Search Domain Scan URL

URL: https://medium.com/medialesson/search-contents-of-a-pdf-file-in-sharepoint-online-make-them-searchable-using-microsoft-flow-b59254c2d4fb?source=post_internal_links---------6----------------------------
Title: Sibeesh VenuinmedialessonSearch Contents of a PDF File in SharePoint Online, Make them Searchable Using Microsoft Flow

Search URL Search Domain Scan URL

URL: https://sibeeshvenu.medium.com/?source=post_internal_links---------6----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/medialesson?source=post_internal_links---------6----------------------------
Title: medialesson

Search URL Search Domain Scan URL

URL: https://b2c-infosolutions.medium.com/everything-you-need-to-know-about-on-demand-app-solutions-in-2022-8ff67c51ae1c?source=post_internal_links---------7----------------------------
Title: B2C Info SolutionsEverything you need to know about on-demand app solutions in 2022

Search URL Search Domain Scan URL

URL: https://b2c-infosolutions.medium.com/?source=post_internal_links---------7----------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----b0fc38228b93--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----b0fc38228b93--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----b0fc38228b93--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----b0fc38228b93--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----b0fc38228b93--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----b0fc38228b93--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----b0fc38228b93--------------------------------

Search URL Search Domain Scan URL

URL: https://saumyaprakashrana-51250.medium.com/

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2Fedbdb8aee3e7&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&user=Saumya+Prakash+Rana&userId=edbdb8aee3e7&source=post_page-edbdb8aee3e7-------------------------follow_profile-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2F9eb1683a7f14&operation=register&redirect=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&newsletterV3=edbdb8aee3e7&newsletterV3Id=9eb1683a7f14&user=Saumya+Prakash+Rana&userId=edbdb8aee3e7&source=--------------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@shaan.upadhyaya/web-application-security-c8a68934558c?source=read_next_recirc---------0---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------
Title: Shaan UpadhyayaWeb Application Security

Search URL Search Domain Scan URL

URL: https://medium.com/@shaan.upadhyaya?source=read_next_recirc---------0---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------

Search URL Search Domain Scan URL

URL: https://medium.com/@TechMagic/a-complete-guide-to-web-application-penetration-testing-techniques-methods-and-tools-60fd452da5ee?source=read_next_recirc---------1---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------
Title: TechMagicA Complete Guide to Web Application Penetration Testing: Techniques, Methods, and Tools

Search URL Search Domain Scan URL

URL: https://medium.com/@TechMagic?source=read_next_recirc---------1---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------

Search URL Search Domain Scan URL

URL: https://yuiltripathee.medium.com/web-dev-setup-in-wsl2-kali-linux-2022-edition-part-1-connecting-mariadb-and-postgresql-database-4706c1935a17?source=read_next_recirc---------2---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------
Title: Yuil TripatheeWeb Dev setup in WSL2 Kali Linux 2022 Edition — Part 1: Connecting MariaDB and PostgreSQL database…

Search URL Search Domain Scan URL

URL: https://yuiltripathee.medium.com/?source=read_next_recirc---------2---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------

Search URL Search Domain Scan URL

URL: https://habibiefaried.com/designing-golang-dns-server-with-tor-upstream-8ce62a458cfc?source=read_next_recirc---------3---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------
Title: Habibie FariedDesigning golang DNS server with TOR upstream

Search URL Search Domain Scan URL

URL: https://habibiefaried.com/?source=read_next_recirc---------3---------------------26684b1a_1a0b_479d_96e7_82a9cf71ed92-------

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1
Title: About

Search URL Search Domain Scan URL

URL: https://knowable.fyi/
Title: Knowable

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93 HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93 HTTP 302
https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

143 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request api-security-testing-part-1-b0fc38228b93 Show response
medium.datadriveninvestor.com/
Redirect Chain

https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93
https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

209 KB
46 KB

901ms
899ms

Document
text/html

162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c366c6a5ad1212d7e2d6b03a28eefe6785051d68a4a7a6479292d936fe56c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7315ff190ea4bb3e-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 14:17:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, lite/main-20220727-132846-72e452be5c, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
medium-missing-time: 258
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 744
x-request-received-at: 1658931424303

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7315ff17cd64cc62-ZRH
content-length: 0
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/plain;charset=UTF-8
date: Wed, 27 Jul 2022 14:17:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 25
x-frame-options: sameorigin
x-obvious-info: 20220727-1248-root,89114e9f
x-obvious-tid: 1658931424066:3af9e96f5b68
x-opentracing: {"ot-tracer-spanid":"0743c4275689af53","ot-tracer-traceid":"736d0a774ac0d70f","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 unbound.css
glyph.medium.com/css/ 12 KB
1 KB 55ms
45ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 287
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 7315ff1ec975cc62-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 27 Jul 2022 16:17:05 GMT

GET
H2 200 1*2mBCfRUpdSYRuf9EKnhTDQ.png
miro.medium.com/fit/c/64/64/ 1 KB
2 KB 59ms
50ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/64/64/1*2mBCfRUpdSYRuf9EKnhTDQ.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5334ece0f11c05b5682cae0ffd4a9b717c41a123e4ef09ebb218f7f649897aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 411675
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1338
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff1ec976cc62-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H2 200 2*PJihgbDkwhFY334x1NI6kg.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 173ms
148ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/2*PJihgbDkwhFY334x1NI6kg.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892e990ef2bc3b613bfc78ac67541a7b0244d1abd297e55a34b7a6236259eff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 69
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4020
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f09d0cc62-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H2 200 1*gH-f4xEDlPx4iAMoQqWhwQ.png
miro.medium.com/fit/c/40/40/ 3 KB
3 KB 218ms
193ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*gH-f4xEDlPx4iAMoQqWhwQ.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

056f2fe864141fe41d3d49a3f0febcc2d92c509f65ab69b6d26c431c90d0efb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 59
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2599
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f09d6cc62-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H2 200 1*Hz4oNUUhRZO6Smnp8xHlcQ.jpeg
miro.medium.com/focal/112/112/50/50/ 6 KB
6 KB 189ms
165ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/1*Hz4oNUUhRZO6Smnp8xHlcQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fabe32e6ed01b513b036144deb64030efe011452fd5a594418f7656d6728b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 52
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6109
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f09d9cc62-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/40/40/ 570 B
677 B 72ms
47ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fce0922ef388ad6f81ae62add760596c852b7c66503f3183cce6943ec5d4f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 364987
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 570
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210928-152012-e160f205e6
accept-ranges: bytes
cf-ray: 7315ff1f09dfcc62-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H2 200 0*ZbX454O50GOtztTZ
miro.medium.com/fit/c/40/40/ 2 KB
2 KB 73ms
49ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/0*ZbX454O50GOtztTZ

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff184ab7c985646b7633aae8bce197e62b17c733536627e6ef81b40c776e6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 571304
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2022
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff1f09e0cc62-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 0*4SKOYEBJ8i4b-Xlp.png
miro.medium.com/focal/112/112/50/50/ 12 KB
12 KB 169ms
166ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/0*4SKOYEBJ8i4b-Xlp.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5987a5d37b858bf9b90efa49c2f61648297c8d987e6161eee225c2490a56f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 99
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12261
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e560208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*vyvIqFjqXHxBHW0sD5OVuw.jpeg
miro.medium.com/fit/c/40/40/ 1 KB
2 KB 47ms
41ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*vyvIqFjqXHxBHW0sD5OVuw.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf2169e4bbbd5cef4431207283330be60d16e82cbbbca1b358adab58f42dce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 148634
x-envoy-upstream-service-time: 49
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1514
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff1f5e6c0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*q_ypUk5l1XztRoM6LF4eKQ.jpeg
miro.medium.com/focal/112/112/50/50/ 8 KB
9 KB 146ms
140ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/1*q_ypUk5l1XztRoM6LF4eKQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b0d311a5554cbacc6e71a857faff5c9d7e2238665c71e3052b2fd3b0d1c726f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 34
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8402
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e6e0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*YRbUdQ-xPS7ScnQWYyT5Kw.jpeg
miro.medium.com/fit/c/40/40/ 1 KB
2 KB 151ms
144ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*YRbUdQ-xPS7ScnQWYyT5Kw.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b8cf1004fa798a5c11051d2391dc9e2294bb0d2b4f49c413c27204a3ed10a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1137
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff1f5e6f0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 0*9RfAcHi5nWqjCXf8
miro.medium.com/focal/112/112/50/50/ 6 KB
6 KB 152ms
145ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/0*9RfAcHi5nWqjCXf8

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3013bd5ce64a029c621770a47a2a8d8d733ffcd3e034a948f5de25a770729c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5708
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e710208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*8dcATXwfRwjozxPWkuRe8w.png
miro.medium.com/fit/c/40/40/ 3 KB
3 KB 160ms
153ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*8dcATXwfRwjozxPWkuRe8w.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06ac06a898d06fe08ef7ff0b8cf589af0f147856adbdad4fe1c83f5629cf0097

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2701
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e720208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 0*mlH5NQ0O58z23iHo.jpg
miro.medium.com/focal/112/112/50/50/ 5 KB
5 KB 180ms
175ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/0*mlH5NQ0O58z23iHo.jpg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a4b5a4b5843e3b8c7118a475aca00cc9599c16f06ae039accea083151108e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5154
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e620208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*2eCdHzwUn5oYphVeMsRvkw.gif
miro.medium.com/fit/c/40/40/ 10 KB
11 KB 170ms
165ms Image
image/gif 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*2eCdHzwUn5oYphVeMsRvkw.gif

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51ddece356862d92f2108fe700302096b256f889ee07a15e7d328a2e285174d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 72
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10573
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e630208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*LYJG3nYW4qQKogpu4Sbs9Q.png
miro.medium.com/focal/112/112/50/50/ 4 KB
4 KB 149ms
145ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/1*LYJG3nYW4qQKogpu4Sbs9Q.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347d4798ba27d8b04bf11e68f31e88357eb37b5ac6d54da80b1d8169854b51c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 75
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3642
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e650208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*o-U29Vnx8LzDm2wRj6Z3pA.png
miro.medium.com/fit/c/40/40/ 2 KB
2 KB 170ms
165ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*o-U29Vnx8LzDm2wRj6Z3pA.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19ed56d63231c3071549c834711444a91f37b044bff88209ae89ded2a1bcaf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 61
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1575
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e670208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*Ym2k5jzRdkkVvTFVwSUVAQ.jpeg
miro.medium.com/focal/112/112/50/50/ 5 KB
5 KB 144ms
140ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/1*Ym2k5jzRdkkVvTFVwSUVAQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c3fb2d9c16475f9f5b536f3c63f2db867e68bce5571da5be058a3bc862eed4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 67
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5184
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e690208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/270/ 10 KB
10 KB 62ms
60ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272990
x-envoy-upstream-service-time: 36
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9821
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211007-072759-1292b62fe9
accept-ranges: bytes
cf-ray: 7315ff1f5e570208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/270/ 7 KB
7 KB 108ms
105ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272986
x-envoy-upstream-service-time: 35
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6839
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff1f5e5a0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 2*PJihgbDkwhFY334x1NI6kg.jpeg
miro.medium.com/fit/c/176/176/ 9 KB
10 KB 177ms
175ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/176/176/2*PJihgbDkwhFY334x1NI6kg.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aab99615413a6b62749945bf046a880e2f47a32f3f7d7b48265f2690be4ebfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 45
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9657
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e5d0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 0*tKDAHN3HIL_9ktER
miro.medium.com/fit/c/40/40/ 2 KB
2 KB 108ms
106ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/0*tKDAHN3HIL_9ktER

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9502a08bba8594094ee3abd206473279c15a7f8282b5eb74d1c349b13e2c7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15363
x-envoy-upstream-service-time: 77
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1765
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e5e0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*WOKZMNDPUFvGK1-5XXUYeQ.jpeg
miro.medium.com/focal/112/112/50/50/ 8 KB
9 KB 109ms
106ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/1*WOKZMNDPUFvGK1-5XXUYeQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76853f026746ecceadec822b666000ab646ed7876d5caeeed42057fc87e77fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15363
x-envoy-upstream-service-time: 1004
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8551
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e600208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*EiLuTrUpSTkBbA3LagKKIQ.jpeg
miro.medium.com/fit/c/40/40/ 1 KB
2 KB 61ms
58ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*EiLuTrUpSTkBbA3LagKKIQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff95341286f50c06b2ec9994420985a3ab40d1b1533093316b9d079086bd2ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 80055
x-envoy-upstream-service-time: 68
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1258
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff1f5e610208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*cK3U-WyilBccCV-LhST6iw.png
miro.medium.com/focal/112/112/50/50/ 6 KB
6 KB 170ms
165ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/1*cK3U-WyilBccCV-LhST6iw.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54dba040631dad224ebad93fe9493f02671b3e311d567479c458a0c28b8b2094

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 185
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5963
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 7315ff1f5e730208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*A9CPu9xDFnp7XvnIIS38Ng.jpeg
miro.medium.com/fit/c/40/40/ 2 KB
2 KB 157ms
152ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*A9CPu9xDFnp7XvnIIS38Ng.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd67615df78d5873ae0cf98c982e37bd7c60a5f82141f47bae5a1e0813182e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 57
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1554
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff1f5e750208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 0*yNDbktlCy_2w0tN1.png
miro.medium.com/focal/112/112/50/50/ 6 KB
7 KB 171ms
165ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/0*yNDbktlCy_2w0tN1.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af1f2059400a9e08772404ef23b4d654f6ec6687af17cc42b6a1ed7c9e82eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 180
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6557
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e7a0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*mlbU6UQm9Y4qnfktsuZR3g.jpeg
miro.medium.com/fit/c/40/40/ 1 KB
2 KB 179ms
173ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/40/40/1*mlbU6UQm9Y4qnfktsuZR3g.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f8be42ddefe4b95abbc2c8d8b42cd10276dd8c77d4c692fd23da32eb6e9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 23
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1416
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff1f5e7c0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*b9U0k743uObc5EZ_2em3Cg.png
miro.medium.com/focal/112/112/50/50/ 3 KB
4 KB 237ms
231ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/112/112/50/50/1*b9U0k743uObc5EZ_2em3Cg.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3e762b861d7931ea47c48c7e5af8d7145f80a3047bac7769b4316f8e6e901d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 105
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3561
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e7e0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H2 200 manifest.4527567d.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
5 KB 119ms
86ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.4527567d.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a64b058d3eb1164a0df1547447be865faa2b2da3574852e467f45d0b7591e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 839
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HHY1CQTV1CB8FGNW
x-amz-id-2: hkschWRFSY9iTUllxmrtTcQ5p1OO4fAbOMf282+2BsjIJvrF4YQ5T5dzVYB2aLCt15p22V9gm7c=
last-modified: Wed, 27 Jul 2022 13:18:02 GMT
server: cloudflare
etag: W/"28ed45eff85b0be3bf2c4cddc9dc6616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: rfF1vm3XBBSITgyUbEiTRRQhGYowbpcN
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f2a00cc62-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H2 200 5095.36bab7b6.js Show response
cdn-client.medium.com/lite/static/js/ 720 KB
224 KB 81ms
48ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6491ee287d59d8f3a8cf4e26c7fb796630b3c2b677b31c9a45e1c37210eeacfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 436331
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E5930M7755XFTE4S
x-amz-id-2: KrA3x5uZ/xojw/tuTOMTf/5lT3JnrirkNV3W8GpFT/sYe3SxuKop6E3gXpm40NsdDa65x60Llcs=
last-modified: Fri, 08 Jul 2022 09:59:59 GMT
server: cloudflare
etag: W/"b1eb8340ab6fb377c8f423eb3a893567"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: WCanG65e2UeBKnT5HddljeAtZxcf29NA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f2a01cc62-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H2 200 main.a2cb94d6.js Show response
cdn-client.medium.com/lite/static/js/ 729 KB
176 KB 102ms
69ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.a2cb94d6.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3327939cab9bc903f09b47fc1f5ac71f3f92653b033efc8db0d21057aee16cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 506792
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: W7688XF9FB10DEYQ
x-amz-id-2: ECv7veceJ/w0vnzv3c3PIJCAD6OV18/07vA1yA0LqTR9cXgAhz4BYuiW5rJUt2k2YgxzdKxcPNM=
last-modified: Thu, 21 Jul 2022 17:07:04 GMT
server: cloudflare
etag: W/"3418837db4c56c986449fdd52fdd4ad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: k_aqD5vQNVGZE.N6R_YArIvMXaUwRJ6G
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f2a04cc62-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H2 200 instrumentation.d4892e93.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 79ms
46ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.d4892e93.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c4eb367086e5f555599ef54c0e862a4f4b13e7bbb6161d859d1bc8a82fa9813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 149838
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2R4VYQDMXXZBT37Z
x-amz-id-2: unNu4ubM7VT2JbFvJQ1MXAag2BZqoB8SbP5yjgkjPFWxUL6TSJOdrglouvrmS40SnaWtkbn+8FE=
last-modified: Fri, 01 Jul 2022 00:11:22 GMT
server: cloudflare
etag: W/"e88ebc420a64202472eb95f862dbaa1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: PqdKEjQEBl6639b0HbvHFMWJurUzoji2
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f29fdcc62-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H2 200 8732.9d4e0df2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 65 KB
19 KB 55ms
54ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8732.9d4e0df2.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008b735b5e27e2ddea50ac42eeaef63fae74d969ff15e3144c7b9f7c927baffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1111159
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VKC99QTCBK1JJRSK
x-amz-id-2: q5KO0l+kDDFVGCiz9TdU1XKQr813wXW0hWzBb+kJKHGPuS2cbr/qlFqjRQD4lviAyLSsWb0H0qU=
last-modified: Tue, 28 Jun 2022 21:50:52 GMT
server: cloudflare
etag: W/"6282534288238b33d8aa9c488837d8c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: NxzGjDoZXtQ2GwkHKvwxxgw5Nexyfnov
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f2a06cc62-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H2 200 2837.ce7e5a4c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 16 KB
6 KB 59ms
56ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2837.ce7e5a4c.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d4189e8ccbe7992c0c6d663d5cadfbf8caf5fb98568c9e36e327b22db7fc70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1178790
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VRBF0S2TWTY03YZ6
x-amz-id-2: 5mbTEBGz9qvEtGtzK42Nhe/dqzJ9VhmPvjj06MPGjj6HiVnCDkcSMPYbExqgXqkq6dQuqZW9Jzs=
last-modified: Wed, 29 Jun 2022 22:03:05 GMT
server: cloudflare
etag: W/"11fa9a050a3c09ba8e63ae9c7c4ac401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: EMPPfvJiL.Tu7UDvhc8x9rYn1dlWsXb9
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f5a72cc62-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 AppLayout.1b6c848f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 110 KB
22 KB 73ms
63ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/AppLayout.1b6c848f.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c930796481cff317ed73b38651b91534e5f29eab73a6d1d04349e14c24727a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 839
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2JQZ21PQM2JJ0ZKT
x-amz-id-2: aErjEcfpErwpowWLJfEVDZ3y+yNuk8klILnb2qbpbW4QPK79ZpeYoQIenxwwOzJ7w/Fu2V+humE=
last-modified: Wed, 27 Jul 2022 10:09:58 GMT
server: cloudflare
etag: W/"e942a86606f9b2566a40a9d2795e62fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: ZHtc7.n35MXBGfMfx9OYK5QBr31LJ.up
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7e9e0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 reporting.bbdcaa9d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 74ms
65ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 149834
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2R4YTKBCDDS6HF3J
x-amz-id-2: hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified: Fri, 01 Jul 2022 00:11:40 GMT
server: cloudflare
etag: W/"72bc359fe3377069bd162b3be6ed3d05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7ea10208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 4270.c0f5b685.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
1 KB 75ms
66ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4270.c0f5b685.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 660922
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C2ZN163S1S828YMM
x-amz-id-2: lN1VMVaeaxRA6JY7+jojWRuyaU3UMOhyF07ltDGS+YyWWVSyvqeb9ASTn/Hr82e9/OYyZQ+ZxgQ=
last-modified: Wed, 08 Jun 2022 01:57:01 GMT
server: cloudflare
etag: W/"ecb15ff3b96846c74bbdba0df72c6c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: KSkooLLVUmAEyr4Mvb9mqebbFmTOLR9I
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7ea30208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 1752.a348f767.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
11 KB 76ms
66ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1752.a348f767.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 76016
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KZ14F4DJ39Z3KD31
x-amz-id-2: EH9a3SVQgwGg+xgKP+wLoMBxv4vi3bqNF1lLFBsPfty2oXINnyDdoXCZNr63aUDBWO4Du/Lj2Tk=
last-modified: Tue, 25 May 2021 18:36:29 GMT
server: cloudflare
etag: W/"7741f0aa651938c2144d2a015cea95e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: tE2Oq32GJtDB6jVcHF3DcPbZYJQJcUaP
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7ea40208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 7794.9590314e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 98ms
89ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7794.9590314e.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413712
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZZ2GZ8XPEV2XSK8Q
x-amz-id-2: ZlnxwgkjMnGtnnoC7ojH0QwhC0XfdFWPNT0tzpzMx7ygzdLPg6cqgl3wZCpV+Z2ow4dAGrEJyes=
last-modified: Tue, 25 May 2021 18:36:34 GMT
server: cloudflare
etag: W/"fdb51abd005c8009b18f0a8ff313072f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: edEnQQoOPA8J97QSUBTjXG.e16leDLA5
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7ea50208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 8316.18f2a6aa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 100ms
91ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8316.18f2a6aa.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413712
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CNHD5SFN5Y8TW45S
x-amz-id-2: hFIjAklPE8uAiFD3F+iWoIjr1hZAL+bvgJNwZvAJEZUDnYTo6ZgZ84z2QdIcyEiccMTz7/tDkuo=
last-modified: Thu, 14 Apr 2022 09:06:33 GMT
server: cloudflare
etag: W/"9fa67454adaeb385a3a70077ff7b7df1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QUYK47Sx_vLYH.MHyrUF8Ib7srVpusAN
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7ea60208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 5221.7f146039.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
7 KB 115ms
106ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5221.7f146039.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5afd531c75a0a2e8347ac7b37183204c1fdb0c223ec6414d7da42f1bd233dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7608
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YJ8Q6RTJJ6MPS08Y
x-amz-id-2: 2Uk4T9AGUQIM8pwhusrHzZbxRFdktBbApZQv4JMnFFSM5ZVHGPV66yScLgk69SuhmFeouYtDh30=
last-modified: Tue, 12 Jul 2022 14:18:42 GMT
server: cloudflare
etag: W/"c3174357ebcb0719db18b72713fb4742"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: CK.rZJ8h7QPbhgsKdQ0Yuh47meRqX.X7
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7ea90208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 4330.505d9b82.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
8 KB 117ms
107ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4330.505d9b82.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad10c973f7f20d9919fe89e9efb6b8f505a89b9324d59b33d0179b0f3600760

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 606896
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RSWBVK6GPH7WA1WS
x-amz-id-2: OZ6e2z5QUZWezMFWsn4G+FZ0nMtzylweSBD/sLDbg9kYe3R0SabqK+UA4Zsd0PYKM5GXh/ku8WA=
last-modified: Wed, 06 Jul 2022 07:53:37 GMT
server: cloudflare
etag: W/"89633caba427b7d20e544297bda66dab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: gQEbNSFB2YYpg7DkC97.n6gYODZl5Nfz
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7eaa0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 2981.a73a3afe.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
4 KB 66ms
56ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2981.a73a3afe.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3702ff0b9d7faec5b8b436090a0fc3c50dd19271a9029a357e97a506ff6b693f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 660924
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z26ET87R4XW28Q9M
x-amz-id-2: 9eoknKo44+MmwsD4z2lzMt1cMs8HrtsWWvaR4bdgPX4QJu6+rg3POSvKSbbM3cqlGfwpcOZ0bxw=
last-modified: Mon, 16 May 2022 03:47:31 GMT
server: cloudflare
etag: W/"9b962a6c3fe514da0f70551af2c6c736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 8hJRWUosDYWSeoajDVAe78qP2kpfwfbB
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f7eab0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 3115.5f1b0b71.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 149 KB
39 KB 121ms
106ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3115.5f1b0b71.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a3279b27d6e37c575299107afe1bc6a5ba3119a5d3acec333bf65277bcc84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 538664
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 118SNW98WDMVCPW0
x-amz-id-2: 8K1nBJCq5eHC/ZtWZ8zIl+MDPX8MDO9GdMo1jZ3hsb7sn5wQOrOKYFWIDqRuiLAF1O6lroqnPFE=
last-modified: Thu, 30 Jun 2022 09:32:07 GMT
server: cloudflare
etag: W/"cb4622c26825353a5bff51d8bcfb15d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: P6WcmN.3JTY3_B_DHVBSO7M_dpi1Zwc0
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8eb00208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 4869.15af887a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 122ms
107ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4869.15af887a.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 660924
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BVXG0076RV4B9JAP
x-amz-id-2: uKH8UQbmWp1mPmCPTJvTtTv1kuEn3ARbt5hpFXJtd9Q7grMGajh8gSczyhsbEk9PSu4/TmP63i8=
last-modified: Tue, 21 Jun 2022 18:46:21 GMT
server: cloudflare
etag: W/"461c7bfcd82063a67a77f584159505ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: zsasPIPj4VNjHd6lWz1Ablp9oC5jhxmA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8eb10208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 5472.5f6d4371.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
1 KB 123ms
108ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5472.5f6d4371.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413712
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CNH8PTMK5AP330DM
x-amz-id-2: xGpOOu8UZAzsu1YWUtNuDaspxj3NnwdsbLl4CFr6mQNnuC5VgdmPYNonihLFzHPh0iUQuVnGPss=
last-modified: Thu, 14 Apr 2022 09:06:30 GMT
server: cloudflare
etag: W/"6adb8844d763f7d58b6ed49ab89899c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: M9BL7xv54wPjdaXSST5ko_cL9x0mMNwi
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8eb30208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 9401.492bc814.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 123ms
108ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9401.492bc814.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 660923
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BVXT7BCCKH158FM3
x-amz-id-2: fmyPMPKPQeWvDtiHrQgX5CGXZTku+5n0vOfhSaA2QdzDZmCmY1RbWsXR1l8WR2n7FzWl5DH3jRU=
last-modified: Tue, 21 Jun 2022 18:46:28 GMT
server: cloudflare
etag: W/"1ddc9c0c19f0fe0be7a7d8a22ff4b327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: o7qB8yuUJ2.ySHF37F8FxNhTjXdITIXy
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8eb40208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 2307.e2eee8fb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 124ms
109ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2307.e2eee8fb.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0ab426387b4578de5273a69f300167c07ceef4d6fd614061f82e744912caf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 156878
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C161FKXC1QHNCGJ5
x-amz-id-2: VDHgfeX3rOnFPcDMyWQmOisa1RU2GseRafJzK1phkL0TbrZgYDmVx6uwAFSigxUD2XCvUAKuZ7s=
last-modified: Mon, 11 Jul 2022 17:54:24 GMT
server: cloudflare
etag: W/"7d0f7b40aa739665bb020b5a1565de04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: qIXQQpBSzO.nx9tUzBqTqIUMorGPbz14
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8eb60208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 9442.5291e270.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
6 KB 127ms
112ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9442.5291e270.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 606896
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8NAYDQE9MQK743Q9
x-amz-id-2: Q+YMUo3f6jyml7SXk6SmWMrC+AY114aKXRjQlxqfefqQ7aN4c6PDcZ7B2XOvKqS3AdCjuSFaiK8=
last-modified: Wed, 06 Jul 2022 07:53:44 GMT
server: cloudflare
etag: W/"3edcd4d9e5942e997e7195e591b148c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: pCL2A.BoWSvPuskvdf9gJgCn0qWM.lXJ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8eb70208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 7070.4ba587c4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 131ms
118ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7070.4ba587c4.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05050a7f9156fca338fdf18683aba2fc6810ae354eae1c647bd786c05c7fa369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1178790
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VRBCPMJBPG92T288
x-amz-id-2: Nq8zLg44/1nh7KpJFbh9SoI54n8gmcYTDENnt5yMPN05j0QYhTHEUpNZHmn/zCpVrWrB1yk08nE=
last-modified: Wed, 29 Jun 2022 22:03:10 GMT
server: cloudflare
etag: W/"fd36f064abbbaf7b29c9f3a8e4011812"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: SwMGig1K1198JJuUScFH8NXAGwDIOmeE
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8eba0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 4483.1c9f35b8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 132ms
118ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4483.1c9f35b8.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f0b26d4ff0023bc2419013c30d370f1d8428589d68da382a4eb03891afb442

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 606896
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8NAGGZVRG5ZFEEYV
x-amz-id-2: olgOIO1N5830KcfqedCM9dGK0Q+zfvbTgpvFGkXBTXkK1XYRQDNSonQUMgD5qqvt4gh9LRd+030=
last-modified: Wed, 06 Jul 2022 07:53:38 GMT
server: cloudflare
etag: W/"0079f6edb2fae3e8d88f3aa8abe364fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: QknjJ5JcoAnmRMofe6Cwcqv9fPfumgpd
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ebb0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 210.f2d589d2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 32 KB
12 KB 142ms
128ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/210.f2d589d2.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4e14de11834a07a456fe0d9fb8aafa563947eb506bfeff5a5e6549d91948df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1178790
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VRB62HQF9KZWZDNS
x-amz-id-2: 9xy6z54+hwogO0SXBWj9eBNu/rPHcLWhZ+qzFF3+A9yqmlTxsqrx9zk4O12IQOcIM76g/vqZfoM=
last-modified: Wed, 29 Jun 2022 22:03:04 GMT
server: cloudflare
etag: W/"9a35f014802f77682c7a5dea172b39f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: NufGT1xWWTJHfKM35WiTPKCz6YBkLYaA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ebc0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 864.90f4e209.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
4 KB 144ms
130ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/864.90f4e209.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd6d2a879a0ba0c99773081ba0defb110ec663be8d32d8c9c9d1f1d0880869ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 695421
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HF7KABSK1W2WE7D8
x-amz-id-2: MNRUM96EdWAPorjAZQIXPeiKWtWprW7GPHBaGJi1Pa2Hh/DthlcZIeSyDQtLymEbROCnz9UCYww=
last-modified: Tue, 12 Jul 2022 16:34:28 GMT
server: cloudflare
etag: W/"1094f518e10b5abda59899f3aa133c53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 7H_.nG2vI.NvlQs3bQoN7V.F4qLVnzfa
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ebe0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 9841.1bb423da.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 144ms
130ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9841.1bb423da.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 606896
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8NAXTKXVT5YRHG8C
x-amz-id-2: 6RKhOlsS35C1DjFeoOeZMOD90SHxxnChKIQkQecxgi1FNFcL9Jw/77BJ3rP6obK3+XmQcVD4AV8=
last-modified: Wed, 06 Jul 2022 07:53:45 GMT
server: cloudflare
etag: W/"a438d4b84fc984bedab39eff52de7d1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 1xI7YK_MjEYp2K.Qr19IRQM3SL0GPfHl
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ebf0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 1681.8dc50cf5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 29 KB
7 KB 145ms
130ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1681.8dc50cf5.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76f4a1f026a52bde71098a6454a5b7acbad39472c6461848cb63ddcc5bc2da06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 170620
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D0GSG9MQ1AVQV2J
x-amz-id-2: Vjlebv9MVFJgpc8hgocGTk/LLIhUXXK005xbw/7hoj0sF9YecMTt7nOn3vDapbRFXTqD3jOGAns=
last-modified: Wed, 13 Jul 2022 09:03:04 GMT
server: cloudflare
etag: W/"7a1394dd8eb4a6c7fb8246d534ae2233"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: lwSBvOr5PC.v8FXPlRTT0ZCA_8CPvn3h
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ec10208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 82.c66fe3fb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 145ms
131ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/82.c66fe3fb.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aaca48ade11e94f65e9d76e28aa2f572a13cfdba59bce39a754ea21a3fe1542

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1178790
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VRB60B1BY1HR9773
x-amz-id-2: nh3CrdUOuiPjCylKHXfVhQOQckQZ9BsrRW2JMceQYe37kV0OTghYtpow0TSSGl1MC0ceoYfu/Vc=
last-modified: Wed, 29 Jun 2022 22:03:13 GMT
server: cloudflare
etag: W/"a134c14aea4858c6cd5c1e3cc629c861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Iun.AJkdoNitdqdP8jL0nZaR0a6lpWHw
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ec30208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 9304.c7b56506.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
2 KB 148ms
133ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9304.c7b56506.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2908f766175014953bd1beec53113aec865e70bfe0791bf9491f114390a703d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92177
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BYPW3CCN99V10D60
x-amz-id-2: AUkOwHBBliHxbVFIw0g+SRchmdcZd2AdhEmVDKnnvBEA3QiYfY+T+efKh8LYzuBgS4HWcxhD2z4=
last-modified: Mon, 27 Jun 2022 19:51:07 GMT
server: cloudflare
etag: W/"e1d132fccc80dcbbe1bc0d478d06f5ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: TG5KHLL7Lc.pRTw6mS0vwhcvYtqnDVEA
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ec40208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 5281.652a7988.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
3 KB 148ms
133ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5281.652a7988.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2efe526dc817b96a4822fdfbee06c9100af12e59e1e3a20932e6745c35e09988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413603
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CNHA6FG3QS6BVZBR
x-amz-id-2: bKpvQT0l0R+9iZqrjI+NXH9ySdz2IFP+YXfDKuy5s72Zk70knnO/JKoSdTDbKkL+TCOkHk72s6s=
last-modified: Thu, 14 Apr 2022 09:06:29 GMT
server: cloudflare
etag: W/"04b131139a2938b205f512652ec29a97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 33irNxWTdFjop9o1_s8tyzZ.0zoR_rMU
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ec50208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 8051.dd3484e6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 59 KB
14 KB 152ms
137ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8051.dd3484e6.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25d29a69b66e91f371030a516b6b1fa1caa78f70c2887a625d575f56b2cdc67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1178790
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VRBBDWF0NHXXK990
x-amz-id-2: 4Ue2apXIAUlPioCahhUqE8U9kx2QZZefhV8EmouPvFMedFv7FI9he2EqKaPTM3hb+EAXoVI87h0=
last-modified: Wed, 29 Jun 2022 22:03:12 GMT
server: cloudflare
etag: W/"d53a3fd17f434413644b2b67ee53fbfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 2s4xEOuajDMPGywc9IK99lMHkvPfTjSJ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ec60208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 5631.729b4ea1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 33 KB
10 KB 158ms
143ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5631.729b4ea1.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2f7683ab2733c5046f474ecb641f540864ff8facc31962795f93f4604fcfd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 170620
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D0YSWHQ0BWBDPTS
x-amz-id-2: 74LcuXNGWnG6LHJRf83aliIu7O+lW/MpAvPgEqBiJUU3/fV5DVDELb5NUuDFKF9DMIMMLe+Me+k=
last-modified: Fri, 22 Jul 2022 10:03:44 GMT
server: cloudflare
etag: W/"d1d1bb671e0687bf8e1e1f3bab017cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hUoTY2BVLMpnCJgX2vnzLjpAXgFVmgJD
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ec80208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 986.e735fc84.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
5 KB 161ms
146ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/986.e735fc84.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

757368f2191d313b7dab2038266416b6a99e1d9beb2a447fa7da8af202faa340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 170620
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6D0NWYD1XC2D7CCN
x-amz-id-2: 4DSM29rD0sJ9YpYz0itaHL8v1wlmgxHN6Jjes/LQEFvetuwNDmgDGC3ihfFOkUPjRfSpMA6AbA0=
last-modified: Fri, 22 Jul 2022 10:03:49 GMT
server: cloudflare
etag: W/"60ab55cf40d9889c70dc4ea302df9ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6OKXz9rtY02kkMhGEf77.giwLf9gSQrF
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ec90208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 5063.a25c2ed4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 166ms
151ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5063.a25c2ed4.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47505f3896c47a15a7d79085040ceb297818ed49234e8c54d6746ed728ed564

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 606896
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RSW186T4CE6T28K5
x-amz-id-2: ezIBVlpXIrsd5uTcIemHTHizGW2ZF+0lIDu8w0jbrNWWfdp1qUqu6QQp9YyLieDsXak8CijMSEs=
last-modified: Wed, 06 Jul 2022 07:53:38 GMT
server: cloudflare
etag: W/"c26b7578cdb05b752a842da6d43c92d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: k_uA1iNEdGhJ9bFQ2ocXFtJehc1DCDxp
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ecd0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 PostPage.MainContent.1568778f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
28 KB 173ms
158ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.1568778f.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

077f9d0419356c0367cb662693d6ae2b124bbf9df3e3e421a4097d64d11dbd41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 839
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2JQZ6DD7V1D0SQN9
x-amz-id-2: 6z2sqZ+jlGHnuIOi61iFyoS91bzTBx8pC8ZldgWvxwj6GZgCqsvEt50nslksoT53ogbtBUj8aJ0=
last-modified: Wed, 27 Jul 2022 13:17:39 GMT
server: cloudflare
etag: W/"1d19b063d3ff5062a14bbcefb2e2d0db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: IlG7nzkkuexqQCA4BmRtah.DdGkoqM2E
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ecf0208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 3702.3ff2b606.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
8 KB 174ms
159ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3702.3ff2b606.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15cce4cc8cdeaa9836fcf9825207713015717d70868975b58be1615133b52126

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 781851
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B1Q5NDM63MNC88JC
x-amz-id-2: Q+1+COTyZju4mqsZ4nKF6MWx+SiKjRsAQbNj5oPfgOokqgAqJfmcOMlJa+onVRzTuQNc4RzJhn4=
last-modified: Mon, 18 Jul 2022 09:34:00 GMT
server: cloudflare
etag: W/"57a9218efa22d551026f7c293fd5ed34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: TdyjRsWI2ioeXLAMn0Qu9ciypaoaFQT0
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ed10208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 2021.29306ca6.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 175ms
159ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2021.29306ca6.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f028d33cd63dd991ff2c511d2d8ad691d1fcf6c1cb32c1311402154219025030

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108679
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 118MBRBSZGHYY4J6
x-amz-id-2: YHUmXRSYeGPfoXHzqtAPwNXBt3Sf2n/MqqVJCF53q1nN4pkVBT92zMCwcd5ukEpOr70PV4391gs=
last-modified: Thu, 30 Jun 2022 09:32:05 GMT
server: cloudflare
etag: W/"14920f91a13df6801974043cd17a10cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Li9.AhWuLguuyIoDBCHo86WWvmZn2_EQ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ed20208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 9291.1fdf5692.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
5 KB 176ms
160ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9291.1fdf5692.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e96e66cb658833ab9d0d9953b84ae629dab879569953299a8b5676764f3cbfd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1025759
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9W66A52SDWY4WXT8
x-amz-id-2: nPoKHMM3J4/fRAcLv8PvxqtaF8P5ZkcmOTQmQtltuwkHspxc07mANOthI1LMtlJ9ks1XAELlqrM=
last-modified: Fri, 01 Jul 2022 14:10:25 GMT
server: cloudflare
etag: W/"fbeb276bd588ec63abba58c9eb2fc8af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: GbGRjlqWdaGAjiB85bYa5AZOUAvWmm7z
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f8ed40208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 PostPage.RightColumnContent.908f540b.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 38 KB
11 KB 180ms
157ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.908f540b.chunk.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9303433542f941a1079cfcfa4b7bd3206fb3cd45e77440f832075ce63d262bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108679
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 118PE1HZPF1R9F3H
x-amz-id-2: BgeLpjmfWefE3SEvqJN7ULtPCrMwYElkK7K4y4PoZIr5oiIdQE56jc0l/PHNK6yGeMJV2Y+uWPY=
last-modified: Thu, 30 Jun 2022 09:32:32 GMT
server: cloudflare
etag: W/"90960747cda8a4bffb21564a77057d6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: TevxoljJ.zsVMkJ7xZr5o0_mWnjI3NyG
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff1f9ee80208-ZRH
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 121ms
72ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7315ff1fa8140219-ZRH

GET
H3 200 0*sPf8J7TEYWaQPpkU
miro.medium.com/max/320/ 23 KB
23 KB 203ms
174ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/320/0*sPf8J7TEYWaQPpkU

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ec6b0e9195839c320f2d3083be5ccaf2ca48135d186fdfaf46c13a52b2141c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 48
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23356
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff1f5e540208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 123ms
88ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23559860
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7315ff1f78622397-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 110ms
71ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23559860
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7315ff1f78762397-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 82ms
44ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23559860
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7315ff1f78782397-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 charter-700-italic.woff
glyph.medium.com/font/77a0c0c/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 16 KB
17 KB 155ms
117ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/77a0c0c/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe9ef0ee727afa5d449bcd76ebe42bdcb04b448a1c6d2d7dccfb6c08efbfb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23559804
x-envoy-upstream-service-time: 28
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7315ff1f787b2397-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 148ms
111ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ce1a0eb9bac0aa8342c79eb85406443b8eb32db4c4532ec5cfc107f5226b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23559860
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7315ff1f78792397-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 16 KB
17 KB 102ms
65ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec7121b47a89c0f8c46fc497009d41ebd3f25601b5485753d11bc366050a8e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23559860
x-envoy-upstream-service-time: 39
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7315ff1f78742397-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 120ms
88ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://medium.datadriveninvestor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23559860
x-envoy-upstream-service-time: 31
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7315ff1f78642397-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 27 Jul 2023 14:17:05 GMT

GET
H3 200 1*4NSr5Cxskd8JzzXE_uTy7A.png
miro.medium.com/max/1400/ 379 KB
379 KB 165ms
138ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1400/1*4NSr5Cxskd8JzzXE_uTy7A.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5ccaa71528cd09388f50f702762ed87f06a26f59abe55bdb84fc021d03d87d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 388013
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff20a8af0208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*G7LpFifcHzVcDhnjWhLidw.png
miro.medium.com/max/1222/ 65 KB
65 KB 211ms
184ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1222/1*G7LpFifcHzVcDhnjWhLidw.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab970da05ec755e02edc98e80bf13e32559dc4e5f84c99e574c73cc83025bbd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 66
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66291
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff20a8b20208-ZRH
expires: Fri, 26 Aug 2022 14:17:05 GMT

GET
H3 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/24/24/ 383 B
790 B 51ms
50ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/24/24/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 397185
x-envoy-upstream-service-time: 51
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 383
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff2998810208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*gH-f4xEDlPx4iAMoQqWhwQ.png
miro.medium.com/fit/c/20/20/ 869 B
1 KB 155ms
148ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*gH-f4xEDlPx4iAMoQqWhwQ.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32b7d2175a7141222748e5f31eb3dee4efecbd9242313d69028e0d34b69996b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 54
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 869
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a89b0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*Hz4oNUUhRZO6Smnp8xHlcQ.jpeg
miro.medium.com/focal/56/56/50/50/ 2 KB
2 KB 161ms
153ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*Hz4oNUUhRZO6Smnp8xHlcQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c88a261177f14a57e75b13eac13e4ebd5633f74f77fdccb04a4157e788f6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 47
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2140
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a89e0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/fit/c/20/20/ 310 B
716 B 52ms
44ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2294c42a99ae9402581e67fe5c0262d7ebf4cc7f45bfe9fd2f00862e304f4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272169
x-envoy-upstream-service-time: 420
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 310
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff29a8a00208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 0*ZbX454O50GOtztTZ
miro.medium.com/fit/c/20/20/ 861 B
1 KB 149ms
142ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/0*ZbX454O50GOtztTZ

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb73624cbf1b8b7f523220c0dd005072b184bbe6e80148e792c8b9f69dc16360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 861
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff29a8a20208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 0*4SKOYEBJ8i4b-Xlp.png
miro.medium.com/focal/56/56/50/50/ 4 KB
4 KB 150ms
142ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*4SKOYEBJ8i4b-Xlp.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a212ffd94a902bdd46867f3e16b667b9a8d8d7ed16a0cb24ec56be476021890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 38
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3975
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8a40208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*vyvIqFjqXHxBHW0sD5OVuw.jpeg
miro.medium.com/fit/c/20/20/ 993 B
1 KB 52ms
45ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*vyvIqFjqXHxBHW0sD5OVuw.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

186d460123e33cb98638bb1eb61868c2a8fd1f15ecdf40c537dd3790ceb5ce1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 128873
x-envoy-upstream-service-time: 46
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 993
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff29a8a50208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*q_ypUk5l1XztRoM6LF4eKQ.jpeg
miro.medium.com/focal/56/56/50/50/ 3 KB
3 KB 163ms
156ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*q_ypUk5l1XztRoM6LF4eKQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b594792aea18d98159418528b9a35456864cf76a4391832001831ed2d10bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 64
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8a60208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*YRbUdQ-xPS7ScnQWYyT5Kw.jpeg
miro.medium.com/fit/c/20/20/ 823 B
1 KB 150ms
143ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*YRbUdQ-xPS7ScnQWYyT5Kw.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

260cddcf3a2022e0d3c50f7f527a29e796f2c142e11c5a80bc2974cb29ef1db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 58
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 823
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8a70208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 0*9RfAcHi5nWqjCXf8
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 162ms
155ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*9RfAcHi5nWqjCXf8

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f83b038b5e1ad8e7878294ebefc91ff7775794242bb9490075453b857195c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 73
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2284
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8a90208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*8dcATXwfRwjozxPWkuRe8w.png
miro.medium.com/fit/c/20/20/ 931 B
1 KB 65ms
58ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*8dcATXwfRwjozxPWkuRe8w.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61b6e23f503ea80b44a911c23999c20c4f0251760532f71aaacd0434a9cd0d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63929
x-envoy-upstream-service-time: 62
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 931
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8ab0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 0*mlH5NQ0O58z23iHo.jpg
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 155ms
148ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*mlH5NQ0O58z23iHo.jpg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d68731840dbd4fbf50d27da56e9ed498362658db4b73fde5cfdea86de459938e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2222
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8ad0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*2eCdHzwUn5oYphVeMsRvkw.gif
miro.medium.com/fit/c/20/20/ 3 KB
4 KB 155ms
148ms Image
image/gif 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*2eCdHzwUn5oYphVeMsRvkw.gif

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5da16baeb8aac2dd9b75261d20f56bb0178d850dd2cfd333bb7f356e50d152

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3455
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff29a8ae0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*LYJG3nYW4qQKogpu4Sbs9Q.png
miro.medium.com/focal/56/56/50/50/ 2 KB
2 KB 162ms
155ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*LYJG3nYW4qQKogpu4Sbs9Q.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33fe28a18696fbbe23f54758d4457ea3ba396135fdf955536af67a3f364e4a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 83
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1716
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8b60208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*o-U29Vnx8LzDm2wRj6Z3pA.png
miro.medium.com/fit/c/20/20/ 640 B
1 KB 143ms
136ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*o-U29Vnx8LzDm2wRj6Z3pA.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f0bbc1b482ddeb5768c084b7599ae713d185511d6c41d7695717ad028b57da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 66
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 640
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff29a8b70208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*Ym2k5jzRdkkVvTFVwSUVAQ.jpeg
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 178ms
172ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*Ym2k5jzRdkkVvTFVwSUVAQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f29547380348000a523684b18b09490818b068ceb7bcfc68a19a4194c041b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 55
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2215
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8ba0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 0*tKDAHN3HIL_9ktER
miro.medium.com/fit/c/20/20/ 1 KB
1 KB 150ms
144ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/0*tKDAHN3HIL_9ktER

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e2d8f6fec2b84e6b687c3fb5ba7db8c8a436f680fdaa084aee2d4e3652bb389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 121
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1048
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8bc0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*WOKZMNDPUFvGK1-5XXUYeQ.jpeg
miro.medium.com/focal/56/56/50/50/ 3 KB
3 KB 159ms
153ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*WOKZMNDPUFvGK1-5XXUYeQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f1439c387cab3eab71173ab4f41e6db68eb918f4d4ee805008e982095fc6cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 881
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2887
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8be0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*EiLuTrUpSTkBbA3LagKKIQ.jpeg
miro.medium.com/fit/c/20/20/ 935 B
1 KB 64ms
58ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*EiLuTrUpSTkBbA3LagKKIQ.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd984cad20aeac7b70fce91ad7a83edf099ab7d54c7f1d75fa1c0bd7e1ceb4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23604
x-envoy-upstream-service-time: 95
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 935
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff29a8c70208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*cK3U-WyilBccCV-LhST6iw.png
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 162ms
157ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*cK3U-WyilBccCV-LhST6iw.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a206cf4701dcbb381b7bf0f1d55a7e37561e0ad9827487368be6e1bbf29a751d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2485
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8dd0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*A9CPu9xDFnp7XvnIIS38Ng.jpeg
miro.medium.com/fit/c/20/20/ 1 KB
1 KB 170ms
165ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*A9CPu9xDFnp7XvnIIS38Ng.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5ef140c36feb2a6b8fbbc697d730487298a352db07db494b80629381b99bf13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1047
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8de0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 0*yNDbktlCy_2w0tN1.png
miro.medium.com/focal/56/56/50/50/ 2 KB
3 KB 158ms
153ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/0*yNDbktlCy_2w0tN1.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e42c5ddf079d15c045df98515d08ac26a4f9a764046d8b09c1706ad71cf461e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 99
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2220
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8df0208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*mlbU6UQm9Y4qnfktsuZR3g.jpeg
miro.medium.com/fit/c/20/20/ 960 B
1 KB 164ms
159ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/20/20/1*mlbU6UQm9Y4qnfktsuZR3g.jpeg

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93cd1480f7547eb5f4fba2db592779b9e88f082ee6001dd1fe250bb6d6a63e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 960
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 7315ff29a8e10208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

GET
H3 200 1*b9U0k743uObc5EZ_2em3Cg.png
miro.medium.com/focal/56/56/50/50/ 2 KB
2 KB 156ms
152ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/focal/56/56/50/50/1*b9U0k743uObc5EZ_2em3Cg.png

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5005ac796ef90ec00c88dfa426f9cc5a28c8de2fe636ba9767bed128f016cbdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1787
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff29a8e20208-ZRH
expires: Fri, 26 Aug 2022 14:17:06 GMT

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 143 B
598 B 150ms
150ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9782bb0ccbb44189a6da17a3eb759df9e068d662f88c98f3c346377bdeec60a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"8f-J9SX53YyluXx4P6bcMZHGW+Hqxw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1
cf-ray: 7315ff2c5a585c50-FRA
x-request-received-at: 1658931427331

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 1 KB
969 B 200ms
200ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56210a4aa1260dd79394e43bbd656edbe05412c28cbaa6c0b45b271d75a8a937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: CollectionViewerEdge
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"4a4-J03a24VVkMK9I+4eWixSRfKviPs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
cf-ray: 7315ff2c5a5e5c50-FRA
x-request-received-at: 1658931427332

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 1 KB
1 KB 230ms
229ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d06637d444443cd1df4bf087fe79ae8e6ee9747cb78e33f0aaae2ad867f790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: FloatingPostActionsQuery
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 96
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"510-xvVFqCmLxy+YPCccOhbLmn+4DC4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
cf-ray: 7315ff2c5a665c50-FRA
x-request-received-at: 1658931427330

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 208 B
642 B 177ms
177ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3393f3c5c0525e5596c855ab428615ad4b689fb84baedca0d85eb43922440a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d0-KfATkvC4/BA55cj2QCD6W20XRXo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
cf-ray: 7315ff2c5a675c50-FRA
x-request-received-at: 1658931427331

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 210 B
644 B 190ms
190ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

546365520f1ba629647fc9964623338d3a4cbf2b896979fec7b22dbc1de9ba60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d2-yoqJBN278CNt4M7dnbegfbr0+cs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
cf-ray: 7315ff2c6a7c5c50-FRA
x-request-received-at: 1658931427347

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 108 B
609 B 205ms
205ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: PostPageMeterQuery
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
cf-ray: 7315ff2c6a7d5c50-FRA
x-request-received-at: 1658931427345

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 96 B
598 B 195ms
194ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f345ed1c7cb4bbe95d083e31643820d4bc285158d6c82b9e9a1a62fb37a506

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"60-NiQ1eTC7xfdNdYVZlNWpF0EVNIQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
cf-ray: 7315ff2c6a7f5c50-FRA
x-request-received-at: 1658931427350

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 103 B
583 B 163ms
162ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f3622957a14f7add1272678bcfd3e7234aa5677349aabda873a52a90d86024

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"67-QMYMFe/v2+Vz6QiYtvTHAtlS++Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1
cf-ray: 7315ff2c6a805c50-FRA
x-request-received-at: 1658931427342

POST
H3 200 rum Show response
medium.datadriveninvestor.com/cdn-cgi/ 0
211 B 23ms
20ms XHR
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://medium.datadriveninvestor.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7315ff2c9abc5c50-FRA
vary: Origin

POST
H3 200 /
medium.datadriveninvestor.com/_/clientele/reports/performance/ 0
0 143ms
143ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a2cb94d6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, clientele/main-20220617-183152-4ab8c56101
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 7315ff2dbc445c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
medium.datadriveninvestor.com/_/clientele/reports/performance/ 0
0 157ms
156ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a2cb94d6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Jul 2022 14:17:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, clientele/main-20220617-183152-4ab8c56101
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 7315ff2dbc475c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4508
date: Wed, 27 Jul 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Jul 2022 15:02:00 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 76 KB
23 KB 362ms
116ms Script
text/javascript 99.86.240.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: medium.datadriveninvestor.com
URL: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93?gi=bf559b21d653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-96.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4da44a477817e0f69202f906a2f2c7b6f20a61dd6219f60d1a84143d8a9c5916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 3fanVx1GT8N8VPdFpaVetfknl_yorJlH
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 21:43:50 GMT
server: AmazonS3
age: 115
etag: "8957cb48dc20586931302bb54fbaa61a"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 27 Jul 2022 14:15:14 GMT
x-amz-cf-pop: VIE50-C1
content-length: 23099
x-amz-cf-id: hgsjeVufLW4-h_xam5a1MHulQMyDuu4evRgrDrflAQWbTffj2Hq0_g==

POST
H3 200 /
medium.datadriveninvestor.com/_/clientele/reports/performance/ 0
0 137ms
137ms Fetch
text/plain 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a2cb94d6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Jul 2022 14:17:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, clientele/main-20220617-183152-4ab8c56101
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 7315ff323ac95c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 4560.a1935995.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 43 KB
12 KB 58ms
57ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4560.a1935995.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.4527567d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2294e462044a6469c80454fd300cba305fbc384790d545ba6f10e9fdf85a39df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 170621
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0QM0VBAM2785X7S0
x-amz-id-2: XDtImu3J9kiDJuD5ejcxJNF62ekVi4mpT6kWNwVqRnZmZPVN3CLlqIYSgrcmuMJR7qOE2DfkAkE=
last-modified: Mon, 11 Jul 2022 12:35:44 GMT
server: cloudflare
etag: W/"2a9986311271bf4076930cb3daa18f75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Dq4ikHrXv8SBkXxX66caMJrIaq1wIgbs
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff324e7c0208-ZRH
expires: Thu, 27 Jul 2023 14:17:08 GMT

GET
H3 200 PostNextFiveStories.0b7eb97f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 51ms
51ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.0b7eb97f.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.4527567d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa9e566f58e56e54049b59b93c63850b150c3204a1f242a7111da1081af3108d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 170621
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VDY9S2CB6X5M46RT
x-amz-id-2: VUIyzis/G9e4q8S7gkfkzNDYBmMxIA5fUqDNwkgeTr0pfMDVqj/dmozcSWynhe/+MtT0rtjk85w=
last-modified: Thu, 30 Jun 2022 09:32:31 GMT
server: cloudflare
etag: W/"dc1f2265dc33e71185b10ff951251a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 2npglx5p8Crw8YbgGPgGZiCqzvQ1212x
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7315ff324e7f0208-ZRH
expires: Thu, 27 Jul 2023 14:17:08 GMT

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 84 B
567 B 153ms
152ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1f5cc6920c3b2a8ada1b5b891ec9875ae294ae392e80a36604ab12608db93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"54-/S/HdEGqGBoujhvbZzW9xmupVAw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1
cf-ray: 7315ff37dc1f5c50-FRA
x-request-received-at: 1658931429167

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 55ms
21ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1493070948&t=pageview&_s=1&dl=https%3A%2F%2Fmedium.datadriveninvestor.com%2Fapi-security-testing-part-1-b0fc38228b93&ul=en-us&de=UTF-8&dt=API%20Security%20Testing(Part%201).%20All%20the%20information%20mentioned%20in%20this%E2%80%A6%20%7C%20by%20Saumya%20Prakash%20Rana%20%7C%20DataDrivenInvestor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1064933340&gjid=950739902&cid=1771013164.1658931429&tid=UA-24232453-2&_gid=52852498.1658931429&_r=1&_slc=1&z=1286511806

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medium.datadriveninvestor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 91 B
595 B 349ms
200ms Script
text/javascript 2600:9000:2304:1a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.63.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:1a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

3b2334f3ea29c49b5ae6e9a0dc381d9a8fa127b632690711a002d4abd2f51752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: VIE50-P1
etag: W/"5b-k0/sT7isOlonv+r5c7dxLE+kczk"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: _lbFP71zwfEw8EXt541IOgrOdKZ8rwfIZOT20GlYIucMSXaVKUvKeg==

POST
H3 200 graphql Show response
medium.datadriveninvestor.com/_/ 23 KB
5 KB 421ms
421ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd424970ca91ae70b711f67ab3df003a10a3e4bb50523694ba603eb3aab5df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 717538e33507b376
medium-frontend-path: /api-security-testing-part-1-b0fc38228b93
graphql-operation: PostNextFiveStoriesCollection
content-type: application/json
accept: */*
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
medium-frontend-app: lite/main-20220727-132846-72e452be5c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
apollographql-client-version: main-20220727-132846-72e452be5c
ot-tracer-spanid: 13cb70c07a57e43e

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-envoy-upstream-service-time: 270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"5cc2-qxS7o1u5ZIT6BuNL8dHDHJEjQ9I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3, rito/main-20220727-122712-89114e9ff1, tutu/main-20220727-124608-89114e9ff1
cf-ray: 7315ff385d375c50-FRA
x-request-received-at: 1658931429275

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
676 B 540ms
174ms XHR
application/json 2600:9000:2240:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5017cfddc72e75d24c0511cf8a85ecdac8974311ad9cfb8fed3a5b5be18face0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 0dd10088277e4b369e76e0ca0d28191f-2022072714
content-length: 316
x-amz-cf-id: C_w8juSDLZY9xINzA-364UyGLm_iNnPJu_SdLSz3gzJ7wc-lSe5SHg==

GET
H3 200 0*vP5Cz6-qaQPwpQbC.jpg
miro.medium.com/fit/c/24/24/ 1014 B
1 KB 36ms
35ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/24/24/0*vP5Cz6-qaQPwpQbC.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96deb8277f5afa58852d89173f3ccefcc4214eae0f2c21799d582d3c1b1f836c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2069
x-envoy-upstream-service-time: 23
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1014
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff3c2d480208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 0*zW7XhC2vN9jceDNK
miro.medium.com/fit/c/112/112/ 5 KB
6 KB 148ms
145ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/112/112/0*zW7XhC2vN9jceDNK

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37377a5df5f8fc2c901061ad4c59abe9303ce0d13807e7d6ea16cdc52e88a5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 96
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5337
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d4c0208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 0*zW7XhC2vN9jceDNK
miro.medium.com/fit/c/56/56/ 2 KB
3 KB 140ms
138ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/56/56/0*zW7XhC2vN9jceDNK

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67cf6d4addee322506d47da71849ce86d3bfb651d964efbb2bc7db869302c330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2173
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d4f0208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 2*o1hJmejN4f4aEY1wUa7stA.jpeg
miro.medium.com/fit/c/24/24/ 1 KB
1 KB 212ms
210ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/24/24/2*o1hJmejN4f4aEY1wUa7stA.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3a933356456a848235f023afe5c8d92eb8bea368ecb4a7a3f4d0ede524f9dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1123
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d510208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*cQHWV5c1xsQJN1pL0FOizw.jpeg
miro.medium.com/fit/c/112/112/ 5 KB
5 KB 44ms
42ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/112/112/1*cQHWV5c1xsQJN1pL0FOizw.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f059f3f3d9b188f3434f911fd6a68bba68c93e29c6f4aa6dfd6a4ba1c3efb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24921
x-envoy-upstream-service-time: 68
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5194
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 7315ff3c2d540208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*cQHWV5c1xsQJN1pL0FOizw.jpeg
miro.medium.com/fit/c/56/56/ 2 KB
3 KB 54ms
52ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/56/56/1*cQHWV5c1xsQJN1pL0FOizw.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdecffc413ed2d3de94c17eee93828292feb1f9ac01c90513583e1ed4b8c60b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24921
x-envoy-upstream-service-time: 47
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2354
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d560208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*qtGXrx9Fkb_6GENw5d-hOg.jpeg
miro.medium.com/fit/c/24/24/ 953 B
1 KB 143ms
141ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/24/24/1*qtGXrx9Fkb_6GENw5d-hOg.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

311253b8ae057bac350fbf43ef73a13390baeab0015e3f97d96f7604bcecffa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 49
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d580208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*oqtx7Bb8dF-yYYdjDWTl0Q.jpeg
miro.medium.com/fit/c/112/112/ 5 KB
5 KB 133ms
131ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/112/112/1*oqtx7Bb8dF-yYYdjDWTl0Q.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

627317ecf41785ba9d3560bfd58783278e6421583af0474e85afed4305eb9e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 69
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5036
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d590208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*oqtx7Bb8dF-yYYdjDWTl0Q.jpeg
miro.medium.com/fit/c/56/56/ 2 KB
2 KB 141ms
139ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/56/56/1*oqtx7Bb8dF-yYYdjDWTl0Q.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f203b6e53fbd5d5590adb7f1080e16b5e25e34fbbb6fbc76573995380d4a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 110
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1927
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d5a0208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*jy3MLygU3w1EkK-HKtIviQ.jpeg
miro.medium.com/fit/c/24/24/ 1 KB
1 KB 40ms
38ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/24/24/1*jy3MLygU3w1EkK-HKtIviQ.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c351882f2f8ef16f750d0b3457d83cdf64a9df9bc506a3735001510b1405ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22066
x-envoy-upstream-service-time: 23
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1064
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d5b0208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 0*iRhzvOtCKA4Uxvnj
miro.medium.com/fit/c/112/112/ 6 KB
6 KB 138ms
136ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/112/112/0*iRhzvOtCKA4Uxvnj

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3686feced868ac6278c6e89ff89308cb8ce516d12e4b5b713d279fd6775de6d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 45
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5826
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d5c0208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 0*iRhzvOtCKA4Uxvnj
miro.medium.com/fit/c/56/56/ 2 KB
3 KB 147ms
145ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/56/56/0*iRhzvOtCKA4Uxvnj

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cd5b1873621cdee9ff3bd2fd3501a65f3828add9296c35421061be4aa56771

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 52
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2244
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d5f0208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*FAXFdY56AncDvgVM90a99A.jpeg
miro.medium.com/fit/c/112/112/ 5 KB
6 KB 155ms
153ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/112/112/1*FAXFdY56AncDvgVM90a99A.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3aaccf2079943297f048bebfb88a5fe161da0936d9d7c51d0663346f1f5169

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 46
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5623
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d610208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

GET
H3 200 1*FAXFdY56AncDvgVM90a99A.jpeg
miro.medium.com/fit/c/56/56/ 2 KB
2 KB 148ms
147ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/56/56/1*FAXFdY56AncDvgVM90a99A.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a90ff4eb4f65c64cac3317d3d77d7c5b05564e56bd380a160937ba7226916e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:17:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 94
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2042
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220525-094934-61c2d29c30
accept-ranges: bytes
cf-ray: 7315ff3c2d640208-ZRH
expires: Fri, 26 Aug 2022 14:17:09 GMT

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
611 B 189ms
189ms XHR
application/json 2600:9000:2240:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

b1e2e0f47d82b42472882ce20347d73a3a96f9ff608cd3066b634f617dc0bbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Jul 2022 14:17:10 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
x-powered-by: Express
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 697bb266941d447083593dd85bae2f09-2022072714
content-length: 183
etag: W/"b7-8wOuOntuoTiT8SGfy/uiLKxsKLs"
x-amz-cf-id: ygbFKjWvkRNEPn8gh6q--hdsoiNB60Om0aTg6994bEaixevRwK1EqA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
433 B 334ms
333ms XHR
application/json 2600:9000:2240:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Jul 2022 14:17:10 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 86a515b272ff4b5093a8f9cb723e3a0d-2022072714
content-length: 28
x-amz-cf-id: CkJfMGVaMxHRwHEWE6NLgeeZehFsoH8SKpERYlCzdl4hPnr4D0V1wg==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
433 B 197ms
196ms XHR
application/json 2600:9000:2240:ee00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5095.36bab7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:ee00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Jul 2022 14:17:10 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 0548702bc7224ca9b7e1ebdb04d66bdf-2022072714
content-length: 28
x-amz-cf-id: HwThU90Eb9VKNaywcw0HYfwxAFPFbqvgfMmwLi5onUOSeT7bc4K6CA==

POST
H3 200 batch Show response
medium.datadriveninvestor.com/_/ 17 B
362 B 288ms
288ms Fetch
application/json 162.159.152.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.datadriveninvestor.com/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a2cb94d6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medium.datadriveninvestor.com/api-security-testing-part-1-b0fc38228b93
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Jul 2022 14:17:11 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
worker-missing-cookies: 0
content-type: application/json
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220725-131935-0f973eaad3
x-envoy-upstream-service-time: 146
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 7315ff45bb505c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.datadriveninvestor.com/	1969-12-31 23:59:59	Name: __cfruid Value: 5e3ad12f3a11d15909d98242f430c7ff086f187e-1658931423
.medium.com/	1970-01-20 13:34:27	Name: sid Value: 1:5iVjM2Qw2rHHic5en01ghBgtLCgljF5YlM8cbaIfSXzZ/v1Kfu4/tyAZE7V0gDN3
.medium.com/	1970-01-20 13:34:27	Name: uid Value: lo_0022f962ef4e
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 8ec20c014277aad523804cca8bd72590517719cd-1658931424
medium.datadriveninvestor.com/	1970-01-20 13:34:27	Name: uid Value: lo_0022f962ef4e
medium.datadriveninvestor.com/	1970-01-20 13:34:27	Name: sid Value: 1:nplDyjBXxvDGUm+stLjc/Qm6+uA9fgu3zHbo2Mbuvy3RMKYEdbF0oBvejjyn5kaF7+qfzezEb7+f+tWgeG2y8A==
medium.datadriveninvestor.com/	1970-01-20 04:48:52	Name: _dd_s Value: rum=0&expire=1658932326322
.datadriveninvestor.com/	1970-01-20 22:20:03	Name: _ga Value: GA1.2.1771013164.1658931429
.datadriveninvestor.com/	1970-01-20 04:50:17	Name: _gid Value: GA1.2.52852498.1658931429
.datadriveninvestor.com/	1970-01-20 04:48:51	Name: _gat Value: 1
.app.link/	1970-01-20 13:34:27	Name: _s Value: AJMhHn7YnKCAxMZFND2SgXnVGyOoV9FQdBmDCaRvmJVomEIL%2FE07RIoshCXAdkNK

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
medium.com
medium.datadriveninvestor.com
miro.medium.com
static.cloudflareinsights.com
www.google-analytics.com
162.159.152.4
2600:9000:2240:ee00:11:f728:3040:93a1
2600:9000:2304:1a00:19:9934:6a80:93a1
2606:4700:440e::ac40:9c1a
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2a00:1450:4001:80e::200e
99.86.240.96
008b735b5e27e2ddea50ac42eeaef63fae74d969ff15e3144c7b9f7c927baffd
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
04c88a261177f14a57e75b13eac13e4ebd5633f74f77fdccb04a4157e788f6bf
05050a7f9156fca338fdf18683aba2fc6810ae354eae1c647bd786c05c7fa369
056f2fe864141fe41d3d49a3f0febcc2d92c509f65ab69b6d26c431c90d0efb7
06ac06a898d06fe08ef7ff0b8cf589af0f147856adbdad4fe1c83f5629cf0097
077f9d0419356c0367cb662693d6ae2b124bbf9df3e3e421a4097d64d11dbd41
08f345ed1c7cb4bbe95d083e31643820d4bc285158d6c82b9e9a1a62fb37a506
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
0aaca48ade11e94f65e9d76e28aa2f572a13cfdba59bce39a754ea21a3fe1542
0c3fb2d9c16475f9f5b536f3c63f2db867e68bce5571da5be058a3bc862eed4d
0e42c5ddf079d15c045df98515d08ac26a4f9a764046d8b09c1706ad71cf461e
0f059f3f3d9b188f3434f911fd6a68bba68c93e29c6f4aa6dfd6a4ba1c3efb2c
14a64b058d3eb1164a0df1547447be865faa2b2da3574852e467f45d0b7591e9
15cce4cc8cdeaa9836fcf9825207713015717d70868975b58be1615133b52126
186d460123e33cb98638bb1eb61868c2a8fd1f15ecdf40c537dd3790ceb5ce1a
1b0d311a5554cbacc6e71a857faff5c9d7e2238665c71e3052b2fd3b0d1c726f
1cd67615df78d5873ae0cf98c982e37bd7c60a5f82141f47bae5a1e0813182e4
1d3e762b861d7931ea47c48c7e5af8d7145f80a3047bac7769b4316f8e6e901d
1e5da16baeb8aac2dd9b75261d20f56bb0178d850dd2cfd333bb7f356e50d152
1ec6b0e9195839c320f2d3083be5ccaf2ca48135d186fdfaf46c13a52b2141c7
1f0bbc1b482ddeb5768c084b7599ae713d185511d6c41d7695717ad028b57da0
2294e462044a6469c80454fd300cba305fbc384790d545ba6f10e9fdf85a39df
25d29a69b66e91f371030a516b6b1fa1caa78f70c2887a625d575f56b2cdc67b
260cddcf3a2022e0d3c50f7f527a29e796f2c142e11c5a80bc2974cb29ef1db5
2aab99615413a6b62749945bf046a880e2f47a32f3f7d7b48265f2690be4ebfc
2d06637d444443cd1df4bf087fe79ae8e6ee9747cb78e33f0aaae2ad867f790c
2efe526dc817b96a4822fdfbee06c9100af12e59e1e3a20932e6745c35e09988
3013bd5ce64a029c621770a47a2a8d8d733ffcd3e034a948f5de25a770729c0d
311253b8ae057bac350fbf43ef73a13390baeab0015e3f97d96f7604bcecffa6
32b7d2175a7141222748e5f31eb3dee4efecbd9242313d69028e0d34b69996b7
3393f3c5c0525e5596c855ab428615ad4b689fb84baedca0d85eb43922440a97
33fe28a18696fbbe23f54758d4457ea3ba396135fdf955536af67a3f364e4a54
344df165dff1ae918acd3a503ff235364e3e2588b76ac6ac7afe9b28a347d661
347d4798ba27d8b04bf11e68f31e88357eb37b5ac6d54da80b1d8169854b51c5
3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0
3686feced868ac6278c6e89ff89308cb8ce516d12e4b5b713d279fd6775de6d8
3702ff0b9d7faec5b8b436090a0fc3c50dd19271a9029a357e97a506ff6b693f
37377a5df5f8fc2c901061ad4c59abe9303ce0d13807e7d6ea16cdc52e88a5a5
3a212ffd94a902bdd46867f3e16b667b9a8d8d7ed16a0cb24ec56be476021890
3b2334f3ea29c49b5ae6e9a0dc381d9a8fa127b632690711a002d4abd2f51752
3ff184ab7c985646b7633aae8bce197e62b17c733536627e6ef81b40c776e6f3
48f1439c387cab3eab71173ab4f41e6db68eb918f4d4ee805008e982095fc6cc
4a0ab426387b4578de5273a69f300167c07ceef4d6fd614061f82e744912caf3
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
4da44a477817e0f69202f906a2f2c7b6f20a61dd6219f60d1a84143d8a9c5916
4f29547380348000a523684b18b09490818b068ceb7bcfc68a19a4194c041b3c
4fe9ef0ee727afa5d449bcd76ebe42bdcb04b448a1c6d2d7dccfb6c08efbfb61
5005ac796ef90ec00c88dfa426f9cc5a28c8de2fe636ba9767bed128f016cbdd
5017cfddc72e75d24c0511cf8a85ecdac8974311ad9cfb8fed3a5b5be18face0
5334ece0f11c05b5682cae0ffd4a9b717c41a123e4ef09ebb218f7f649897aea
546365520f1ba629647fc9964623338d3a4cbf2b896979fec7b22dbc1de9ba60
54dba040631dad224ebad93fe9493f02671b3e311d567479c458a0c28b8b2094
56210a4aa1260dd79394e43bbd656edbe05412c28cbaa6c0b45b271d75a8a937
5ad10c973f7f20d9919fe89e9efb6b8f505a89b9324d59b33d0179b0f3600760
5c351882f2f8ef16f750d0b3457d83cdf64a9df9bc506a3735001510b1405ff6
5f3aaccf2079943297f048bebfb88a5fe161da0936d9d7c51d0663346f1f5169
60d4189e8ccbe7992c0c6d663d5cadfbf8caf5fb98568c9e36e327b22db7fc70
61b6e23f503ea80b44a911c23999c20c4f0251760532f71aaacd0434a9cd0d80
627317ecf41785ba9d3560bfd58783278e6421583af0474e85afed4305eb9e6f
6491ee287d59d8f3a8cf4e26c7fb796630b3c2b677b31c9a45e1c37210eeacfc
64cd5b1873621cdee9ff3bd2fd3501a65f3828add9296c35421061be4aa56771
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
66fabe32e6ed01b513b036144deb64030efe011452fd5a594418f7656d6728b6
67cf6d4addee322506d47da71849ce86d3bfb651d964efbb2bc7db869302c330
6fce0922ef388ad6f81ae62add760596c852b7c66503f3183cce6943ec5d4f5e
74c366c6a5ad1212d7e2d6b03a28eefe6785051d68a4a7a6479292d936fe56c1
757368f2191d313b7dab2038266416b6a99e1d9beb2a447fa7da8af202faa340
76853f026746ecceadec822b666000ab646ed7876d5caeeed42057fc87e77fa9
76f4a1f026a52bde71098a6454a5b7acbad39472c6461848cb63ddcc5bc2da06
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
78bedd375082bded00712183c8e141c4d65dfcffb8b4bd369e3081e1027a1338
7bd424970ca91ae70b711f67ab3df003a10a3e4bb50523694ba603eb3aab5df4
83ba7707bfe79a63651504c93f7a572d83f1effea66a3e9429a4b10f26c38899
85a4b5a4b5843e3b8c7118a475aca00cc9599c16f06ae039accea083151108e6
892e990ef2bc3b613bfc78ac67541a7b0244d1abd297e55a34b7a6236259eff0
8a90ff4eb4f65c64cac3317d3d77d7c5b05564e56bd380a160937ba7226916e3
8af1f2059400a9e08772404ef23b4d654f6ec6687af17cc42b6a1ed7c9e82eb3
8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b
8b5255e96502b2b45b78b0e006ddd885fbbfdec57eda875d73c57c213ebe031c
8c4eb367086e5f555599ef54c0e862a4f4b13e7bbb6161d859d1bc8a82fa9813
9303433542f941a1079cfcfa4b7bd3206fb3cd45e77440f832075ce63d262bcc
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
96deb8277f5afa58852d89173f3ccefcc4214eae0f2c21799d582d3c1b1f836c
9782bb0ccbb44189a6da17a3eb759df9e068d662f88c98f3c346377bdeec60a1
9a1f5cc6920c3b2a8ada1b5b891ec9875ae294ae392e80a36604ab12608db93c
9e2d8f6fec2b84e6b687c3fb5ba7db8c8a436f680fdaa084aee2d4e3652bb389
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a3279b27d6e37c575299107afe1bc6a5ba3119a5d3acec333bf65277bcc84f
a206cf4701dcbb381b7bf0f1d55a7e37561e0ad9827487368be6e1bbf29a751d
a2b594792aea18d98159418528b9a35456864cf76a4391832001831ed2d10bd5
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
a3a933356456a848235f023afe5c8d92eb8bea368ecb4a7a3f4d0ede524f9dab
a51ddece356862d92f2108fe700302096b256f889ee07a15e7d328a2e285174d
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aa2f7683ab2733c5046f474ecb641f540864ff8facc31962795f93f4604fcfd7
ab970da05ec755e02edc98e80bf13e32559dc4e5f84c99e574c73cc83025bbd0
afd984cad20aeac7b70fce91ad7a83edf099ab7d54c7f1d75fa1c0bd7e1ceb4e
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b1e2e0f47d82b42472882ce20347d73a3a96f9ff608cd3066b634f617dc0bbeb
b2908f766175014953bd1beec53113aec865e70bfe0791bf9491f114390a703d
b2f8be42ddefe4b95abbc2c8d8b42cd10276dd8c77d4c692fd23da32eb6e9902
b3327939cab9bc903f09b47fc1f5ac71f3f92653b033efc8db0d21057aee16cd
b9502a08bba8594094ee3abd206473279c15a7f8282b5eb74d1c349b13e2c7d4
ba5bf3fa263482c7fb5667136879875ef46b6bda007664510797fddc88b1244d
bd6d2a879a0ba0c99773081ba0defb110ec663be8d32d8c9c9d1f1d0880869ff
bdecffc413ed2d3de94c17eee93828292feb1f9ac01c90513583e1ed4b8c60b3
c2294c42a99ae9402581e67fe5c0262d7ebf4cc7f45bfe9fd2f00862e304f4a8
c4ce1a0eb9bac0aa8342c79eb85406443b8eb32db4c4532ec5cfc107f5226b3c
c7472f7ddd48154cafa5966a38a523318a4c9463190594712195bfaba962220a
c7b8cf1004fa798a5c11051d2391dc9e2294bb0d2b4f49c413c27204a3ed10a1
c930796481cff317ed73b38651b91534e5f29eab73a6d1d04349e14c24727a77
c93cd1480f7547eb5f4fba2db592779b9e88f082ee6001dd1fe250bb6d6a63e4
cb73624cbf1b8b7f523220c0dd005072b184bbe6e80148e792c8b9f69dc16360
cf5ccaa71528cd09388f50f702762ed87f06a26f59abe55bdb84fc021d03d87d
d19ed56d63231c3071549c834711444a91f37b044bff88209ae89ded2a1bcaf6
d68731840dbd4fbf50d27da56e9ed498362658db4b73fde5cfdea86de459938e
d787d15d3e723baa0a7493cbb2e220bd72a640111eca49229ab21aa82a3c0fb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47505f3896c47a15a7d79085040ceb297818ed49234e8c54d6746ed728ed564
e5afd531c75a0a2e8347ac7b37183204c1fdb0c223ec6414d7da42f1bd233dca
e7f0b26d4ff0023bc2419013c30d370f1d8428589d68da382a4eb03891afb442
e96e66cb658833ab9d0d9953b84ae629dab879569953299a8b5676764f3cbfd7
e9f203b6e53fbd5d5590adb7f1080e16b5e25e34fbbb6fbc76573995380d4a7a
ec7121b47a89c0f8c46fc497009d41ebd3f25601b5485753d11bc366050a8e0e
ee6184aa8ad5fa680d2808790bb04a001d8369d143b313da43af3794ab7ea3e5
f028d33cd63dd991ff2c511d2d8ad691d1fcf6c1cb32c1311402154219025030
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f3f3622957a14f7add1272678bcfd3e7234aa5677349aabda873a52a90d86024
f5987a5d37b858bf9b90efa49c2f61648297c8d987e6161eee225c2490a56f12
f5ef140c36feb2a6b8fbbc697d730487298a352db07db494b80629381b99bf13
f83b038b5e1ad8e7878294ebefc91ff7775794242bb9490075453b857195c1e0
fa9e566f58e56e54049b59b93c63850b150c3204a1f242a7111da1081af3108d
fbf2169e4bbbd5cef4431207283330be60d16e82cbbbca1b358adab58f42dce6
fc4e14de11834a07a456fe0d9fb8aafa563947eb506bfeff5a5e6549d91948df
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff95341286f50c06b2ec9994420985a3ab40d1b1533093316b9d079086bd2ce8

medium.datadriveninvestor.com Open in urlscan Pro 162.159.152.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

100 %HTTPS

75 %IPv6

6 Domains

10 Subdomains

8 IPs

3 Countries

1649 kBTransfer

3744 kBSize

11 Cookies

84 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

medium.datadriveninvestor.com Open in urlscan Pro
162.159.152.4 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

10
Subdomains

8
IPs

3
Countries

1649 kB
Transfer

3744 kB
Size

11
Cookies

143 HTTP transactions
0 data transactions