urlscan.io logo urlscan.io
SecurityTrails logo

blog.athletica.one Open in urlscan Pro
162.159.152.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blog.athletica.one/
Effective URL: https://blog.athletica.one/?gi=7390c6356392
Submission: On October 10 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 162.159.152.4, located in and belongs to CLOUDFLARENET, US. The main domain is blog.athletica.one.
TLS certificate: Issued by E6 on October 10th 2024. Valid for: 3 months.
This is the only time blog.athletica.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 162.159.152.4 13335 (CLOUDFLAR...)
1 2 2606:4700:7::... 13335 (CLOUDFLAR...)
3 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.138.26.116 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
19 9
9    162.159.152.4 (None, )

ASN13335 (CLOUDFLARENET, US)
blog.athletica.one
cdn-static-1.medium.com
2    2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)
medium.com
glyph.medium.com
3    2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-static-1.medium.com
miro.medium.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    108.138.26.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-116.fra56.r.cloudfront.net
cdn.branch.io
1    2600:9000:2057:b800:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
2    2600:9000:2491:1600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
Apex Domain
Subdomains		 Transfer
7 medium.com
medium.com — Cisco Umbrella Rank: 12033
glyph.medium.com — Cisco Umbrella Rank: 24777
cdn-static-1.medium.com — Cisco Umbrella Rank: 224848
csp.medium.com Failed
miro.medium.com — Cisco Umbrella Rank: 16623
602 KB
7 athletica.one
blog.athletica.one
22 KB
3 branch.io
cdn.branch.io — Cisco Umbrella Rank: 958
api2.branch.io — Cisco Umbrella Rank: 1350
24 KB
1 app.link
app.link — Cisco Umbrella Rank: 2197
632 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
19 6
Domain Requested by
7 blog.athletica.one 2 redirects blog.athletica.one
static.cloudflareinsights.com
4 cdn-static-1.medium.com blog.athletica.one
cdn-static-1.medium.com
2 api2.branch.io cdn.branch.io
1 miro.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io blog.athletica.one
1 static.cloudflareinsights.com blog.athletica.one
1 www.google-analytics.com blog.athletica.one
www.google-analytics.com
1 glyph.medium.com blog.athletica.one
1 medium.com 1 redirects
0 csp.medium.com Failed www.google-analytics.com
19 11

This site contains links to these domains. Also see Links.

Domain
policy.medium.com
medium.com
rsci.app.link
Subject Issuer Validity Valid
blog.athletica.one
E6		 2024-10-10 -
2025-01-08		 3 months crt.sh
medium.com
Cloudflare Inc ECC CA-3		 2024-02-16 -
2024-12-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.branch.io
Amazon RSA 2048 M03		 2024-08-11 -
2025-09-09		 a year crt.sh
appipv4.link
Amazon RSA 2048 M03		 2024-03-25 -
2025-04-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://blog.athletica.one/?gi=7390c6356392
Frame ID: E31C7819AE998E749DC346EFB29BFA08
Requests: 19 HTTP requests in this frame

Frame: https://blog.athletica.one/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 930848CAC8C56A9457D43E44791522C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

athletica

Page URL History Show full URLs

  1. http://blog.athletica.one/ HTTP 307
    https://blog.athletica.one/ HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fblog.athletica.one%2F HTTP 307
    https://blog.athletica.one/?gi=7390c6356392 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

19
Requests

84 %
HTTPS

75 %
IPv6

6
Domains

11
Subdomains

9
IPs

3
Countries

695 kB
Transfer

2717 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blog.athletica.one/ HTTP 307
    https://blog.athletica.one/ HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fblog.athletica.one%2F HTTP 307
    https://blog.athletica.one/?gi=7390c6356392 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://blog.athletica.one/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://blog.athletica.one/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.athletica.one/
Redirect Chain
  • http://blog.athletica.one/
  • https://blog.athletica.one/
  • https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fblog.athletica.one%2F
  • https://blog.athletica.one/?gi=7390c6356392
60 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.athletica.one/?gi=7390c6356392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
5e66825fc3a6f8d0388fe4b2aeb02db5cdb1198ef2774240e394f362a992d889
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.athletica.one https://*.blog.athletica.one https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d03402fbe4e52e2-LHR
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.athletica.one https://*.blog.athletica.one https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type
text/html; charset=utf-8
date
Thu, 10 Oct 2024 02:41:19 GMT
expires
Thu, 09 Sep 1999 09:09:09 GMT
link
<https://medium.com/humans.txt>; rel="humans"
medium-fulfilled-by
edgy/8.8.0, valencia/main-20241009-233003-5bd962093e
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
228
x-frame-options
sameorigin
x-obvious-info
20241007-1709-root,84ef5bd1
x-obvious-tid
1728528079441:ac5ffeffc306
x-powered-by
Medium
x-ua-compatible
IE=edge, Chrome=1
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d03402e9ad293ed-LHR
content-length
0
content-type
text/plain;charset=UTF-8
date
Thu, 10 Oct 2024 02:41:19 GMT
location
https://blog.athletica.one/?gi=7390c6356392
medium-fulfilled-by
edgy/8.8.0, valencia/main-20241009-233003-5bd962093e
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
1
x-content-type-options
nosniff
x-envoy-upstream-service-time
20
m2-unbound-source-serif-pro.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 		56 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound-source-serif-pro.css
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f964a92907f08ce140759b837315622cae07842acb84a1067d99de257174b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

access-control-max-age
86400
content-encoding
gzip
cf-cache-status
HIT
age
2321
access-control-allow-methods
GET, POST, PUT, DELETE
x-content-type-options
nosniff
expires
Thu, 10 Oct 2024 04:41:19 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 02:41:19 GMT
content-type
text/css
vary
Accept-Encoding
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
x-envoy-upstream-service-time
86
access-control-allow-credentials
true
cf-ray
8d034032beb89480-LHR
access-control-allow-origin
*
server
cloudflare
main-branding-base.W9J-2zkF03j8TkriAGn1Tg.12.css
cdn-static-1.medium.com/_/fp/css/ 		466 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-static-1.medium.com/_/fp/css/main-branding-base.W9J-2zkF03j8TkriAGn1Tg.12.css
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e62c50d2b8035449b69fb70640a4609814dff9ecb22c2b75b081f564704762b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"30a758243a2da30a5f5e85bd75b2bef3"
age
390773
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 02:41:19 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 02:41:19 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 17:18:46 GMT
vary
Accept-Encoding
x-amz-id-2
dUuQgfcFDGENlK1ac0eaCmQ173BlCpVHbASsRVYPyFVRsyVyAa0x4hvmd+mhdhhFPnScVcfDC5gc0X4YrYXphm3C2WidGl+9PKF5/K411AY=
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
KSAQK9PSWY5CZWWF
cf-ray
8d034032bc6e4195-LHR
accept-ranges
bytes
content-length
64491
server
cloudflare
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

content-encoding
gzip
age
4504
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 10 Oct 2024 03:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 01:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
main-base.bundle.GMIrFjb3esILVLYnGgU7nQ.12.js
cdn-static-1.medium.com/_/fp/gen-js/ 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.GMIrFjb3esILVLYnGgU7nQ.12.js
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc120e16429e4bb3728ad23a50b8b4fc5db26dd0931c67ddcf86f35d21a12bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"77af66cd774e3b5bc6a3ba451a580d61"
age
205925
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 02:41:19 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 02:41:19 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 17:18:17 GMT
vary
Accept-Encoding
x-amz-id-2
n9Ys/63gGIw7zGMoEOKaAKYz7VYW3bJv2v2B+x6gAglqM9wZytMI6OJLIU+HSMbvgwbx8atZAAaEyzq+ZhB5Z/mh8/odfAt0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
KKWX5A675GCDH7CP
cf-ray
8d0340334cbb4195-LHR
accept-ranges
bytes
content-length
308485
server
cloudflare
x-amz-server-side-encryption
AES256
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://blog.athletica.one
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d034033df0c651f-LHR
access-control-allow-origin
*
date
Thu, 10 Oct 2024 02:41:19 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
stat
blog.athletica.one/_/ 		53 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.athletica.one/_/stat?event=pixel.load&origin=https%3A%2F%2Fblog.athletica.one
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
worker-missing-cookies
0
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
63
x-content-type-options
nosniff
cf-ray
8d0340335ecdbf00-LHR
alt-svc
h3=":443"; ma=86400
content-length
53
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
image/gif
vary
Accept-Encoding
medium-fulfilled-by
edgy/8.8.0, valencia/main-20241009-233003-5bd962093e
server
cloudflare
branch-latest.min.js
cdn.branch.io/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

cache-control
max-age=300
content-encoding
gzip
x-amz-version-id
JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
etag
"f4ec9657a3dc111d088e2eca7b9796a4"
age
186
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
23431
x-amz-cf-id
1RiYdToGB2jv_YPEaREEJF9fNNrIu6xDL03UzJux70Tu5Yr78HrpFA==
date
Thu, 10 Oct 2024 02:38:15 GMT
content-type
text/javascript
last-modified
Wed, 10 Apr 2024 21:44:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ff08f9d04e13cf594c6ef8542bae73498e1ce01b8969c2cd275a72cbe2ff48a

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://blog.athletica.one
Referer

Response headers

Content-Type
font/opentype
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dfde2e1717f35237e54956b340ea30003e76d054d48bee0b149d51e81fc26a3

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://blog.athletica.one
Referer

Response headers

Content-Type
font/opentype
main-common-async.bundle.WDIBosLFHyoMaj67a4dx8w.12.js
cdn-static-1.medium.com/_/fp/gen-js/ 		726 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-common-async.bundle.WDIBosLFHyoMaj67a4dx8w.12.js
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.GMIrFjb3esILVLYnGgU7nQ.12.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf8961cc9fdbdecd0ab38a51881df1f62b9dfe2b4f1e28277ecfa2c61c6a0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"09db8eeb39963675e090729475bc70b8"
age
214801
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 02:41:20 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 14:47:56 GMT
vary
Accept-Encoding
x-amz-id-2
ZADNMnR/UWbofMN8LfFFSAA8lE9lThaZ2X1IZrVqtPHKd0+/7+FM+dsgraq99DmL0tENz5D6VpkXOmGefOXRf6K2rT4jf/xV
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
7X4CVT8TG0PR8FTN
cf-ray
8d0340348a9388b5-LHR
accept-ranges
bytes
content-length
203257
server
cloudflare
x-amz-server-side-encryption
AES256
main.js
blog.athletica.one/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 9308
Redirect Chain
  • https://blog.athletica.one/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://blog.athletica.one/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.athletica.one/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/?gi=7390c6356392
Protocol
H3
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2be6299d244dcdd778ab3c3c324dc9c19f0c9dec4c247df3d9a2d267d8c27ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8d034034df6abf00-LHR
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
x-content-type-options
nosniff
cf-ray
8d0340349f42bf00-LHR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 10 Oct 2024 02:41:20 GMT
vary
Accept-Encoding
server
cloudflare
/
csp.medium.com/ 		0
0
collect
www.google-analytics.com/j/ 		0
0
_r
app.link/ 		91 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b800:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
00039b3f01ba02ad567c77b8523f6d05b1f7fc5cc2654ecb34c399c987e8f696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"5b-rCzIABV8b5JgsMKjojxIlcj8ghs"
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-content-type-options
nosniff
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
91
x-amz-cf-id
a3e9pPwk-JQ2HieM22MN2WBob91Vlgi_p5zwUQxdV6VfbDbijAqWRg==
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
text/javascript; charset=utf-8
x-amz-cf-pop
FRA6-C1
server
openresty
8d03402fbe4e52e2
blog.athletica.one/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9308 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.athletica.one/cdn-cgi/challenge-platform/h/b/jsd/r/8d03402fbe4e52e2
Requested by
Host: blog.athletica.one
URL: https://blog.athletica.one/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-ray
8d034035cfd1bf00-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
main-home-screens.bundle.Vkq-SroEcI_4kKKIgIYteg.12.js
cdn-static-1.medium.com/_/fp/gen-js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-home-screens.bundle.Vkq-SroEcI_4kKKIgIYteg.12.js
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.GMIrFjb3esILVLYnGgU7nQ.12.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b391d32b2696c9b73ed0c685ba7f1a7536468843299dd3bd94e2c929aa12ebe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/?gi=7390c6356392

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"59621c28514c7eee9984bfcf159c1189"
age
214730
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 02:41:20 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 14:47:55 GMT
vary
Accept-Encoding
x-amz-id-2
LxPrGCXaoB1x4mKgn5m0M/2nAVLyN4XT8Tb16rZvbhctWYeLR9svYGR8n6f17sSu+Woi6v4mrJE=
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-amz-request-id
8N821WY5EEZTE32J
cf-ray
8d034035eb1388b5-LHR
accept-ranges
bytes
content-length
1612
server
cloudflare
x-amz-server-side-encryption
AES256
open
api2.branch.io/v1/ 		316 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
de2b9ddc90af774b995c8327ea7326c9d677b2c36c0c6ebe2a5fa0e1836d2f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/x-www-form-urlencoded
Referer
https://blog.athletica.one/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
bE_lSfgIttjm835g6CCfnoubPIUFL800tFJZXvo2sMxTPlsihrCzUg==
cache-control
no-cache
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
316
x-branch-request-id
d4407954-35d7-41ec-bfa7-7b29067a3e80-2024101002
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7
rum
blog.athletica.one/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.athletica.one/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
application/json
Referer
https://blog.athletica.one/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d034036a842bf00-LHR
access-control-allow-origin
https://blog.athletica.one
date
Thu, 10 Oct 2024 02:41:20 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19
miro.medium.com/v2/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://miro.medium.com/v2/5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9411b4c73533eca5265a7da90e4e6fcb7352082368b11f0470d1f2a43ca4904
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://blog.athletica.one/

Response headers

x-request-id
bcf4c3e7-cb19-4437-b754-9faf72a4a817
cf-cache-status
HIT
etag
"yj0WO6sFU4GCciYUBWjzvvfqrBh869doeOC2Pp5EI1Y/RIjI2M2E1NThhOTdjN2U0YzEwNjFlZGI0NjBjODU4Mjk0Ig"
age
138789
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 02:41:20 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
image/png
content-disposition
inline; filename="5d8de952517e8160e40ef9841c781cdc14a5db313057fa3c3de41c6f5b494b19.png"
medium-fulfilled-by
miro-v2/main-20240812-083818-ec1c34aaf4
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
109
cf-ray
8d034036be824195-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1037
server
cloudflare
pageview
api2.branch.io/v1/ 		28 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/x-www-form-urlencoded
Referer
https://blog.athletica.one/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
28
x-amz-cf-id
KQx9PoNRKWnNk7MsIX46T7SsxIP0iyF-QtVj98xtWNAJKZfH7C3EXw==
date
Thu, 10 Oct 2024 02:41:20 GMT
content-type
application/json; charset=utf-8
x-powered-by
Branch
x-amz-cf-pop
FRA56-P7

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.medium.com
URL
https://csp.medium.com/
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1861154212&t=pageview&_s=1&dl=https%3A%2F%2Fblog.athletica.one%2F%3Fgi%3D7390c6356392&ul=en-gb&de=UTF-8&dt=athletica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=582244943&gjid=1209399816&cid=1403001790.1728528080&tid=G-7JY7T788PK&_gid=1865444872.1728528080&_r=1&_slc=1&z=1148564234

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| perfMetrics number| OB_startTime object| OB_loadErrors function| _onerror function| _asyncScript function| _asyncStyles function| ga function| obvInit object| GLOBALS object| branch object| _mdm object| PLOVR_MODULE_INFO object| PLOVR_MODULE_URIS function| _resizeIframe object| __obv object| __cfBeacon object| google_tag_data object| gaplugins object| gaGlobal object| gaData

14 Cookies

Domain/Path Name / Value
.blog.athletica.one/ Name: _cfuvid
Value: HRIX25rTK9hBE_vLy6_5MSG6olaizD7evm52ZPCmdi8-1728528079015-0.0.1.1-604800000
.medium.com/ Name: uid
Value: lo_1f1464b932df
.medium.com/ Name: sid
Value: 1:NUPb25NS9oxXFa7U6SkG6o8jwnXcuT3C78/ifwNGKmWZ3kqQ8z/tP0QVaIqb7UgC
blog.athletica.one/ Name: uid
Value: lo_1f1464b932df
blog.athletica.one/ Name: sid
Value: 1:DBG4u+VbrzSqtdjQwodzwx02Xa+NScicS+x/g5Y1R4IXl4jabSTV8I90vzGsaF2I
blog.athletica.one/ Name: sz
Value: 1600
blog.athletica.one/ Name: pr
Value: 1
blog.athletica.one/ Name: tz
Value: -60
.athletica.one/ Name: _ga
Value: GA1.2.1403001790.1728528080
.athletica.one/ Name: _gid
Value: GA1.2.1865444872.1728528080
.athletica.one/ Name: _gat
Value: 1
.blog.athletica.one/ Name: cf_clearance
Value: vZZsif0IkOYGl6ueHEzrllUgeEaRBo13pwTCPAAhLTE-1728528080-1.2.1.1-GBckE7QaeYiZe4DD5eh6Wj3604A2xgvM83Sd0lOOpO8yFqm_DuhKp9_3P8gWMP6siEG7alkNUsiuLOe2WlRPjJhL0VTRdHfJOKSZivlTLARBOVW3j5MKaAGA3GA8rsm7OC0KhHXtpKijo_J8IddVJv6VNBl1jRmYbOmPWLepkiW0H.hAJ1GrDvA5HLmYn.sbs4OS.PZyodiohGCSUgryjKswTD7PctaZivrKqIXBIGs_25cFaopV6HW7ppt0faGOPgYgt9ImZasHAeed8yWhudzNo_ABOmumr.os.wIWkQKzRGpm6bHOMPrx.P82gBWMAJvqB83Agf7fJC2c0HxzPevd116fPEVHuLZkrrcnqkSj.4vglnvtC7rHqSd2H_cqMmPri5MD7pDPRIPiL_CtNA
.app.link/ Name: _s
Value: KXvUnz8ULFkeB8XDb4N4qj86k9Ofw43kVXyPUpMf%2FeEiJi4AS7jFQwxTN141fI1f
.medium.com/ Name: _cfuvid
Value: pWDHazUHvfnlAc1c1wkfs6nTndxxexYwROOKjUg4z8c-1728528080448-0.0.1.1-604800000

7 Console Messages

Source Level URL
Text
security error URL: https://blog.athletica.one/?gi=7390c6356392
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://${LIGHTSTEP_HOST}'. It will be ignored.
security warning URL: https://blog.athletica.one/?gi=7390c6356392
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security error URL: https://blog.athletica.one/?gi=7390c6356392(Line 171)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://${LIGHTSTEP_HOST}'. It will be ignored.
security error URL: https://blog.athletica.one/?gi=7390c6356392(Line 171)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://${LIGHTSTEP_HOST}'. It will be ignored.
security error URL: https://www.google-analytics.com/analytics.js(Line 35)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1861154212&t=pageview&_s=1&dl=https%3A%2F%2Fblog.athletica.one%2F%3Fgi%3D7390c6356392&ul=en-gb&de=UTF-8&dt=athletica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=582244943&gjid=1209399816&cid=1403001790.1728528080&tid=G-7JY7T788PK&_gid=1865444872.1728528080&_r=1&_slc=1&z=1148564234' because it violates the following Content Security Policy directive: "connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.athletica.one https://*.blog.athletica.one https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'".
security error URL: https://blog.athletica.one/cdn-cgi/challenge-platform/scripts/jsd/main.js
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://${LIGHTSTEP_HOST}'. It will be ignored.
security error URL: https://blog.athletica.one/cdn-cgi/challenge-platform/scripts/jsd/main.js
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://${LIGHTSTEP_HOST}'. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://blog.athletica.one https://*.blog.athletica.one https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://${LIGHTSTEP_HOST} https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://glyph-sandbox.medium.sh https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
blog.athletica.one
cdn-static-1.medium.com
cdn.branch.io
csp.medium.com
glyph.medium.com
medium.com
miro.medium.com
static.cloudflareinsights.com
www.google-analytics.com
csp.medium.com
www.google-analytics.com
108.138.26.116
162.159.152.4
2600:9000:2057:b800:19:9934:6a80:93a1
2600:9000:2491:1600:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6810:5049
2a00:1450:4001:827::200e
00039b3f01ba02ad567c77b8523f6d05b1f7fc5cc2654ecb34c399c987e8f696
0e62c50d2b8035449b69fb70640a4609814dff9ecb22c2b75b081f564704762b
2ff08f9d04e13cf594c6ef8542bae73498e1ce01b8969c2cd275a72cbe2ff48a
5e66825fc3a6f8d0388fe4b2aeb02db5cdb1198ef2774240e394f362a992d889
67f964a92907f08ce140759b837315622cae07842acb84a1067d99de257174b5
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9dfde2e1717f35237e54956b340ea30003e76d054d48bee0b149d51e81fc26a3
a2be6299d244dcdd778ab3c3c324dc9c19f0c9dec4c247df3d9a2d267d8c27ab
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b391d32b2696c9b73ed0c685ba7f1a7536468843299dd3bd94e2c929aa12ebe3
bc120e16429e4bb3728ad23a50b8b4fc5db26dd0931c67ddcf86f35d21a12bec
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
de2b9ddc90af774b995c8327ea7326c9d677b2c36c0c6ebe2a5fa0e1836d2f6b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9411b4c73533eca5265a7da90e4e6fcb7352082368b11f0470d1f2a43ca4904
fcf8961cc9fdbdecd0ab38a51881df1f62b9dfe2b4f1e28277ecfa2c61c6a0c5